Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1eqOWu0wiaVTJz3Esmew9Uxaf00.roa
File: 1eqOWu0wiaVTJz3Esmew9Uxaf00.roa (raw, json)
Hash identifier: UtIK+TL5PlIghdi8c7GXcrxIIsqNkRl4pPRfwkeZi5c=
Subject key identifier: D5:EA:8E:5A:ED:30:89:A5:53:27:3D:C4:B2:67:B0:F5:4C:5A:7F:4D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01875B2DD3E5F160D6536CFC1DA309FDF605
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1eqOWu0wiaVTJz3Esmew9Uxaf00.roa
Signing time: Fri 07 Apr 2023 10:05:42 +0000
ROA not before: Fri 07 Apr 2023 10:05:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204841
IP address blocks: 45.12.252.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5b:2d:d3:e5:f1:60:d6:53:6c:fc:1d:a3:09:fd:f6:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 7 10:05:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5ea8e5aed3089a553273dc4b267b0f54c5a7f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:fa:41:4f:89:ea:c4:46:c2:61:84:49:95:9d:
8a:8e:2c:33:7f:0f:78:86:97:89:d2:69:e6:36:7d:
b5:94:6a:e9:09:ef:f4:e4:9a:4c:67:bb:63:fe:bf:
ec:b7:07:20:13:94:ad:97:a2:c5:7b:b8:b8:38:19:
29:fd:20:d2:16:32:27:36:54:b6:4a:89:03:9c:84:
25:df:c4:02:24:a8:7e:61:4c:47:2c:83:00:f3:fb:
61:21:4e:84:3f:bc:d7:57:9d:c6:a9:8a:41:9b:72:
80:85:da:19:c9:dd:13:04:4d:f1:53:e3:90:1d:ef:
6f:d4:26:cf:5e:dc:43:8b:ed:d8:49:64:c2:b9:21:
db:61:84:08:cd:b5:d3:27:43:78:77:09:d3:f2:2c:
0c:21:83:5b:9d:11:d4:71:bf:f8:93:4d:2d:eb:11:
ac:55:af:84:95:93:bd:f5:c1:e9:91:64:c2:e9:53:
fc:5e:9d:a4:a4:43:6f:e0:b2:64:1a:ae:b3:71:da:
62:e5:78:ad:97:c7:96:d2:e8:92:34:a4:47:e9:9f:
bd:bc:73:e6:28:73:11:90:f2:11:15:40:50:08:dc:
3b:2b:d2:a3:e6:33:96:87:01:cd:86:b3:a3:44:04:
0b:37:d5:0c:36:ed:01:fc:de:49:e0:09:9e:84:6b:
a3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:EA:8E:5A:ED:30:89:A5:53:27:3D:C4:B2:67:B0:F5:4C:5A:7F:4D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1eqOWu0wiaVTJz3Esmew9Uxaf00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.252.0/24
Signature Algorithm: sha256WithRSAEncryption
64:c6:d3:1e:f4:5c:9b:a7:74:52:49:a8:1a:64:f3:e3:e2:33:
58:e3:0c:e2:73:20:35:26:8e:31:03:e2:d9:9f:cf:84:e7:c0:
12:22:ee:69:ec:11:b5:73:bf:a5:8f:62:c3:20:57:6f:c1:50:
72:cf:21:2d:64:a4:ae:e3:88:4d:2b:8d:74:16:44:c4:eb:43:
9e:0f:7f:71:7d:ec:51:5a:f0:9c:97:29:5e:14:9e:b5:64:5a:
e3:41:61:31:23:6b:18:2a:97:ab:16:f5:00:30:4b:07:43:2e:
c9:e0:65:67:c0:86:4a:ef:97:bf:89:17:c0:97:5d:49:45:d7:
cc:2e:4e:06:1b:55:d4:90:6d:f2:0a:51:b1:d4:43:d2:9f:19:
ff:a9:a4:fa:b7:84:7c:32:b3:92:55:bd:9d:21:d8:8e:b6:77:
38:c1:41:47:8d:8d:8e:d9:b4:ff:77:ab:9e:8b:4a:1b:e5:56:
b3:57:ee:b7:77:18:01:9f:8e:50:2d:33:54:cc:b7:9b:34:73:
44:99:65:3e:c4:9e:e0:a6:fa:bc:1d:ea:d6:ad:8b:b2:43:c7:
f6:bc:32:f3:79:78:93:39:e9:cb:e3:c5:b8:d4:2c:b6:8b:7c:
21:fe:66:87:d7:51:67:55:be:e6:85:0c:85:d7:78:c2:f4:03:
af:d5:90:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdbLdPl8WDWU2z8HaMJ/fYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDA3MTAwNTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWVhOGU1YWVkMzA4OWE1NTMyNzNkYzRiMjY3YjBmNTRjNWE3ZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfpBT4nqxEbCYYRJlZ2Kjiwzfw94
hpeJ0mnmNn21lGrpCe/05JpMZ7tj/r/stwcgE5Stl6LFe7i4OBkp/SDSFjInNlS2
SokDnIQl38QCJKh+YUxHLIMA8/thIU6EP7zXV53GqYpBm3KAhdoZyd0TBE3xU+OQ
He9v1CbPXtxDi+3YSWTCuSHbYYQIzbXTJ0N4dwnT8iwMIYNbnRHUcb/4k00t6xGs
Va+ElZO99cHpkWTC6VP8Xp2kpENv4LJkGq6zcdpi5Xitl8eW0uiSNKRH6Z+9vHPm
KHMRkPIRFUBQCNw7K9Kj5jOWhwHNhrOjRAQLN9UMNu0B/N5J4AmehGujPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNXqjlrtMImlUyc9xLJnsPVMWn9NMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMWVxT1d1MHdpYVZUSnozRXNtZXc5VXhhZjAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQz8MA0G
CSqGSIb3DQEBCwUAA4IBAQBkxtMe9Fybp3RSSagaZPPj4jNY4wzicyA1Jo4xA+LZ
n8+E58ASIu5p7BG1c7+lj2LDIFdvwVByzyEtZKSu44hNK410FkTE60OeD39xfexR
WvCclyleFJ61ZFrjQWExI2sYKperFvUAMEsHQy7J4GVnwIZK75e/iRfAl11JRdfM
Lk4GG1XUkG3yClGx1EPSnxn/qaT6t4R8MrOSVb2dIdiOtnc4wUFHjY2O2bT/d6ue
i0ob5VazV+63dxgBn45QLTNUzLebNHNEmWU+xJ7gpvq8HerWrYuyQ8f2vDLzeXiT
OenL48W41Cy2i3wh/maH11FnVb7mhQyF13jC9AOv1ZBV
-----END CERTIFICATE-----
Generated at Thu Dec 14 16:00:18 2023 by rpki-client on console-fra.rpki-client.org