Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/NOwWSYoyjb-TwOsrvF5mqx_Gr7o.roa
File: NOwWSYoyjb-TwOsrvF5mqx_Gr7o.roa (raw, json)
Hash identifier: BXVuRIPIFn7zQreroWGcv735Dh54i2vWdrnAkUVZ2ok=
Subject key identifier: 34:EC:16:49:8A:32:8D:BF:93:C0:EB:2B:BC:5E:66:AB:1F:C6:AF:BA
Certificate issuer: /CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Certificate serial: 02B1B259
Authority key identifier: C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/NOwWSYoyjb-TwOsrvF5mqx_Gr7o.roa
Signing time: Tue 26 Apr 2022 10:38:57 +0000
ROA not before: Tue 26 Apr 2022 10:38:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42997
IP address blocks: 86.106.173.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45199961 (0x2b1b259)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c04db7623241d7e6678fc25751fa4e0b6665186b
Validity
Not Before: Apr 26 10:38:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34ec16498a328dbf93c0eb2bbc5e66ab1fc6afba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:5d:58:30:01:1c:d5:54:a7:11:23:e2:11:c9:
7f:8b:0e:a5:f2:8d:40:8e:c0:cb:51:55:00:c3:a4:
c3:75:39:c6:ee:91:da:f0:b6:00:b0:15:62:56:c8:
0c:58:90:32:02:5f:60:b4:3e:46:6a:e1:ec:ba:fe:
75:87:4c:f5:ce:eb:6f:32:6e:0b:39:ba:97:a4:94:
7b:b3:aa:4c:a6:3c:02:dd:4f:4a:56:04:9e:35:29:
b9:3f:d5:0e:61:88:a1:aa:e3:76:fb:43:d7:9e:ec:
c6:87:58:10:ae:53:95:6b:b2:21:35:1e:0f:0d:76:
5e:c9:ec:71:1a:72:22:aa:88:2b:32:8f:d4:e1:f8:
69:77:bf:f6:f7:75:2d:9c:6e:ba:18:c0:ae:58:24:
0b:1d:d1:65:ec:6f:36:cd:2e:f2:e0:21:27:e1:61:
dd:bb:72:29:9f:80:b7:81:4c:49:40:85:d1:18:38:
7d:9d:e3:2d:11:1c:3f:a8:79:fc:ff:65:f5:a3:ad:
95:b2:8b:b5:50:8b:1c:35:91:6e:29:af:99:c2:bf:
67:f5:6c:2c:56:f0:bb:08:45:33:f6:c3:59:66:f1:
23:c2:4d:2a:27:94:af:67:6d:12:ea:71:c6:86:6c:
18:51:25:40:59:00:b9:6f:9f:30:3a:dd:ec:e7:b3:
f3:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:EC:16:49:8A:32:8D:BF:93:C0:EB:2B:BC:5E:66:AB:1F:C6:AF:BA
X509v3 Authority Key Identifier:
keyid:C0:4D:B7:62:32:41:D7:E6:67:8F:C2:57:51:FA:4E:0B:66:65:18:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wE23YjJB1-Znj8JXUfpOC2ZlGGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/NOwWSYoyjb-TwOsrvF5mqx_Gr7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6e874e-73fe-4dbb-b74c-0423f263f2cb/1/wE23YjJB1-Znj8JXUfpOC2ZlGGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.173.0/24
Signature Algorithm: sha256WithRSAEncryption
06:97:a6:8b:de:dd:52:00:df:53:b8:40:50:58:c7:57:63:81:
d4:19:81:9d:88:e0:23:81:be:c2:e6:7e:37:d6:ea:7b:73:bd:
9f:b2:b9:d0:6c:20:a8:30:64:bf:f6:c1:16:cf:57:82:9e:4c:
15:aa:ba:a4:57:76:61:1d:f4:67:f5:14:e2:1c:54:3a:e8:03:
c5:78:54:8e:85:dd:a2:de:ed:18:87:d3:af:2e:11:34:0f:bb:
17:18:40:21:c4:76:f6:23:43:3d:10:b9:3e:65:ea:31:4f:5f:
f8:b7:38:83:76:9d:8a:35:76:8b:18:83:32:b9:1f:86:8b:1a:
d9:bf:7b:fd:3c:c1:63:62:d2:ec:58:84:e7:e5:4e:3c:2c:56:
f2:24:84:66:74:38:73:3c:00:40:0d:c0:36:45:4d:2a:29:c8:
97:fd:06:0a:c4:6d:81:b8:9e:27:78:fc:11:a1:0f:b5:b9:c2:
d0:10:87:aa:76:2e:87:67:aa:ff:33:01:5a:80:03:a5:68:10:
4a:6a:cf:01:5f:4a:31:37:08:5c:91:5d:82:9c:63:59:00:5c:
27:6a:6f:7e:28:f6:2b:30:3f:4a:e6:62:2d:79:77:76:be:e3:
4d:43:ed:95:3b:fc:3a:af:bd:6e:5b:cd:67:f1:ab:e5:c0:f3:
89:37:bd:a3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEArGyWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MDRkYjc2MjMyNDFkN2U2Njc4ZmMyNTc1MWZhNGUwYjY2NjUxODZiMB4XDTIyMDQy
NjEwMzg1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzRlYzE2NDk4YTMy
OGRiZjkzYzBlYjJiYmM1ZTY2YWIxZmM2YWZiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJVdWDABHNVUpxEj4hHJf4sOpfKNQI7Ay1FVAMOkw3U5xu6R
2vC2ALAVYlbIDFiQMgJfYLQ+Rmrh7Lr+dYdM9c7rbzJuCzm6l6SUe7OqTKY8At1P
SlYEnjUpuT/VDmGIoarjdvtD157sxodYEK5TlWuyITUeDw12XsnscRpyIqqIKzKP
1OH4aXe/9vd1LZxuuhjArlgkCx3RZexvNs0u8uAhJ+Fh3btyKZ+At4FMSUCF0Rg4
fZ3jLREcP6h5/P9l9aOtlbKLtVCLHDWRbimvmcK/Z/VsLFbwuwhFM/bDWWbxI8JN
KieUr2dtEupxxoZsGFElQFkAuW+fMDrd7Oez88MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ07BZJijKNv5PA6yu8XmarH8avujAfBgNVHSMEGDAWgBTATbdiMkHX5meP
wldR+k4LZmUYazAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dFMjNZakpCMS1abmo4SlhVZnBPQzJabEdHcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvNmU4NzRlLTczZmUtNGRiYi1iNzRjLTA0MjNmMjYzZjJjYi8x
L05Pd1dTWW95amItVHdPc3J2RjVtcXhfR3I3by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
NmU4NzRlLTczZmUtNGRiYi1iNzRjLTA0MjNmMjYzZjJjYi8xL3dFMjNZakpCMS1a
bmo4SlhVZnBPQzJabEdHcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFZqrTANBgkqhkiG9w0BAQsFAAOC
AQEABpemi97dUgDfU7hAUFjHV2OB1BmBnYjgI4G+wuZ+N9bqe3O9n7K50GwgqDBk
v/bBFs9Xgp5MFaq6pFd2YR30Z/UU4hxUOugDxXhUjoXdot7tGIfTry4RNA+7FxhA
IcR29iNDPRC5PmXqMU9f+Lc4g3adijV2ixiDMrkfhosa2b97/TzBY2LS7FiE5+VO
PCxW8iSEZnQ4czwAQA3ANkVNKinIl/0GCsRtgbieJ3j8EaEPtbnC0BCHqnYuh2eq
/zMBWoADpWgQSmrPAV9KMTcIXJFdgpxjWQBcJ2pvfij2KzA/SuZiLXl3dr7jTUPt
lTv8Oq+9blvNZ/Gr5cDziTe9ow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:59 2024 by rpki-client on console-ams.rpki-client.org