Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/e1caef-ca6f-4881-bc58-0a131f65c968/1/OZqu3HhlehwOkFShHNLADjC-BOM.roa
File: OZqu3HhlehwOkFShHNLADjC-BOM.roa (raw, json)
Hash identifier: Eyx7RjjKUJy1bktMFwpgEQa5RPK0MH2+ECffD3rXBME=
Subject key identifier: 39:9A:AE:DC:78:65:7A:1C:0E:90:54:A1:1C:D2:C0:0E:30:BE:04:E3
Certificate issuer: /CN=cf14db373085e28c0d9b74be7b8e89740b95f9fa
Certificate serial: 01856FCB96553B99549B37287F6A7963CE38
Authority key identifier: CF:14:DB:37:30:85:E2:8C:0D:9B:74:BE:7B:8E:89:74:0B:95:F9:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zxTbNzCF4owNm3S-e46JdAuV-fo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/e1caef-ca6f-4881-bc58-0a131f65c968/1/OZqu3HhlehwOkFShHNLADjC-BOM.roa
Signing time: Mon 02 Jan 2023 00:04:51 +0000
ROA not before: Mon 02 Jan 2023 00:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51565
IP address blocks: 91.217.122.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:96:55:3b:99:54:9b:37:28:7f:6a:79:63:ce:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf14db373085e28c0d9b74be7b8e89740b95f9fa
Validity
Not Before: Jan 2 00:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=399aaedc78657a1c0e9054a11cd2c00e30be04e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8a:17:bf:00:09:3b:a8:4b:92:b6:d4:bb:ac:
2b:e9:26:f3:8f:7b:a3:67:b5:9e:35:2c:d2:36:53:
f2:68:5b:d7:67:3a:dd:61:1d:3b:1d:ab:cc:a1:e6:
05:71:fb:02:f1:1a:82:6e:81:99:b3:a7:bb:d9:c2:
fa:f5:94:33:52:32:b7:14:56:86:09:5c:a5:94:55:
37:5c:be:02:68:0f:61:51:2c:af:e3:fd:3d:a0:4c:
b5:e7:30:e9:0d:48:9a:53:f3:59:db:2b:43:dd:5a:
88:0f:f2:a8:5b:6e:ea:bd:3b:36:23:6f:06:96:c7:
11:39:92:22:a2:e0:46:35:7d:27:7f:ed:a1:3c:37:
b8:95:3b:6b:a2:9a:9f:8e:71:7f:49:c1:c3:b8:4a:
c8:f9:ab:81:8d:67:4c:51:4f:bc:e2:e1:da:64:b4:
85:f3:8f:8e:9d:77:d3:2c:c0:5a:ec:19:22:82:26:
69:f0:8d:35:43:cc:f4:34:44:1c:ed:c0:04:19:19:
a8:a7:18:df:62:d5:70:b2:32:21:eb:7c:39:9c:d5:
cb:e9:dd:9e:df:e2:3c:98:42:d1:ba:3d:20:19:05:
6a:f1:e8:93:2b:fd:94:42:90:3a:40:14:52:87:58:
35:01:38:55:1d:d3:74:43:a5:86:d4:49:c5:98:d0:
62:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:9A:AE:DC:78:65:7A:1C:0E:90:54:A1:1C:D2:C0:0E:30:BE:04:E3
X509v3 Authority Key Identifier:
keyid:CF:14:DB:37:30:85:E2:8C:0D:9B:74:BE:7B:8E:89:74:0B:95:F9:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zxTbNzCF4owNm3S-e46JdAuV-fo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/e1caef-ca6f-4881-bc58-0a131f65c968/1/OZqu3HhlehwOkFShHNLADjC-BOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/e1caef-ca6f-4881-bc58-0a131f65c968/1/zxTbNzCF4owNm3S-e46JdAuV-fo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.122.0/23
Signature Algorithm: sha256WithRSAEncryption
42:65:c9:fd:e3:e8:ec:2f:81:af:27:f4:b0:2e:cc:ee:0d:15:
1f:bd:93:12:e3:41:66:a9:7f:9b:6f:63:77:4b:de:af:1f:2d:
a4:c9:be:3c:3a:58:81:3b:fe:69:c3:7e:07:33:0a:3b:e1:e0:
b1:ac:c8:e6:5b:4b:d7:7f:7d:ba:f1:d4:15:6c:03:83:0b:92:
f6:19:45:7f:91:72:68:57:1a:7e:0d:2d:bf:50:3b:4e:9a:95:
d9:23:3c:c9:27:3a:98:e3:5d:e2:35:3f:23:7d:54:2f:67:7d:
22:66:bf:8f:1d:89:1b:c6:42:00:df:d9:f0:1d:11:b1:d9:e0:
e4:47:7c:82:28:fc:6b:b7:56:e7:24:11:16:e7:f5:ec:a0:bd:
9f:a2:43:e7:20:b3:17:89:ee:96:c8:10:61:c4:ce:59:6a:c8:
02:f3:d4:d0:f9:7b:4b:7b:44:ce:42:33:0b:77:db:e9:ea:4e:
60:0b:25:53:08:74:67:72:b2:d1:59:fa:0d:a0:7a:9b:43:70:
bf:c9:64:a0:05:dc:bc:d2:9b:a8:e9:6e:f2:db:5d:18:6f:75:
f0:6a:94:c6:e9:ad:9e:0a:52:04:7e:bf:a4:1a:6f:16:f9:ae:
7d:8e:1b:ee:52:fc:a0:cc:e1:6b:bc:36:9d:8b:37:a0:7d:03:
91:1b:34:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy5ZVO5lUmzcof2p5Y844MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMTRkYjM3MzA4NWUyOGMwZDliNzRiZTdiOGU4OTc0MGI5
NWY5ZmEwHhcNMjMwMTAyMDAwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTlhYWVkYzc4NjU3YTFjMGU5MDU0YTExY2QyYzAwZTMwYmUwNGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4oXvwAJO6hLkrbUu6wr6Sbzj3uj
Z7WeNSzSNlPyaFvXZzrdYR07HavMoeYFcfsC8RqCboGZs6e72cL69ZQzUjK3FFaG
CVyllFU3XL4CaA9hUSyv4/09oEy15zDpDUiaU/NZ2ytD3VqID/KoW27qvTs2I28G
lscROZIiouBGNX0nf+2hPDe4lTtropqfjnF/ScHDuErI+auBjWdMUU+84uHaZLSF
84+OnXfTLMBa7BkigiZp8I01Q8z0NEQc7cAEGRmopxjfYtVwsjIh63w5nNXL6d2e
3+I8mELRuj0gGQVq8eiTK/2UQpA6QBRSh1g1AThVHdN0Q6WG1EnFmNBiNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDmartx4ZXocDpBUoRzSwA4wvgTjMB8GA1UdIwQY
MBaAFM8U2zcwheKMDZt0vnuOiXQLlfn6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenhUYk56Q0Y0b3dObTNTLWU0NkpkQXVWLWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9lMWNhZWYtY2E2Zi00ODgxLWJjNTgt
MGExMzFmNjVjOTY4LzEvT1pxdTNIaGxlaHdPa0ZTaEhOTEFEakMtQk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9lMWNhZWYtY2E2Zi00ODgxLWJjNTgtMGExMzFmNjVjOTY4
LzEvenhUYk56Q0Y0b3dObTNTLWU0NkpkQXVWLWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9l6MA0G
CSqGSIb3DQEBCwUAA4IBAQBCZcn94+jsL4GvJ/SwLszuDRUfvZMS40FmqX+bb2N3
S96vHy2kyb48OliBO/5pw34HMwo74eCxrMjmW0vXf3268dQVbAODC5L2GUV/kXJo
Vxp+DS2/UDtOmpXZIzzJJzqY413iNT8jfVQvZ30iZr+PHYkbxkIA39nwHRGx2eDk
R3yCKPxrt1bnJBEW5/XsoL2fokPnILMXie6WyBBhxM5ZasgC89TQ+XtLe0TOQjML
d9vp6k5gCyVTCHRncrLRWfoNoHqbQ3C/yWSgBdy80puo6W7y210Yb3XwapTG6a2e
ClIEfr+kGm8W+a59jhvuUvygzOFrvDadizegfQORGzTe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:30 2024 by rpki-client on console-ams.rpki-client.org