Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/1-vOzRxAh6g0P5W5b3fkum6wxIrI.roa
File: 1-vOzRxAh6g0P5W5b3fkum6wxIrI.roa (raw, json)
Hash identifier: my8CmZQ7YgpwntFcV4y56R6MSRapphLLPwdCeYpbv3U=
Subject key identifier: FA:F3:B3:47:10:21:EA:0D:0F:E5:6E:5B:DD:F9:2E:9B:AC:31:22:B2
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 018F75958AE326F70146DCBF52031CD2F118
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/1-vOzRxAh6g0P5W5b3fkum6wxIrI.roa
Signing time: Tue 14 May 2024 05:31:25 +0000
ROA not before: Tue 14 May 2024 05:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26042
IP address blocks: 45.143.164.0/24 maxlen: 24
45.143.165.0/24 maxlen: 24
194.110.246.0/24 maxlen: 24
2a11:2a47::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:75:95:8a:e3:26:f7:01:46:dc:bf:52:03:1c:d2:f1:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: May 14 05:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faf3b3471021ea0d0fe56e5bddf92e9bac3122b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bb:15:ec:41:ef:66:a4:68:e7:01:16:b9:8d:
f9:88:28:f4:dd:86:1d:36:2a:3b:b0:3e:7b:bf:37:
8a:62:5d:53:b7:01:3d:d6:dd:be:48:38:9d:71:b4:
77:3d:34:48:44:89:85:be:d4:b8:8b:f9:6b:5b:eb:
be:33:14:aa:c5:ea:83:72:53:22:67:ca:42:bb:df:
69:e5:32:f7:39:f7:6e:10:b0:57:f7:77:fc:c1:a6:
ac:cc:b8:8e:e9:c4:5b:97:dd:89:37:49:f0:55:4b:
05:e4:5e:f1:de:95:e9:bf:de:13:28:a4:7b:0e:7f:
b9:e6:82:cc:9f:cc:d3:22:ee:f8:7d:38:fd:bc:e2:
54:06:4a:08:af:3e:8d:74:cd:f4:0b:37:39:1a:74:
0c:19:71:1e:c5:6e:7c:40:fa:0e:bd:3a:ea:75:5b:
98:fd:f0:01:a2:bf:a1:c1:92:a9:ed:e4:cd:8b:e4:
77:83:2d:e1:45:67:9d:55:02:56:03:74:2f:23:02:
e4:14:fd:1e:ac:7a:ca:23:82:7a:eb:bd:b8:4f:79:
5f:7f:1f:d3:4c:fc:b0:e9:34:ad:16:2f:fa:e8:97:
67:e9:8e:da:cf:a2:01:3c:bf:a2:b1:f6:de:26:6b:
30:ba:e1:1e:6b:3e:3f:73:e4:98:ed:e1:94:37:e8:
c1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:F3:B3:47:10:21:EA:0D:0F:E5:6E:5B:DD:F9:2E:9B:AC:31:22:B2
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/1-vOzRxAh6g0P5W5b3fkum6wxIrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.164.0/23
194.110.246.0/24
IPv6:
2a11:2a47::/32
Signature Algorithm: sha256WithRSAEncryption
19:78:cd:61:be:c8:1d:93:2d:16:12:c0:5a:bc:0d:e3:e7:3c:
0a:b4:c1:01:73:23:ae:cc:59:61:1f:8f:e9:3b:b6:85:0b:a0:
f3:bf:8f:88:33:90:cc:48:70:a8:91:e0:5d:32:e5:dd:1f:bd:
5f:31:a0:3b:01:79:1a:5f:4b:c4:08:32:81:c1:d8:b5:0f:b8:
4f:cc:ad:c4:8d:a2:42:c7:2b:40:73:67:c2:62:62:87:48:f4:
e4:a1:d5:1c:c5:a8:07:c3:9b:98:40:2c:58:d5:f4:96:b9:f6:
7f:71:d1:68:d8:9d:5f:e7:e5:e7:ec:d7:58:3f:2c:d7:bb:21:
6c:a1:35:68:11:6c:98:bf:de:20:24:6d:4f:7c:2b:9c:97:54:
25:d0:aa:ca:d0:3c:47:38:66:0b:34:1e:ae:15:59:e4:74:74:
9f:d8:1d:5c:65:76:4f:a5:e4:11:c7:cf:9f:53:44:a1:c5:6d:
7f:d3:55:b8:60:9b:a2:92:0a:2e:b8:cb:c7:dc:8a:0a:6a:58:
41:ed:e3:c8:a2:29:91:2d:ea:ad:60:9d:6a:f1:47:fa:85:ba:
e4:ca:fe:5f:00:0d:a1:8e:7b:bc:c1:9f:c8:2f:4a:2f:51:db:
92:e3:53:76:18:c5:9a:00:bb:2e:e1:86:63:24:32:65:37:14:
59:34:e8:ce
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY91lYrjJvcBRty/UgMc0vEYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjQwNTE0MDUzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWYzYjM0NzEwMjFlYTBkMGZlNTZlNWJkZGY5MmU5YmFjMzEyMmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLsV7EHvZqRo5wEWuY35iCj03YYd
Nio7sD57vzeKYl1TtwE91t2+SDidcbR3PTRIRImFvtS4i/lrW+u+MxSqxeqDclMi
Z8pCu99p5TL3OfduELBX93f8waaszLiO6cRbl92JN0nwVUsF5F7x3pXpv94TKKR7
Dn+55oLMn8zTIu74fTj9vOJUBkoIrz6NdM30Czc5GnQMGXEexW58QPoOvTrqdVuY
/fABor+hwZKp7eTNi+R3gy3hRWedVQJWA3QvIwLkFP0erHrKI4J66724T3lffx/T
TPyw6TStFi/66Jdn6Y7az6IBPL+isfbeJmswuuEeaz4/c+SY7eGUN+jBsQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPrzs0cQIeoND+VuW935LpusMSKyMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvMS12T3pSeEFoNmcwUDVXNWIzZmt1bTZ3eElySS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDEvYTFhODhmLTFkZmYtNGVmZi04MjZiLTM2ZGU2NTcyMzJi
ZS8xL2JTRGQwNWpheVBZc3dTVW1NbDhZSWZ0eVQzVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAS2PpAME
AMJu9jANBAIAAjAHAwUAKhEqRzANBgkqhkiG9w0BAQsFAAOCAQEAGXjNYb7IHZMt
FhLAWrwN4+c8CrTBAXMjrsxZYR+P6Tu2hQug87+PiDOQzEhwqJHgXTLl3R+9XzGg
OwF5Gl9LxAgygcHYtQ+4T8ytxI2iQscrQHNnwmJih0j05KHVHMWoB8ObmEAsWNX0
lrn2f3HRaNidX+fl5+zXWD8s17shbKE1aBFsmL/eICRtT3wrnJdUJdCqytA8Rzhm
CzQerhVZ5HR0n9gdXGV2T6XkEcfPn1NEocVtf9NVuGCbopIKLrjLx9yKCmpYQe3j
yKIpkS3qrWCdavFH+oW65Mr+XwANoY57vMGfyC9KL1HbkuNTdhjFmgC7LuGGYyQy
ZTcUWTTozg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:00 2024 by rpki-client on console-ams.rpki-client.org