Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b16080-1813-492b-a7c2-98d4ffea210c/1/OeMRjg6H8fO6JBpVO5BfpXovFec.roa
File: OeMRjg6H8fO6JBpVO5BfpXovFec.roa (raw, json)
Hash identifier: c4Q8ThisAT5plc643BIyj6cZ2PtM2Aqqp4pGM0JQGoE=
Subject key identifier: 39:E3:11:8E:0E:87:F1:F3:BA:24:1A:55:3B:90:5F:A5:7A:2F:15:E7
Certificate issuer: /CN=3f283af20fe6cf39100169d776bafa78241f44ed
Certificate serial: 018CC5000B6A130D4881782CB69FFBCE473D
Authority key identifier: 3F:28:3A:F2:0F:E6:CF:39:10:01:69:D7:76:BA:FA:78:24:1F:44:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pyg68g_mzzkQAWnXdrr6eCQfRO0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b16080-1813-492b-a7c2-98d4ffea210c/1/OeMRjg6H8fO6JBpVO5BfpXovFec.roa
Signing time: Mon 01 Jan 2024 12:29:23 +0000
ROA not before: Mon 01 Jan 2024 12:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47714
IP address blocks: 91.202.211.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:0b:6a:13:0d:48:81:78:2c:b6:9f:fb:ce:47:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f283af20fe6cf39100169d776bafa78241f44ed
Validity
Not Before: Jan 1 12:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39e3118e0e87f1f3ba241a553b905fa57a2f15e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ab:c1:36:83:ac:42:30:de:3a:2e:66:3a:38:
95:6f:0d:3f:4b:8d:f1:54:94:54:69:be:02:97:32:
d6:22:3e:2b:57:54:5b:ec:53:30:98:b1:b7:62:01:
e0:c2:16:3e:58:82:25:c7:de:d2:ee:f8:73:45:71:
ce:94:38:a7:0c:9b:f9:3d:2a:11:ba:38:09:4d:81:
b8:9d:18:fa:61:36:b2:4d:d9:d6:d1:2e:5d:93:18:
50:f1:d0:50:a7:81:1d:e4:cd:bf:50:6c:da:f1:73:
0f:ed:05:5c:b7:c2:3d:19:85:c5:67:00:46:2c:2d:
8e:f5:3d:75:33:49:5f:97:fa:1f:f9:1d:5a:75:91:
38:4b:34:4b:cc:28:91:0c:5a:43:7b:e7:de:44:8c:
d2:aa:3c:db:3d:ac:51:04:ce:88:26:58:bc:64:0c:
a5:30:96:eb:21:29:45:ff:c3:82:f4:03:cd:fc:af:
e4:e6:38:c4:bd:f2:08:8c:8a:2d:20:2e:92:69:61:
3c:b1:77:57:b9:2f:8d:78:23:4d:8d:e2:38:93:3d:
98:a8:f3:b1:77:1a:ae:34:3d:25:7f:fe:de:d0:64:
e9:75:56:c7:18:ba:f2:f9:74:a6:1b:c0:2c:5d:46:
b8:57:d3:f7:e5:5a:f3:73:a3:15:18:01:ce:1c:1e:
66:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:E3:11:8E:0E:87:F1:F3:BA:24:1A:55:3B:90:5F:A5:7A:2F:15:E7
X509v3 Authority Key Identifier:
keyid:3F:28:3A:F2:0F:E6:CF:39:10:01:69:D7:76:BA:FA:78:24:1F:44:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pyg68g_mzzkQAWnXdrr6eCQfRO0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b16080-1813-492b-a7c2-98d4ffea210c/1/OeMRjg6H8fO6JBpVO5BfpXovFec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b16080-1813-492b-a7c2-98d4ffea210c/1/Pyg68g_mzzkQAWnXdrr6eCQfRO0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.202.211.0/24
Signature Algorithm: sha256WithRSAEncryption
67:3a:da:a8:83:f2:b7:76:cb:25:d3:3c:2f:90:44:f8:34:92:
29:25:98:a9:57:2a:c3:3b:e9:c1:51:37:6a:a0:90:5c:6f:c5:
a7:f4:b6:09:29:5c:c1:15:b9:9b:ac:79:0f:8b:25:ea:93:26:
a9:cf:be:58:17:05:47:5f:3b:46:5f:ce:81:6d:dd:90:8b:2f:
4d:3d:15:32:9f:e2:85:51:50:eb:78:02:4f:2c:b6:f2:1d:aa:
ef:de:92:b5:04:6b:39:10:e3:b6:99:5b:d1:a5:b2:5e:40:41:
df:fc:d1:ca:73:fa:c5:ae:84:91:9e:14:49:0e:5e:f5:46:5b:
25:e8:de:3a:0c:ab:ca:19:a2:e1:d0:06:67:77:93:6c:67:4b:
32:16:dc:81:65:bf:4c:c4:74:3b:3b:82:4b:ba:38:08:b0:2e:
74:37:b8:da:c4:f2:bf:c4:02:b1:8c:4d:37:51:1e:af:1d:aa:
14:d4:e5:7f:b1:51:bd:a7:9e:11:0c:4a:97:5f:86:21:09:b3:
39:83:8d:a8:6f:5d:27:18:ca:9d:fc:6b:98:1f:5a:ea:aa:13:
a0:01:81:55:39:97:10:3d:b1:3c:0d:7e:24:89:20:87:28:79:
b1:a8:24:ca:b1:d9:7b:eb:70:eb:09:b2:8d:2b:79:0a:27:fc:
1a:4d:2b:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAAtqEw1IgXgstp/7zkc9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMjgzYWYyMGZlNmNmMzkxMDAxNjlkNzc2YmFmYTc4MjQx
ZjQ0ZWQwHhcNMjQwMTAxMTIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWUzMTE4ZTBlODdmMWYzYmEyNDFhNTUzYjkwNWZhNTdhMmYxNWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKvBNoOsQjDeOi5mOjiVbw0/S43x
VJRUab4ClzLWIj4rV1Rb7FMwmLG3YgHgwhY+WIIlx97S7vhzRXHOlDinDJv5PSoR
ujgJTYG4nRj6YTayTdnW0S5dkxhQ8dBQp4Ed5M2/UGza8XMP7QVct8I9GYXFZwBG
LC2O9T11M0lfl/of+R1adZE4SzRLzCiRDFpDe+feRIzSqjzbPaxRBM6IJli8ZAyl
MJbrISlF/8OC9APN/K/k5jjEvfIIjIotIC6SaWE8sXdXuS+NeCNNjeI4kz2YqPOx
dxquND0lf/7e0GTpdVbHGLry+XSmG8AsXUa4V9P35Vrzc6MVGAHOHB5msQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDnjEY4Oh/HzuiQaVTuQX6V6LxXnMB8GA1UdIwQY
MBaAFD8oOvIP5s85EAFp13a6+ngkH0TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHlnNjhnX216emtRQVduWGRycjZlQ1FmUk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMTYwODAtMTgxMy00OTJiLWE3YzIt
OThkNGZmZWEyMTBjLzEvT2VNUmpnNkg4Zk82SkJwVk81QmZwWG92RmVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iMTYwODAtMTgxMy00OTJiLWE3YzItOThkNGZmZWEyMTBj
LzEvUHlnNjhnX216emtRQVduWGRycjZlQ1FmUk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8rTMA0G
CSqGSIb3DQEBCwUAA4IBAQBnOtqog/K3dssl0zwvkET4NJIpJZipVyrDO+nBUTdq
oJBcb8Wn9LYJKVzBFbmbrHkPiyXqkyapz75YFwVHXztGX86Bbd2Qiy9NPRUyn+KF
UVDreAJPLLbyHarv3pK1BGs5EOO2mVvRpbJeQEHf/NHKc/rFroSRnhRJDl71Rlsl
6N46DKvKGaLh0AZnd5NsZ0syFtyBZb9MxHQ7O4JLujgIsC50N7jaxPK/xAKxjE03
UR6vHaoU1OV/sVG9p54RDEqXX4YhCbM5g42ob10nGMqd/GuYH1rqqhOgAYFVOZcQ
PbE8DX4kiSCHKHmxqCTKsdl763DrCbKNK3kKJ/waTSsG
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:59:01 2024 by rpki-client on console.sobornost.net