Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/OOK_b9A7txerulsF6HF1EwDOAV8.roa
File: OOK_b9A7txerulsF6HF1EwDOAV8.roa (raw, json)
Hash identifier: /nOXOl3nxdFcq+pC2b8hk2J+bEw36qYPra/OIG5oeXc=
Subject key identifier: 38:E2:BF:6F:D0:3B:B7:17:AB:BA:5B:05:E8:71:75:13:00:CE:01:5F
Certificate issuer: /CN=73dfeea9c7de246e6d7d1a507406285b226f9286
Certificate serial: 01856D8AF31826137899E4B9BAAD3C239D2D
Authority key identifier: 73:DF:EE:A9:C7:DE:24:6E:6D:7D:1A:50:74:06:28:5B:22:6F:92:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c9_uqcfeJG5tfRpQdAYoWyJvkoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/OOK_b9A7txerulsF6HF1EwDOAV8.roa
Signing time: Sun 01 Jan 2023 13:35:00 +0000
ROA not before: Sun 01 Jan 2023 13:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200787
IP address blocks: 193.57.47.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:f3:18:26:13:78:99:e4:b9:ba:ad:3c:23:9d:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73dfeea9c7de246e6d7d1a507406285b226f9286
Validity
Not Before: Jan 1 13:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38e2bf6fd03bb717abba5b05e871751300ce015f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fc:3f:ac:ae:ce:68:94:2e:99:8d:d7:4b:8f:
a1:36:3d:82:c8:fd:92:57:a4:b0:68:80:c8:49:3f:
10:80:5f:1f:8a:2f:14:42:ad:2e:82:76:53:af:dd:
c8:ac:cf:94:c2:2a:f3:d3:0e:9e:62:94:4e:5c:8c:
33:17:f5:69:d1:3a:b1:e2:ed:0f:8a:62:b0:cc:d2:
78:86:9e:19:ca:34:78:1a:d5:98:d5:f1:5a:49:e9:
52:d3:40:f7:05:4c:c5:25:37:58:05:d8:49:97:9f:
bc:43:05:9e:86:91:7e:59:b8:7d:70:bf:3c:a8:ec:
ae:68:14:74:5e:d1:d7:f5:2e:2f:09:4c:53:2c:07:
2a:41:20:54:2b:e7:0b:c0:89:7a:5a:5d:a9:8b:3d:
dc:e5:0d:f4:51:cb:40:83:70:c1:05:95:34:dc:34:
23:f5:42:81:e0:6f:0d:ae:ea:57:8d:8b:3c:26:9f:
80:7c:fe:75:21:e9:18:12:aa:b1:49:e5:92:9c:f1:
4f:e6:d6:28:4e:1f:18:7a:65:41:43:a3:8a:93:4a:
fe:21:92:7e:76:9f:e2:01:77:de:fb:46:d8:65:a7:
61:ec:43:e1:25:3e:2c:aa:86:36:4a:3f:5d:39:6d:
53:54:d2:ad:10:4f:22:63:6a:67:a0:36:de:81:fb:
57:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E2:BF:6F:D0:3B:B7:17:AB:BA:5B:05:E8:71:75:13:00:CE:01:5F
X509v3 Authority Key Identifier:
keyid:73:DF:EE:A9:C7:DE:24:6E:6D:7D:1A:50:74:06:28:5B:22:6F:92:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9_uqcfeJG5tfRpQdAYoWyJvkoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/OOK_b9A7txerulsF6HF1EwDOAV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/c9_uqcfeJG5tfRpQdAYoWyJvkoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.47.0/24
Signature Algorithm: sha256WithRSAEncryption
70:c2:97:3c:d7:cc:26:27:b0:a3:40:d0:02:e9:68:75:4e:13:
db:20:d8:3e:d1:6e:97:b8:8b:75:1a:b2:ee:a9:f4:c8:a0:8b:
3b:ce:2f:af:d3:38:b9:34:5e:6d:93:7c:3a:d7:59:a6:65:d3:
c2:e0:21:63:7d:5f:50:e0:f5:52:07:49:da:c5:3c:45:a3:1f:
4b:a8:53:6c:d6:19:4b:e4:b6:d7:0d:72:28:bb:d3:95:af:db:
0f:ea:2a:1f:51:71:34:55:54:3a:da:68:c7:84:96:11:2c:a0:
3d:2c:16:44:62:28:cd:54:2d:7b:80:e3:e3:fc:b9:e3:d2:87:
84:b0:3a:45:f4:75:e4:17:63:a5:ec:e5:e8:3c:37:a4:3b:f0:
5b:f7:f3:c6:95:c3:44:f4:22:f7:dc:6f:d5:42:a9:7f:fb:02:
43:68:53:1f:b5:a9:c1:cf:ae:93:76:30:2b:f6:fd:40:b7:2d:
33:20:02:78:96:1b:77:13:96:21:bc:19:3e:c2:9d:04:8b:73:
68:64:98:2e:de:7d:a1:3f:6e:c6:ec:7c:3e:b0:80:84:20:e3:
96:63:c4:7d:5f:5b:21:da:ed:6d:ff:30:ae:82:49:d0:df:76:
6e:f3:10:b3:9b:81:f0:91:24:0b:11:cb:17:80:06:ef:d0:74:
27:a2:53:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtivMYJhN4meS5uq08I50tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZGZlZWE5YzdkZTI0NmU2ZDdkMWE1MDc0MDYyODViMjI2
ZjkyODYwHhcNMjMwMTAxMTMzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGUyYmY2ZmQwM2JiNzE3YWJiYTViMDVlODcxNzUxMzAwY2UwMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/w/rK7OaJQumY3XS4+hNj2CyP2S
V6SwaIDIST8QgF8fii8UQq0ugnZTr93IrM+Uwirz0w6eYpROXIwzF/Vp0Tqx4u0P
imKwzNJ4hp4ZyjR4GtWY1fFaSelS00D3BUzFJTdYBdhJl5+8QwWehpF+Wbh9cL88
qOyuaBR0XtHX9S4vCUxTLAcqQSBUK+cLwIl6Wl2piz3c5Q30UctAg3DBBZU03DQj
9UKB4G8NrupXjYs8Jp+AfP51IekYEqqxSeWSnPFP5tYoTh8YemVBQ6OKk0r+IZJ+
dp/iAXfe+0bYZadh7EPhJT4sqoY2Sj9dOW1TVNKtEE8iY2pnoDbegftXkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjiv2/QO7cXq7pbBehxdRMAzgFfMB8GA1UdIwQY
MBaAFHPf7qnH3iRubX0aUHQGKFsib5KGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzlfdXFjZmVKRzV0ZlJwUWRBWW9XeUp2a29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS85YzBhN2UtOTk2My00YzBkLTk0YWMt
NDQ2ZDBhN2U5NDA0LzEvT09LX2I5QTd0eGVydWxzRjZIRjFFd0RPQVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS85YzBhN2UtOTk2My00YzBkLTk0YWMtNDQ2ZDBhN2U5NDA0
LzEvYzlfdXFjZmVKRzV0ZlJwUWRBWW9XeUp2a29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTkvMA0G
CSqGSIb3DQEBCwUAA4IBAQBwwpc818wmJ7CjQNAC6Wh1ThPbINg+0W6XuIt1GrLu
qfTIoIs7zi+v0zi5NF5tk3w611mmZdPC4CFjfV9Q4PVSB0naxTxFox9LqFNs1hlL
5LbXDXIou9OVr9sP6iofUXE0VVQ62mjHhJYRLKA9LBZEYijNVC17gOPj/Lnj0oeE
sDpF9HXkF2Ol7OXoPDekO/Bb9/PGlcNE9CL33G/VQql/+wJDaFMftanBz66TdjAr
9v1Aty0zIAJ4lht3E5YhvBk+wp0Ei3NoZJgu3n2hP27G7Hw+sICEIOOWY8R9X1sh
2u1t/zCugknQ33Zu8xCzm4HwkSQLEcsXgAbv0HQnolOe
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:13 2023 by rpki-client on console-ams.rpki-client.org