Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oJGo5aILKhZ5CHBQedkJlGniSn8.roa
File: oJGo5aILKhZ5CHBQedkJlGniSn8.roa (raw, json)
Hash identifier: HG/XE0t3YN4E90jq8gy21PSWJdKOWdpsQmcF7scsf44=
Subject key identifier: A0:91:A8:E5:A2:0B:2A:16:79:08:70:50:79:D9:09:94:69:E2:4A:7F
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01872980F2F49AEF3E3149FF9A810AF7A903
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oJGo5aILKhZ5CHBQedkJlGniSn8.roa
Signing time: Tue 28 Mar 2023 18:35:29 +0000
ROA not before: Tue 28 Mar 2023 18:35:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211439
IP address blocks: 213.32.250.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:29:80:f2:f4:9a:ef:3e:31:49:ff:9a:81:0a:f7:a9:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 28 18:35:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a091a8e5a20b2a167908705079d9099469e24a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:51:9b:76:86:9d:c1:f6:cb:24:41:58:27:c7:
a2:4f:65:ba:5b:b8:2c:bd:92:5b:75:8e:a7:f6:1e:
54:e6:89:09:d2:97:8c:55:f0:b8:8b:26:ad:59:79:
1d:b5:7f:4c:8d:95:2e:58:78:63:db:1d:34:c3:87:
86:62:82:3c:2c:d0:a3:d9:3e:0f:9d:82:9f:58:1f:
ad:cc:dd:35:da:ac:5d:00:ce:eb:6b:b3:4b:f4:3a:
ec:5a:28:62:9d:1f:2c:7b:eb:f0:21:a7:98:fb:74:
bf:9d:49:e5:47:af:3d:28:1f:75:e0:38:b8:44:a6:
d2:5e:33:ea:7b:83:39:47:c2:70:36:76:92:84:96:
e1:68:d0:74:87:35:52:24:56:24:1c:9d:5e:eb:08:
b3:c5:c0:2b:77:41:7f:d1:cf:09:86:4a:52:71:69:
fe:e1:df:c9:9b:3c:f8:e4:75:e0:e3:59:2e:52:88:
f3:aa:07:f6:54:7c:ae:0e:4b:19:3e:8a:0c:31:53:
75:5c:17:41:43:46:0e:72:eb:90:5b:46:6e:92:6a:
a9:cb:0e:75:eb:e1:26:15:f6:ec:da:38:0d:a6:e0:
97:c5:30:5b:09:b8:e3:4b:b9:be:74:6d:93:28:44:
19:73:11:18:e8:73:9a:e7:77:7d:a6:e4:29:b7:26:
d6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:91:A8:E5:A2:0B:2A:16:79:08:70:50:79:D9:09:94:69:E2:4A:7F
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/oJGo5aILKhZ5CHBQedkJlGniSn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.32.250.0/24
Signature Algorithm: sha256WithRSAEncryption
68:37:05:17:55:37:30:00:30:8a:cf:0a:f0:39:cb:3c:52:f5:
5c:52:be:a3:bb:aa:ed:95:86:60:fe:33:93:88:e9:97:63:0c:
8a:37:2c:c5:00:51:01:08:ef:67:48:e6:92:39:a2:38:e7:06:
dc:21:19:a5:d7:12:69:0d:f2:0b:50:5f:91:a6:e9:3e:09:57:
bd:87:46:3c:78:57:67:eb:de:77:8d:20:1b:95:3e:0c:e1:37:
78:64:11:94:1d:56:4d:43:eb:44:f6:59:a5:69:d0:dd:e7:5b:
28:ad:0a:4a:54:9a:21:3e:b7:2d:47:dc:c2:f1:93:f7:5d:3e:
f7:07:43:3d:a6:67:f2:f4:48:d6:70:3b:3a:1e:71:56:7c:be:
dc:d8:e9:6a:19:7f:a9:43:33:e8:09:c2:bf:c9:04:58:30:fd:
d6:0e:a5:78:d5:ae:24:9a:19:de:c4:c9:5b:33:2f:7c:cb:b1:
4a:ad:21:23:25:6e:cf:c0:67:05:34:5a:7a:e0:7b:6d:09:9b:
6c:3c:da:44:fa:6f:36:6a:bc:c0:fd:9b:cc:5b:00:28:bc:16:
b5:a6:ac:74:65:f9:4a:21:80:08:09:6d:ce:34:b9:52:81:47:
e6:01:61:4e:8a:5e:76:d9:54:fe:e9:58:72:29:7f:73:60:2c:
05:9a:aa:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcpgPL0mu8+MUn/moEK96kDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzI4MTgzNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDkxYThlNWEyMGIyYTE2NzkwODcwNTA3OWQ5MDk5NDY5ZTI0YTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFGbdoadwfbLJEFYJ8eiT2W6W7gs
vZJbdY6n9h5U5okJ0peMVfC4iyatWXkdtX9MjZUuWHhj2x00w4eGYoI8LNCj2T4P
nYKfWB+tzN012qxdAM7ra7NL9DrsWihinR8se+vwIaeY+3S/nUnlR689KB914Di4
RKbSXjPqe4M5R8JwNnaShJbhaNB0hzVSJFYkHJ1e6wizxcArd0F/0c8JhkpScWn+
4d/Jmzz45HXg41kuUojzqgf2VHyuDksZPooMMVN1XBdBQ0YOcuuQW0Zukmqpyw51
6+EmFfbs2jgNpuCXxTBbCbjjS7m+dG2TKEQZcxEY6HOa53d9puQptybWHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKCRqOWiCyoWeQhwUHnZCZRp4kp/MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvb0pHbzVhSUxLaFo1Q0hCUWVka0psR25pU244LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1SD6MA0G
CSqGSIb3DQEBCwUAA4IBAQBoNwUXVTcwADCKzwrwOcs8UvVcUr6ju6rtlYZg/jOT
iOmXYwyKNyzFAFEBCO9nSOaSOaI45wbcIRml1xJpDfILUF+Rpuk+CVe9h0Y8eFdn
6953jSAblT4M4Td4ZBGUHVZNQ+tE9lmladDd51sorQpKVJohPrctR9zC8ZP3XT73
B0M9pmfy9EjWcDs6HnFWfL7c2OlqGX+pQzPoCcK/yQRYMP3WDqV41a4kmhnexMlb
My98y7FKrSEjJW7PwGcFNFp64HttCZtsPNpE+m82arzA/ZvMWwAovBa1pqx0ZflK
IYAICW3ONLlSgUfmAWFOil522VT+6VhyKX9zYCwFmqoo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:13 2024 by rpki-client on console-ams.rpki-client.org