Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/oivP_P9C8xgHR23yBceMBRyXP6o.roa
File: oivP_P9C8xgHR23yBceMBRyXP6o.roa (raw, json)
Hash identifier: DylBoaP4Bm91cYEMzj//pscctEGqMFfrR/wLp60YQCg=
Subject key identifier: A2:2B:CF:FC:FF:42:F3:18:07:47:6D:F2:05:C7:8C:05:1C:97:3F:AA
Certificate issuer: /CN=bb8321c05d501edb499190c0c4a3089d246c5b76
Certificate serial: 01882388D3D3A28D0A968CFC1FDD681D9450
Authority key identifier: BB:83:21:C0:5D:50:1E:DB:49:91:90:C0:C4:A3:08:9D:24:6C:5B:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MhwF1QHttJkZDAxKMInSRsW3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/oivP_P9C8xgHR23yBceMBRyXP6o.roa
Signing time: Tue 16 May 2023 07:49:09 +0000
ROA not before: Tue 16 May 2023 07:49:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 37.44.215.0/24 maxlen: 24
85.208.8.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:23:88:d3:d3:a2:8d:0a:96:8c:fc:1f:dd:68:1d:94:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb8321c05d501edb499190c0c4a3089d246c5b76
Validity
Not Before: May 16 07:49:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a22bcffcff42f31807476df205c78c051c973faa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:62:25:44:03:21:0d:2a:42:56:45:b1:71:f6:
93:12:e1:56:33:73:c2:03:d2:d2:42:07:49:8d:fb:
9e:16:7f:59:22:24:40:59:a3:3e:08:fd:7c:c8:e0:
f1:00:34:21:cf:ad:a1:c0:01:be:ec:94:57:f2:ae:
40:f0:a0:1a:7d:fe:40:f6:02:ac:b0:30:06:3d:e9:
aa:bd:8d:c6:38:7f:46:27:e3:aa:76:25:4c:21:56:
b4:b4:23:60:15:98:12:a6:ae:d7:ea:21:ec:c1:2f:
e4:ed:d5:93:18:4b:7e:f6:68:33:a4:0a:c0:43:59:
e2:78:f3:e8:5f:4f:59:b7:43:56:35:fe:bc:9f:67:
2d:00:01:5c:2f:9f:78:6c:78:01:d3:bf:bf:d7:b1:
54:3f:f8:74:e9:97:95:b9:b9:a5:f9:53:02:6b:a5:
b3:bc:95:fd:75:7e:12:11:18:17:4e:a3:fe:6e:b3:
9d:b5:99:16:d9:8e:92:77:ae:52:ce:26:c6:b9:a8:
40:4e:c4:f1:fb:c2:eb:36:c4:57:87:42:fe:a1:b6:
45:21:62:69:9f:e4:0a:6d:af:79:3f:02:f8:a8:c2:
88:6e:37:5e:e3:5b:f2:56:5a:cd:c5:96:bb:42:b5:
d0:7e:b1:ce:5e:f7:2c:c4:90:e2:48:c7:a1:40:42:
2e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:2B:CF:FC:FF:42:F3:18:07:47:6D:F2:05:C7:8C:05:1C:97:3F:AA
X509v3 Authority Key Identifier:
keyid:BB:83:21:C0:5D:50:1E:DB:49:91:90:C0:C4:A3:08:9D:24:6C:5B:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MhwF1QHttJkZDAxKMInSRsW3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/oivP_P9C8xgHR23yBceMBRyXP6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/cd2983-218c-457d-811b-5d42e1fa45b9/1/u4MhwF1QHttJkZDAxKMInSRsW3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.215.0/24
85.208.8.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:09:73:2d:98:04:62:8a:5f:fd:78:bd:b1:cd:6f:97:be:3d:
5b:20:ec:7a:90:f4:9a:f5:b7:74:b6:06:39:3a:84:49:b1:c8:
a1:aa:65:2e:fc:8b:5d:70:30:8f:de:8f:74:6a:c4:96:6d:17:
5f:f2:cf:de:b0:4c:36:f0:04:7b:c5:83:cb:12:9c:17:1a:ad:
2f:3f:94:fd:02:3f:7e:40:48:0f:b0:2f:2f:5b:2e:1f:05:01:
fe:74:85:05:26:c4:b9:bc:2b:c4:6c:d1:87:a8:47:bc:ad:4d:
58:cc:14:b6:9e:e1:6f:55:68:9f:af:04:b9:49:f2:7c:43:24:
b3:f6:53:2e:32:b5:f9:18:a2:8e:ae:5b:38:03:7c:e5:88:ea:
d5:08:cb:62:5b:be:f3:5d:76:9b:21:87:31:5a:20:05:2e:89:
32:e9:0b:a5:02:cb:2f:ea:d3:0d:59:98:d9:72:21:5e:82:5f:
c3:ea:d8:03:b4:74:08:79:57:1c:90:af:bf:78:52:a9:90:2f:
cb:ca:98:e1:a9:74:5f:75:f3:36:e0:ab:c8:30:8a:26:63:86:
c9:06:af:32:39:c4:2d:65:74:84:2b:99:60:37:52:4e:69:fa:
40:23:2b:a4:d0:9c:f9:7d:49:8d:0c:41:43:75:30:11:35:66:
b2:b9:02:2d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgjiNPToo0Kloz8H91oHZRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMyMWMwNWQ1MDFlZGI0OTkxOTBjMGM0YTMwODlkMjQ2
YzViNzYwHhcNMjMwNTE2MDc0OTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjJiY2ZmY2ZmNDJmMzE4MDc0NzZkZjIwNWM3OGMwNTFjOTczZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGIlRAMhDSpCVkWxcfaTEuFWM3PC
A9LSQgdJjfueFn9ZIiRAWaM+CP18yODxADQhz62hwAG+7JRX8q5A8KAaff5A9gKs
sDAGPemqvY3GOH9GJ+OqdiVMIVa0tCNgFZgSpq7X6iHswS/k7dWTGEt+9mgzpArA
Q1niePPoX09Zt0NWNf68n2ctAAFcL594bHgB07+/17FUP/h06ZeVubml+VMCa6Wz
vJX9dX4SERgXTqP+brOdtZkW2Y6Sd65SzibGuahATsTx+8LrNsRXh0L+obZFIWJp
n+QKba95PwL4qMKIbjde41vyVlrNxZa7QrXQfrHOXvcsxJDiSMehQEIuAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKIrz/z/QvMYB0dt8gXHjAUclz+qMB8GA1UdIwQY
MBaAFLuDIcBdUB7bSZGQwMSjCJ0kbFt2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNaHdGMVFIdHRKa1pEQXhLTUluU1JzVzNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9jZDI5ODMtMjE4Yy00NTdkLTgxMWIt
NWQ0MmUxZmE0NWI5LzEvb2l2UF9QOUM4eGdIUjIzeUJjZU1CUnlYUDZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9jZDI5ODMtMjE4Yy00NTdkLTgxMWItNWQ0MmUxZmE0NWI5
LzEvdTRNaHdGMVFIdHRKa1pEQXhLTUluU1JzVzNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJSzXAwQA
VdAIMA0GCSqGSIb3DQEBCwUAA4IBAQAMCXMtmARiil/9eL2xzW+Xvj1bIOx6kPSa
9bd0tgY5OoRJscihqmUu/ItdcDCP3o90asSWbRdf8s/esEw28AR7xYPLEpwXGq0v
P5T9Aj9+QEgPsC8vWy4fBQH+dIUFJsS5vCvEbNGHqEe8rU1YzBS2nuFvVWifrwS5
SfJ8QySz9lMuMrX5GKKOrls4A3zliOrVCMtiW77zXXabIYcxWiAFLoky6QulAssv
6tMNWZjZciFegl/D6tgDtHQIeVcckK+/eFKpkC/LypjhqXRfdfM24KvIMIomY4bJ
Bq8yOcQtZXSEK5lgN1JOafpAIyuk0Jz5fUmNDEFDdTARNWayuQIt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:18 2024 by rpki-client on console-ams.rpki-client.org