Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dlI9QRyIRYBfjzJRPf7PQ1AwGso.roa
File: dlI9QRyIRYBfjzJRPf7PQ1AwGso.roa (raw, json)
Hash identifier: faCed5VkGcm75v4FCfrUu2dG5oPWnHA+s8AXcUo/SD0=
Subject key identifier: 76:52:3D:41:1C:88:45:80:5F:8F:32:51:3D:FE:CF:43:50:30:1A:CA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187B5AE26C8BF4FBE87B41FBA2800182BFB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dlI9QRyIRYBfjzJRPf7PQ1AwGso.roa
Signing time: Mon 24 Apr 2023 23:51:41 +0000
ROA not before: Mon 24 Apr 2023 23:51:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1
IP address blocks: 45.139.100.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b5:ae:26:c8:bf:4f:be:87:b4:1f:ba:28:00:18:2b:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 24 23:51:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76523d411c8845805f8f32513dfecf4350301aca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b4:95:66:5c:26:76:20:e7:a5:fe:ac:d1:19:
f5:f7:4c:ea:8f:1f:d1:32:77:96:a3:92:b2:5e:03:
90:8f:2f:b4:96:c4:db:8e:cc:9e:5e:08:3e:b5:db:
d8:3c:ec:07:e7:a4:49:c4:d4:d1:b3:a9:ab:3e:e3:
b4:f8:09:e0:1f:b0:20:e8:57:aa:34:23:36:bd:3b:
74:92:83:34:d1:d6:9a:5f:6a:97:45:0a:82:49:5c:
d9:ef:cb:8c:ce:fe:40:c4:06:eb:9c:87:46:04:58:
b7:29:7a:52:7d:b5:a1:03:84:53:e5:0b:46:aa:42:
b7:05:68:66:d0:e7:7b:c1:ab:64:4e:37:e9:80:42:
2e:17:5f:28:54:cf:2c:d3:6c:55:45:cd:73:91:97:
96:43:b4:a4:67:f8:8c:11:f5:5b:5a:56:98:58:9d:
2d:57:f5:7e:ab:a5:3d:51:01:1e:62:13:f2:f5:c9:
06:9d:d8:6a:f3:7a:7b:ba:67:c3:83:3c:0f:be:68:
b5:a3:c0:9d:2d:5b:5f:c1:5c:9c:b7:13:06:35:4c:
85:2f:06:a0:82:77:14:b4:f1:60:bd:93:97:18:f9:
16:44:8c:4e:7e:b6:85:73:ce:1f:e8:16:33:ed:89:
01:39:2f:1f:be:eb:11:9b:b5:27:73:b8:e1:fe:7f:
22:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:52:3D:41:1C:88:45:80:5F:8F:32:51:3D:FE:CF:43:50:30:1A:CA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dlI9QRyIRYBfjzJRPf7PQ1AwGso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.100.0/22
Signature Algorithm: sha256WithRSAEncryption
67:98:ca:88:c1:f0:c9:12:2a:c7:fb:c0:2c:3e:07:d2:8a:76:
c5:aa:aa:2e:fa:b5:7f:d0:71:2d:7f:6b:4f:84:64:6e:e1:68:
d1:a3:08:50:e8:bc:d2:14:1e:44:a1:06:44:4c:3a:37:bf:0c:
14:49:6a:79:5c:2a:1d:96:75:b4:32:8f:68:d2:fc:02:ae:ca:
b0:70:26:cc:5f:41:a7:bd:d7:07:4b:d2:1e:95:3a:0f:3e:a1:
5d:29:5c:8e:76:b8:94:c8:cc:18:7b:59:92:55:59:ce:40:9b:
17:43:fd:76:6c:3b:28:09:62:31:b0:25:d2:30:43:5d:78:3c:
b2:4c:b2:e3:21:86:4a:7c:4d:5d:46:17:45:ee:a1:fe:30:9f:
ce:47:dd:a8:46:a5:6c:d3:6f:30:e3:06:54:f9:b4:16:41:73:
d6:bb:58:4e:c9:67:df:51:1d:bd:fa:fc:a1:32:c0:57:cf:81:
db:a7:5c:a0:6a:16:fc:31:29:36:a2:1c:e5:1a:18:4c:09:09:
59:4a:6a:89:66:08:49:ed:02:10:c2:d3:d2:f2:ef:ca:de:96:
44:f7:dc:01:ce:20:4a:8c:f6:d5:41:f8:31:4f:40:d5:91:35:
d1:fe:61:5b:48:29:a6:5b:c7:d0:53:21:b7:ca:01:51:5f:37:
a5:7b:bf:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe1ribIv0++h7QfuigAGCv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDI0MjM1MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjUyM2Q0MTFjODg0NTgwNWY4ZjMyNTEzZGZlY2Y0MzUwMzAxYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLSVZlwmdiDnpf6s0Rn190zqjx/R
MneWo5KyXgOQjy+0lsTbjsyeXgg+tdvYPOwH56RJxNTRs6mrPuO0+AngH7Ag6Feq
NCM2vTt0koM00daaX2qXRQqCSVzZ78uMzv5AxAbrnIdGBFi3KXpSfbWhA4RT5QtG
qkK3BWhm0Od7watkTjfpgEIuF18oVM8s02xVRc1zkZeWQ7SkZ/iMEfVbWlaYWJ0t
V/V+q6U9UQEeYhPy9ckGndhq83p7umfDgzwPvmi1o8CdLVtfwVyctxMGNUyFLwag
gncUtPFgvZOXGPkWRIxOfraFc84f6BYz7YkBOS8fvusRm7Unc7jh/n8i1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZSPUEciEWAX48yUT3+z0NQMBrKMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZGxJOVFSeUlSWUJmanpKUlBmN1BRMUF3R3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYtkMA0G
CSqGSIb3DQEBCwUAA4IBAQBnmMqIwfDJEirH+8AsPgfSinbFqqou+rV/0HEtf2tP
hGRu4WjRowhQ6LzSFB5EoQZETDo3vwwUSWp5XCodlnW0Mo9o0vwCrsqwcCbMX0Gn
vdcHS9IelToPPqFdKVyOdriUyMwYe1mSVVnOQJsXQ/12bDsoCWIxsCXSMENdeDyy
TLLjIYZKfE1dRhdF7qH+MJ/OR92oRqVs028w4wZU+bQWQXPWu1hOyWffUR29+vyh
MsBXz4Hbp1ygahb8MSk2ohzlGhhMCQlZSmqJZghJ7QIQwtPS8u/K3pZE99wBziBK
jPbVQfgxT0DVkTXR/mFbSCmmW8fQUyG3ygFRXzele78H
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:15 2024 by rpki-client on console-fra.rpki-client.org