Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/df4dd6-b423-4292-9634-accf261e5c19/1/DGOo2ZzAEqLIZ-lNLuNThK4FjAM.roa
File: DGOo2ZzAEqLIZ-lNLuNThK4FjAM.roa (raw, json)
Hash identifier: 6P4ch+PFK1O9JeoANw4ax8+w+JTtivRzBK2a09CYrBU=
Subject key identifier: 0C:63:A8:D9:9C:C0:12:A2:C8:67:E9:4D:2E:E3:53:84:AE:05:8C:03
Certificate issuer: /CN=6e1a5543a72b515787f29e84f8f1ab4fd2f1bbf2
Certificate serial: 06A06627
Authority key identifier: 6E:1A:55:43:A7:2B:51:57:87:F2:9E:84:F8:F1:AB:4F:D2:F1:BB:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bhpVQ6crUVeH8p6E-PGrT9Lxu_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/df4dd6-b423-4292-9634-accf261e5c19/1/DGOo2ZzAEqLIZ-lNLuNThK4FjAM.roa
Signing time: Sat 01 Jan 2022 06:05:11 +0000
ROA not before: Sat 01 Jan 2022 06:05:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49492
IP address blocks: 188.95.8.0/21 maxlen: 21
188.95.8.0/22 maxlen: 22
188.95.14.0/24 maxlen: 24
188.95.12.0/22 maxlen: 22
2a00:1010::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111175207 (0x6a06627)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e1a5543a72b515787f29e84f8f1ab4fd2f1bbf2
Validity
Not Before: Jan 1 06:05:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c63a8d99cc012a2c867e94d2ee35384ae058c03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:e4:c3:33:a3:fb:89:e6:56:d1:2d:51:89:0b:
6a:0d:df:0e:c0:93:03:55:c7:47:14:1e:d7:f5:37:
2b:3f:47:21:43:f7:6b:c0:1f:8a:71:b9:3d:68:dd:
18:94:86:5e:ff:f6:9d:52:4d:ca:99:46:66:38:ba:
2f:9c:e1:66:ed:b1:c9:c3:50:8d:9e:c7:dc:ec:3f:
55:27:8f:c5:17:09:ed:f7:64:1f:00:30:e8:de:bc:
f0:b0:cf:ce:21:08:34:a0:ff:08:fc:a9:a5:6c:6f:
20:4c:f8:f4:0f:1b:21:25:62:22:f8:62:77:17:62:
d9:52:0a:41:42:9a:23:0e:17:29:21:a8:4f:d0:b3:
12:4d:82:4f:2f:43:79:e7:6b:49:29:96:af:49:85:
e0:75:18:35:f2:a5:88:18:f8:03:b2:11:dc:62:47:
05:e2:d5:43:a0:66:47:1f:4f:76:d2:3a:b1:32:42:
f9:c7:bb:bc:97:38:f0:d3:df:6f:6f:77:75:8e:77:
33:58:e7:81:40:d0:92:5b:37:a9:c5:e9:fe:3b:c0:
d2:26:c4:8b:d8:d6:b3:8a:82:df:91:9c:a3:c1:95:
9d:06:7e:a6:3b:f3:8b:24:44:78:ae:63:10:a5:6d:
78:f3:b0:f0:16:3f:32:69:2e:ea:d9:d8:91:28:a7:
e7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:63:A8:D9:9C:C0:12:A2:C8:67:E9:4D:2E:E3:53:84:AE:05:8C:03
X509v3 Authority Key Identifier:
keyid:6E:1A:55:43:A7:2B:51:57:87:F2:9E:84:F8:F1:AB:4F:D2:F1:BB:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bhpVQ6crUVeH8p6E-PGrT9Lxu_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/df4dd6-b423-4292-9634-accf261e5c19/1/DGOo2ZzAEqLIZ-lNLuNThK4FjAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/df4dd6-b423-4292-9634-accf261e5c19/1/bhpVQ6crUVeH8p6E-PGrT9Lxu_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.95.8.0/21
IPv6:
2a00:1010::/32
Signature Algorithm: sha256WithRSAEncryption
54:09:6e:52:ca:28:ce:0b:b0:f3:e5:2a:32:12:0b:85:36:ca:
a6:c7:8c:3c:78:1b:ce:f5:76:15:3c:93:78:a0:9d:53:e1:47:
c9:37:9f:41:f8:9a:d5:b3:a0:27:60:5a:7e:a6:4a:ba:b3:bd:
7c:73:e4:c5:a2:49:de:59:eb:21:9d:d5:f7:8f:27:10:10:7a:
de:e6:76:53:1c:b4:f3:21:9a:38:38:04:c7:60:52:0e:23:ba:
4e:1f:3f:5d:a5:81:62:2e:10:04:6f:fe:1e:38:f7:c3:06:08:
6e:43:ec:17:f4:31:46:9f:2d:71:16:e8:8c:6c:a9:f4:cc:03:
b9:b3:4e:7e:3f:b8:b5:4d:f3:1e:33:f2:73:0c:4a:04:c5:b8:
b5:70:e3:14:7a:1a:fd:67:51:19:b6:27:1d:8c:ec:34:76:8e:
43:e7:cd:a4:3c:e8:8d:7f:f7:92:ed:ef:30:e8:0b:a9:3c:3f:
3d:fa:9e:d5:1c:16:af:96:78:94:9b:39:b0:b0:14:cb:c3:2c:
d6:ad:09:8d:14:64:cb:ae:de:db:f7:90:1e:fc:57:ab:65:5b:
bf:ce:84:63:ed:57:52:70:ee:50:84:2b:79:75:be:47:52:e4:
86:f0:f9:2f:bb:66:c4:b6:cf:e5:8b:e7:cc:1a:52:f7:9f:4f:
2a:61:ee:18
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBqBmJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZTFhNTU0M2E3MmI1MTU3ODdmMjllODRmOGYxYWI0ZmQyZjFiYmYyMB4XDTIyMDEw
MTA2MDUxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGM2M2E4ZDk5Y2Mw
MTJhMmM4NjdlOTRkMmVlMzUzODRhZTA1OGMwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOTkwzOj+4nmVtEtUYkLag3fDsCTA1XHRxQe1/U3Kz9HIUP3
a8AfinG5PWjdGJSGXv/2nVJNyplGZji6L5zhZu2xycNQjZ7H3Ow/VSePxRcJ7fdk
HwAw6N688LDPziEINKD/CPyppWxvIEz49A8bISViIvhidxdi2VIKQUKaIw4XKSGo
T9CzEk2CTy9DeedrSSmWr0mF4HUYNfKliBj4A7IR3GJHBeLVQ6BmRx9PdtI6sTJC
+ce7vJc48NPfb293dY53M1jngUDQkls3qcXp/jvA0ibEi9jWs4qC35Gco8GVnQZ+
pjvziyREeK5jEKVtePOw8BY/Mmku6tnYkSin590CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQMY6jZnMASoshn6U0u41OErgWMAzAfBgNVHSMEGDAWgBRuGlVDpytRV4fy
noT48atP0vG78jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JocFZRNmNyVVZlSDhwNkUtUEdyVDlMeHVfSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvZGY0ZGQ2LWI0MjMtNDI5Mi05NjM0LWFjY2YyNjFlNWMxOS8x
L0RHT28yWnpBRXFMSVotbE5MdU5UaEs0RmpBTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
ZGY0ZGQ2LWI0MjMtNDI5Mi05NjM0LWFjY2YyNjFlNWMxOS8xL2JocFZRNmNyVVZl
SDhwNkUtUEdyVDlMeHVfSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA7xfCDANBAIAAjAHAwUAKgAQEDAN
BgkqhkiG9w0BAQsFAAOCAQEAVAluUsoozguw8+UqMhILhTbKpseMPHgbzvV2FTyT
eKCdU+FHyTefQfia1bOgJ2BafqZKurO9fHPkxaJJ3lnrIZ3V948nEBB63uZ2Uxy0
8yGaODgEx2BSDiO6Th8/XaWBYi4QBG/+Hjj3wwYIbkPsF/QxRp8tcRbojGyp9MwD
ubNOfj+4tU3zHjPycwxKBMW4tXDjFHoa/WdRGbYnHYzsNHaOQ+fNpDzojX/3ku3v
MOgLqTw/Pfqe1RwWr5Z4lJs5sLAUy8Ms1q0JjRRky67e2/eQHvxXq2Vbv86EY+1X
UnDuUIQreXW+R1LkhvD5L7tmxLbP5YvnzBpS959PKmHuGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:11 2024 by rpki-client on console-fra.rpki-client.org