Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/cab149-d567-48fc-ac9b-20b024c6fc2f/1/O4fxykHVdvKmSJe6kIBOKc15FgA.roa
File: O4fxykHVdvKmSJe6kIBOKc15FgA.roa (raw, json)
Hash identifier: 8ysF01KyVmgWmLN2REYij4avk1tIpm01iWW2ACTwvpg=
Subject key identifier: 3B:87:F1:CA:41:D5:76:F2:A6:48:97:BA:90:80:4E:29:CD:79:16:00
Certificate issuer: /CN=7139b69078f96cabaf718a39bb58678aeac1ccc2
Certificate serial: 018795276C8DA9BD69590EAB0B03B81D96F3
Authority key identifier: 71:39:B6:90:78:F9:6C:AB:AF:71:8A:39:BB:58:67:8A:EA:C1:CC:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cTm2kHj5bKuvcYo5u1hniurBzMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/cab149-d567-48fc-ac9b-20b024c6fc2f/1/O4fxykHVdvKmSJe6kIBOKc15FgA.roa
Signing time: Tue 18 Apr 2023 16:16:41 +0000
ROA not before: Tue 18 Apr 2023 16:16:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39878
IP address blocks: 185.64.48.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:95:27:6c:8d:a9:bd:69:59:0e:ab:0b:03:b8:1d:96:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7139b69078f96cabaf718a39bb58678aeac1ccc2
Validity
Not Before: Apr 18 16:16:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b87f1ca41d576f2a64897ba90804e29cd791600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d3:fd:07:9f:6c:39:7e:9a:c9:fd:f6:ee:fb:
b4:45:d2:57:f8:0b:ae:15:c6:37:05:be:ee:0d:ab:
86:57:78:a0:ad:2f:c5:74:00:dc:9b:94:05:3c:97:
e4:0a:4a:2b:ca:a3:21:90:64:f1:05:f2:6d:00:79:
55:1b:ef:cb:85:9f:96:c1:bd:d1:03:62:da:57:9f:
49:c5:18:d3:e9:b9:23:df:cf:4a:31:36:88:95:28:
03:15:a1:e1:5e:c1:dd:18:af:f3:b6:43:92:7d:b5:
ad:a4:af:b8:25:ce:77:45:e5:e8:05:b1:af:de:10:
89:f5:f8:57:31:c4:4d:2d:f0:24:b5:d5:99:3c:a4:
6f:34:7d:c5:30:e4:9e:57:c9:e2:f7:b8:c1:8f:dc:
a3:14:71:f4:6a:ad:dc:49:84:f0:5f:59:c3:4e:30:
26:e0:dc:3a:42:a7:65:50:06:38:2e:50:a9:3a:7b:
70:d4:ab:a5:29:a6:39:07:5e:45:b3:c8:04:70:e6:
0d:f7:97:04:58:e1:f7:0d:f2:f8:95:68:77:96:2f:
19:24:56:8a:83:48:9e:4d:ce:12:34:ae:7d:82:bd:
05:7a:26:62:88:e8:9c:de:d7:dd:24:3a:a9:8c:84:
87:07:2d:a0:fc:b5:43:f1:26:6c:5a:38:93:e5:a1:
9b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:87:F1:CA:41:D5:76:F2:A6:48:97:BA:90:80:4E:29:CD:79:16:00
X509v3 Authority Key Identifier:
keyid:71:39:B6:90:78:F9:6C:AB:AF:71:8A:39:BB:58:67:8A:EA:C1:CC:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cTm2kHj5bKuvcYo5u1hniurBzMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/cab149-d567-48fc-ac9b-20b024c6fc2f/1/O4fxykHVdvKmSJe6kIBOKc15FgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/cab149-d567-48fc-ac9b-20b024c6fc2f/1/cTm2kHj5bKuvcYo5u1hniurBzMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.48.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:a3:ee:95:bb:38:75:5f:a6:2f:ca:da:91:e5:d6:f0:5c:9d:
55:45:4c:e1:70:66:fb:18:98:d0:c3:1a:72:de:09:0e:b1:b7:
a8:74:1e:82:71:6d:e1:7f:68:30:1e:da:10:2f:7b:ed:ba:09:
85:77:47:67:13:df:24:c8:c3:c2:14:34:10:eb:ca:fa:72:58:
67:b5:74:92:6d:65:79:ba:3e:03:d0:65:d3:9d:fa:83:30:1d:
04:fa:d3:49:28:67:c6:e4:9d:d3:0e:86:34:e3:76:c7:10:51:
a8:2f:90:1e:f5:f5:97:cd:4f:92:4a:34:48:7b:30:41:6d:f5:
f4:6f:b2:7d:7f:05:0f:b8:c8:7a:ef:c0:8e:27:bd:b8:5a:b3:
c7:15:07:ed:6d:8a:cb:56:da:1e:92:95:af:5c:1c:0c:89:53:
9e:73:e7:c3:93:89:8f:97:cd:58:3d:3c:43:de:f4:89:08:2b:
b9:23:e8:cf:bb:1d:c2:df:53:29:5e:ca:b7:91:fb:77:7e:c4:
01:c9:44:1f:d8:ba:9c:12:22:06:cd:3f:95:7c:67:a7:68:15:
01:21:aa:01:e3:60:43:cb:3e:d8:b9:62:c4:35:b4:71:31:19:
9f:02:83:26:4f:36:1a:8e:09:70:dc:41:72:23:eb:ea:9f:a9:
55:b7:24:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeVJ2yNqb1pWQ6rCwO4HZbzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMzliNjkwNzhmOTZjYWJhZjcxOGEzOWJiNTg2NzhhZWFj
MWNjYzIwHhcNMjMwNDE4MTYxNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjg3ZjFjYTQxZDU3NmYyYTY0ODk3YmE5MDgwNGUyOWNkNzkxNjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtP9B59sOX6ayf327vu0RdJX+Auu
FcY3Bb7uDauGV3igrS/FdADcm5QFPJfkCkoryqMhkGTxBfJtAHlVG+/LhZ+Wwb3R
A2LaV59JxRjT6bkj389KMTaIlSgDFaHhXsHdGK/ztkOSfbWtpK+4Jc53ReXoBbGv
3hCJ9fhXMcRNLfAktdWZPKRvNH3FMOSeV8ni97jBj9yjFHH0aq3cSYTwX1nDTjAm
4Nw6QqdlUAY4LlCpOntw1KulKaY5B15Fs8gEcOYN95cEWOH3DfL4lWh3li8ZJFaK
g0ieTc4SNK59gr0FeiZiiOic3tfdJDqpjISHBy2g/LVD8SZsWjiT5aGbrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDuH8cpB1XbypkiXupCATinNeRYAMB8GA1UdIwQY
MBaAFHE5tpB4+Wyrr3GKObtYZ4rqwczCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1RtMmtIajViS3V2Y1lvNXUxaG5pdXJCek1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9jYWIxNDktZDU2Ny00OGZjLWFjOWIt
MjBiMDI0YzZmYzJmLzEvTzRmeHlrSFZkdkttU0plNmtJQk9LYzE1RmdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9jYWIxNDktZDU2Ny00OGZjLWFjOWItMjBiMDI0YzZmYzJm
LzEvY1RtMmtIajViS3V2Y1lvNXUxaG5pdXJCek1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUAwMA0G
CSqGSIb3DQEBCwUAA4IBAQAqo+6Vuzh1X6YvytqR5dbwXJ1VRUzhcGb7GJjQwxpy
3gkOsbeodB6CcW3hf2gwHtoQL3vtugmFd0dnE98kyMPCFDQQ68r6clhntXSSbWV5
uj4D0GXTnfqDMB0E+tNJKGfG5J3TDoY043bHEFGoL5Ae9fWXzU+SSjRIezBBbfX0
b7J9fwUPuMh678COJ724WrPHFQftbYrLVtoekpWvXBwMiVOec+fDk4mPl81YPTxD
3vSJCCu5I+jPux3C31MpXsq3kft3fsQByUQf2LqcEiIGzT+VfGenaBUBIaoB42BD
yz7YuWLENbRxMRmfAoMmTzYajglw3EFyI+vqn6lVtyQB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:49 2024 by rpki-client on console-fra.rpki-client.org