Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/e87567-6dd8-4a60-921e-2a0722ae1644/1/plAb_lMk6w-sOwlxWgIVg-A4wR4.roa
File: plAb_lMk6w-sOwlxWgIVg-A4wR4.roa (raw, json)
Hash identifier: 7N7Mep7MdISMJkCpQG5QVw+IqP68w+RzK8f0Oh/AItg=
Subject key identifier: A6:50:1B:FE:53:24:EB:0F:AC:3B:09:71:5A:02:15:83:E0:38:C1:1E
Certificate issuer: /CN=cd6bf60eb08f1e23aba8ba797c1172444ce15b71
Certificate serial: 0185291849575298BAD57B5E7D2188C1A6BF
Authority key identifier: CD:6B:F6:0E:B0:8F:1E:23:AB:A8:BA:79:7C:11:72:44:4C:E1:5B:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWv2DrCPHiOrqLp5fBFyREzhW3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/e87567-6dd8-4a60-921e-2a0722ae1644/1/plAb_lMk6w-sOwlxWgIVg-A4wR4.roa
Signing time: Mon 19 Dec 2022 06:35:35 +0000
ROA not before: Mon 19 Dec 2022 06:35:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 45.150.144.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:18:49:57:52:98:ba:d5:7b:5e:7d:21:88:c1:a6:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd6bf60eb08f1e23aba8ba797c1172444ce15b71
Validity
Not Before: Dec 19 06:35:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6501bfe5324eb0fac3b09715a021583e038c11e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:19:43:fb:f4:94:b8:79:8e:76:dc:54:76:ab:
6d:27:c2:30:10:17:b9:33:67:9c:3f:b0:6f:50:5a:
70:51:03:d3:c1:ae:f0:f4:fd:bd:ba:48:b3:0b:a2:
76:35:bc:e2:92:78:2e:11:dd:b2:aa:03:54:eb:44:
43:4a:7a:13:55:58:e9:42:3e:3a:7a:2a:47:17:69:
06:d3:74:30:e7:da:4a:b5:ee:ae:40:17:5c:a2:c6:
78:63:b2:c4:ea:f9:3f:8d:1e:0d:35:f2:6f:4b:c0:
98:45:e6:83:14:13:67:a1:5d:52:7b:1d:72:c3:a5:
5a:de:e1:07:c8:e4:f2:92:86:36:ca:40:b0:95:52:
65:e0:0f:83:1c:17:41:9c:9d:1c:78:26:cc:eb:8d:
c3:fc:56:a3:f5:fe:c2:b3:a5:dc:95:b0:c5:33:bb:
74:e4:e6:08:f8:e3:86:f1:71:2d:44:00:25:f0:49:
2e:92:d5:49:fb:a4:c5:1c:62:13:cb:0e:45:35:96:
7b:3e:cf:6c:41:3b:83:dc:4c:ea:41:ba:21:ff:f0:
83:c1:39:df:99:82:a2:5b:05:ab:61:05:86:dd:35:
30:a5:a1:a2:f4:a0:37:a1:de:6b:7b:02:b6:9f:55:
a4:0e:55:08:b8:c8:2f:2c:93:87:50:64:a1:67:01:
3c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:50:1B:FE:53:24:EB:0F:AC:3B:09:71:5A:02:15:83:E0:38:C1:1E
X509v3 Authority Key Identifier:
keyid:CD:6B:F6:0E:B0:8F:1E:23:AB:A8:BA:79:7C:11:72:44:4C:E1:5B:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWv2DrCPHiOrqLp5fBFyREzhW3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e87567-6dd8-4a60-921e-2a0722ae1644/1/plAb_lMk6w-sOwlxWgIVg-A4wR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e87567-6dd8-4a60-921e-2a0722ae1644/1/zWv2DrCPHiOrqLp5fBFyREzhW3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.144.0/22
Signature Algorithm: sha256WithRSAEncryption
85:ea:d1:cf:6b:2d:fd:5b:97:b6:99:35:5f:cc:9f:cb:13:11:
f9:ac:df:62:e4:59:58:d9:e0:68:ea:b2:59:41:48:cd:9f:c2:
ce:0b:ad:a1:77:8f:4e:2b:c5:3b:43:fb:48:40:99:f6:3a:66:
4a:a5:d9:10:72:b8:0a:5e:de:e8:91:84:90:7f:ce:f2:d4:b6:
2c:c5:6c:0a:0f:b2:99:66:7b:32:84:76:a2:33:e4:85:cd:ae:
aa:e1:54:e6:c8:be:05:07:79:b8:3e:2f:54:cd:f2:d6:07:cb:
dd:fa:1d:aa:37:13:d1:4b:35:f7:b6:4e:91:0e:b8:ef:c0:47:
a3:05:d7:b7:0d:39:d8:f1:b1:70:11:4d:5a:0d:ce:27:67:42:
6b:c7:45:60:ae:eb:97:cf:d9:cb:a4:d1:93:08:b4:46:a7:f1:
b2:ab:53:64:f4:d5:fb:92:4c:f6:82:8c:be:17:1e:f5:f6:22:
91:13:8e:e0:b0:3f:af:e3:35:fb:de:e2:d9:53:bb:f2:97:28:
6e:3e:11:2b:98:82:9a:a5:20:b4:d2:9d:51:0e:c1:ff:65:12:
32:6c:76:5b:a6:d9:ef:f7:90:f9:00:c0:b6:aa:2d:b3:4f:59:
94:53:ec:0a:90:af:9d:9d:87:b6:78:f3:56:59:63:07:7d:30:
cb:e5:a7:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUpGElXUpi61XtefSGIwaa/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNmJmNjBlYjA4ZjFlMjNhYmE4YmE3OTdjMTE3MjQ0NGNl
MTViNzEwHhcNMjIxMjE5MDYzNTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjUwMWJmZTUzMjRlYjBmYWMzYjA5NzE1YTAyMTU4M2UwMzhjMTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixlD+/SUuHmOdtxUdqttJ8IwEBe5
M2ecP7BvUFpwUQPTwa7w9P29ukizC6J2NbziknguEd2yqgNU60RDSnoTVVjpQj46
eipHF2kG03Qw59pKte6uQBdcosZ4Y7LE6vk/jR4NNfJvS8CYReaDFBNnoV1Sex1y
w6Va3uEHyOTykoY2ykCwlVJl4A+DHBdBnJ0ceCbM643D/Faj9f7Cs6XclbDFM7t0
5OYI+OOG8XEtRAAl8EkuktVJ+6TFHGITyw5FNZZ7Ps9sQTuD3EzqQboh//CDwTnf
mYKiWwWrYQWG3TUwpaGi9KA3od5rewK2n1WkDlUIuMgvLJOHUGShZwE8kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZQG/5TJOsPrDsJcVoCFYPgOMEeMB8GA1UdIwQY
MBaAFM1r9g6wjx4jq6i6eXwRckRM4VtxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveld2MkRyQ1BIaU9ycUxwNWZCRnlSRXpoVzNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9lODc1NjctNmRkOC00YTYwLTkyMWUt
MmEwNzIyYWUxNjQ0LzEvcGxBYl9sTWs2dy1zT3dseFdnSVZnLUE0d1I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9lODc1NjctNmRkOC00YTYwLTkyMWUtMmEwNzIyYWUxNjQ0
LzEveld2MkRyQ1BIaU9ycUxwNWZCRnlSRXpoVzNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZaQMA0G
CSqGSIb3DQEBCwUAA4IBAQCF6tHPay39W5e2mTVfzJ/LExH5rN9i5FlY2eBo6rJZ
QUjNn8LOC62hd49OK8U7Q/tIQJn2OmZKpdkQcrgKXt7okYSQf87y1LYsxWwKD7KZ
ZnsyhHaiM+SFza6q4VTmyL4FB3m4Pi9UzfLWB8vd+h2qNxPRSzX3tk6RDrjvwEej
Bde3DTnY8bFwEU1aDc4nZ0Jrx0VgruuXz9nLpNGTCLRGp/Gyq1Nk9NX7kkz2goy+
Fx719iKRE47gsD+v4zX73uLZU7vylyhuPhErmIKapSC00p1RDsH/ZRIybHZbptnv
95D5AMC2qi2zT1mUU+wKkK+dnYe2ePNWWWMHfTDL5adj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:22 2024 by rpki-client on console-fra.rpki-client.org