Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/tMZinXU9zX8MMlEza5BKEYq_tQ0.roa
File: tMZinXU9zX8MMlEza5BKEYq_tQ0.roa (raw, json)
Hash identifier: fyg1S8LX6JwMpCSsVszr2nvldWw+Q1C83Mt5GsC9zOg=
Subject key identifier: B4:C6:62:9D:75:3D:CD:7F:0C:32:51:33:6B:90:4A:11:8A:BF:B5:0D
Certificate issuer: /CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Certificate serial: 091A4809
Authority key identifier: A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/tMZinXU9zX8MMlEza5BKEYq_tQ0.roa
Signing time: Tue 22 Mar 2022 12:51:35 +0000
ROA not before: Tue 22 Mar 2022 12:51:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198518
IP address blocks: 45.131.35.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152717321 (0x91a4809)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Validity
Not Before: Mar 22 12:51:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4c6629d753dcd7f0c3251336b904a118abfb50d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:da:b1:6f:86:e4:7f:4f:20:7c:94:21:e1:3d:
e5:05:c4:fe:46:70:96:32:14:d3:2f:c3:f1:10:0a:
fe:8d:0a:f2:9a:fd:58:a3:61:30:26:e2:17:fe:c8:
dc:d7:c4:fc:df:5e:e5:c3:e0:34:65:b1:af:f4:1b:
34:2a:41:6d:02:3e:c8:81:15:d6:cb:e7:2d:fb:79:
84:c8:b3:7c:ea:98:f2:9c:28:0f:3e:cf:a6:25:33:
c5:0e:56:be:1e:d5:d0:98:89:f7:46:f0:6f:ff:f2:
f3:b1:f6:01:07:cb:49:e3:6e:c5:96:2d:6f:31:0f:
6a:e8:7c:a5:f1:ca:67:a8:9b:10:d1:d7:56:35:64:
0f:d2:00:4c:86:d0:89:eb:67:bb:63:74:a6:ca:06:
33:bc:15:09:7a:a3:89:be:a5:d5:6f:1b:09:37:58:
e5:eb:6f:c0:20:00:18:01:e6:65:aa:38:27:fb:35:
30:e8:8d:f2:8b:63:35:84:8f:60:21:52:b3:cc:ee:
07:0e:5c:50:8f:29:34:dd:e3:58:60:09:dc:3a:dc:
e6:61:5c:89:85:06:7e:4d:76:bb:47:ae:63:50:0d:
5d:a8:cc:de:86:b5:3c:8f:29:1f:a9:9b:c0:b9:55:
97:04:34:c5:92:f8:ff:67:60:07:1e:62:b7:9a:4f:
d7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C6:62:9D:75:3D:CD:7F:0C:32:51:33:6B:90:4A:11:8A:BF:B5:0D
X509v3 Authority Key Identifier:
keyid:A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/tMZinXU9zX8MMlEza5BKEYq_tQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.35.0/24
Signature Algorithm: sha256WithRSAEncryption
51:9f:a0:98:7e:c0:c8:2c:16:af:59:97:0f:fc:33:b8:41:89:
1a:61:55:79:cc:ae:8f:59:59:25:65:0d:23:6c:72:01:18:50:
73:6b:9e:f3:a3:61:4a:a8:1e:fa:4d:a8:05:5a:0b:4d:c6:b5:
d1:28:be:54:4d:12:f0:b3:02:f4:fa:0a:ca:2d:42:63:43:63:
bf:c8:72:64:a6:c1:c6:32:07:df:ad:03:d0:b8:61:cb:dc:fe:
1c:97:81:b8:ea:94:f3:63:b2:0f:75:24:b1:af:99:ef:52:ba:
4f:25:4f:85:37:41:f3:53:20:b8:b7:7a:53:49:cb:81:12:91:
a3:2c:ef:af:77:04:d8:aa:48:8e:b1:a0:59:58:77:74:9a:a1:
3b:a8:33:9a:a7:04:2e:5f:a1:47:c1:20:86:d5:b7:61:fc:78:
e3:80:4d:ab:0f:54:aa:cc:48:7b:b9:81:d2:ac:9e:8e:b1:be:
cd:bc:db:80:b6:7a:11:50:90:a4:1c:18:6b:4a:c7:29:ba:ba:
15:f0:0b:2e:00:09:8b:ad:20:06:0f:30:cf:15:3a:11:2b:af:
40:05:cb:10:f2:9d:95:81:02:42:07:0e:8a:8e:8f:bb:8b:e7:
63:da:05:40:0a:1a:a3:88:3a:a6:49:46:b6:60:25:92:12:5f:
29:4f:6c:8c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECRpICTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODExYTJjOWZjOGRlOTY3OWJiMTU4NTgxYjEwY2VhZWU5MWZmNzkxMB4XDTIyMDMy
MjEyNTEzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjRjNjYyOWQ3NTNk
Y2Q3ZjBjMzI1MTMzNmI5MDRhMTE4YWJmYjUwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHasW+G5H9PIHyUIeE95QXE/kZwljIU0y/D8RAK/o0K8pr9
WKNhMCbiF/7I3NfE/N9e5cPgNGWxr/QbNCpBbQI+yIEV1svnLft5hMizfOqY8pwo
Dz7PpiUzxQ5Wvh7V0JiJ90bwb//y87H2AQfLSeNuxZYtbzEPauh8pfHKZ6ibENHX
VjVkD9IATIbQietnu2N0psoGM7wVCXqjib6l1W8bCTdY5etvwCAAGAHmZao4J/s1
MOiN8otjNYSPYCFSs8zuBw5cUI8pNN3jWGAJ3Drc5mFciYUGfk12u0euY1ANXajM
3oa1PI8pH6mbwLlVlwQ0xZL4/2dgBx5it5pP1/kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS0xmKddT3NfwwyUTNrkEoRir+1DTAfBgNVHSMEGDAWgBSoEaLJ/I3pZ5ux
WFgbEM6u6R/3kTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FCR2l5ZnlONldlYnNWaFlHeERPcnVrZjk1RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvMWRlY2IzLTE1OTMtNDVkYi1hZjU2LTBjYzRjMDAwMDg1OC8x
L3RNWmluWFU5elg4TU1sRXphNUJLRVlxX3RRMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
MWRlY2IzLTE1OTMtNDVkYi1hZjU2LTBjYzRjMDAwMDg1OC8xL3FCR2l5ZnlONldl
YnNWaFlHeERPcnVrZjk1RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2DIzANBgkqhkiG9w0BAQsFAAOC
AQEAUZ+gmH7AyCwWr1mXD/wzuEGJGmFVecyuj1lZJWUNI2xyARhQc2ue86NhSqge
+k2oBVoLTca10Si+VE0S8LMC9PoKyi1CY0Njv8hyZKbBxjIH360D0Lhhy9z+HJeB
uOqU82OyD3Uksa+Z71K6TyVPhTdB81MguLd6U0nLgRKRoyzvr3cE2KpIjrGgWVh3
dJqhO6gzmqcELl+hR8EghtW3Yfx444BNqw9UqsxIe7mB0qyejrG+zbzbgLZ6EVCQ
pBwYa0rHKbq6FfALLgAJi60gBg8wzxU6ESuvQAXLEPKdlYECQgcOio6Pu4vnY9oF
QAoao4g6pklGtmAlkhJfKU9sjA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:59 2024 by rpki-client on console-ams.rpki-client.org