Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/NT4PtcBOQ_1SYHbsLy7GoMz0vQM.roa
File: NT4PtcBOQ_1SYHbsLy7GoMz0vQM.roa (raw, json)
Hash identifier: 1qnYj5k4Z2OA662L2yn4mSeMu/jG8u26euNWcA47YgA=
Subject key identifier: 35:3E:0F:B5:C0:4E:43:FD:52:60:76:EC:2F:2E:C6:A0:CC:F4:BD:03
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018BDE17294113E54B4548EBD281CF408E70
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/NT4PtcBOQ_1SYHbsLy7GoMz0vQM.roa
Signing time: Fri 17 Nov 2023 16:22:21 +0000
ROA not before: Fri 17 Nov 2023 16:22:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49468
IP address blocks: 128.0.44.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:de:17:29:41:13:e5:4b:45:48:eb:d2:81:cf:40:8e:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Nov 17 16:22:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=353e0fb5c04e43fd526076ec2f2ec6a0ccf4bd03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cf:09:48:11:3e:9f:db:94:13:e3:3c:33:4f:
31:94:51:d9:75:ec:b5:40:41:c0:4d:d6:98:8b:29:
be:b8:96:20:56:f6:02:1a:61:3a:7b:1b:c8:e2:6e:
89:69:13:bb:7a:fa:53:6b:95:17:24:9f:f7:ec:16:
a6:7f:8e:21:bb:a6:90:d9:da:2e:a4:a5:77:25:25:
51:26:3a:20:77:75:ba:2a:b9:32:8c:90:98:78:4c:
13:4e:0a:47:7c:33:38:4e:5d:99:87:f7:de:2e:f3:
ba:9d:de:bf:13:99:51:a5:21:e3:4b:7f:e4:ad:c5:
13:58:56:e9:c7:bf:b9:e8:87:90:30:31:6b:50:f8:
7b:0c:6d:15:48:31:e0:b6:7e:04:05:e2:98:89:32:
f3:76:af:82:d8:e5:1e:74:ec:20:08:67:76:0d:8a:
ea:20:ec:45:c7:40:09:b3:f6:34:ff:5d:79:61:08:
00:46:90:ab:a5:31:11:26:e7:b5:06:aa:93:9c:1a:
8c:e0:56:c8:ae:ef:45:99:ad:4d:7b:e9:14:74:83:
0e:15:b9:41:3c:11:6d:e1:11:9d:c8:7c:bf:9e:f3:
e5:5d:ad:01:a5:38:af:34:60:09:aa:fc:10:19:57:
25:45:54:71:13:7d:ae:e1:a9:fd:0a:46:eb:f7:c7:
40:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:3E:0F:B5:C0:4E:43:FD:52:60:76:EC:2F:2E:C6:A0:CC:F4:BD:03
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/NT4PtcBOQ_1SYHbsLy7GoMz0vQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.44.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:8e:86:bf:a8:bb:9d:1f:59:a4:f8:c5:8b:b7:fa:f0:c7:d0:
d8:ae:1a:af:55:6f:4b:d2:f9:3b:d7:51:f0:8d:9f:ec:73:39:
52:a1:22:9e:b3:e3:53:35:9e:3a:68:dc:06:a0:ab:0a:66:8a:
53:f6:0c:0c:73:14:55:66:70:57:f8:10:d6:1c:46:13:8b:1c:
76:a6:8b:4c:da:f8:51:ea:f9:3e:fb:20:2a:e2:ac:0d:41:ef:
00:7d:62:12:48:4b:9a:47:1e:c0:d4:39:ee:69:cd:d1:73:1e:
9d:3b:05:c5:2d:bb:11:72:34:e5:34:06:9b:35:9c:05:b6:6f:
de:2d:3e:c5:00:72:ed:9f:36:b7:98:10:db:2b:83:98:72:88:
95:f4:b0:e2:f8:b3:96:1d:cb:d8:33:1f:6f:1e:10:1a:0d:13:
e0:3f:ec:c5:66:40:5e:39:9e:f6:05:29:2a:59:e8:4b:33:97:
8e:bf:1e:f1:48:e1:da:8f:97:12:d3:08:4a:a8:4e:b3:e0:9f:
42:60:de:e5:b3:a3:de:91:db:4c:b3:af:44:22:95:43:74:d1:
db:cf:08:23:77:8c:5b:2d:f9:8e:55:09:62:fe:9f:4f:c2:70:
0e:80:e4:c0:d3:69:0d:86:0c:a1:50:20:7c:73:1a:b9:ce:60:
63:5a:15:ad
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYveFylBE+VLRUjr0oHPQI5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMxMTE3MTYyMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTNlMGZiNWMwNGU0M2ZkNTI2MDc2ZWMyZjJlYzZhMGNjZjRiZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuc8JSBE+n9uUE+M8M08xlFHZdey1
QEHATdaYiym+uJYgVvYCGmE6exvI4m6JaRO7evpTa5UXJJ/37Bamf44hu6aQ2dou
pKV3JSVRJjogd3W6KrkyjJCYeEwTTgpHfDM4Tl2Zh/feLvO6nd6/E5lRpSHjS3/k
rcUTWFbpx7+56IeQMDFrUPh7DG0VSDHgtn4EBeKYiTLzdq+C2OUedOwgCGd2DYrq
IOxFx0AJs/Y0/115YQgARpCrpTERJue1BqqTnBqM4FbIru9Fma1Ne+kUdIMOFblB
PBFt4RGdyHy/nvPlXa0BpTivNGAJqvwQGVclRVRxE32u4an9Ckbr98dA9wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDU+D7XATkP9UmB27C8uxqDM9L0DMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL05UNFB0Y0JPUV8xU1lIYnNMeTdHb016MHZRTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACAACww
DQYJKoZIhvcNAQELBQADggEBAEqOhr+ou50fWaT4xYu3+vDH0NiuGq9Vb0vS+TvX
UfCNn+xzOVKhIp6z41M1njpo3AagqwpmilP2DAxzFFVmcFf4ENYcRhOLHHami0za
+FHq+T77ICrirA1B7wB9YhJIS5pHHsDUOe5pzdFzHp07BcUtuxFyNOU0Bps1nAW2
b94tPsUAcu2fNreYENsrg5hyiJX0sOL4s5Ydy9gzH28eEBoNE+A/7MVmQF45nvYF
KSpZ6Eszl46/HvFI4dqPlxLTCEqoTrPgn0Jg3uWzo96R20yzr0QilUN00dvPCCN3
jFst+Y5VCWL+n0/CcA6A5MDTaQ2GDKFQIHxzGrnOYGNaFa0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org