Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kdxyDhnQ1duOnOOiKy0JzDhMN_o.roa
File: kdxyDhnQ1duOnOOiKy0JzDhMN_o.roa (raw, json)
Hash identifier: 0wqmbupwxNR2TsfPj2AVzXvnPrPL/1FPs5ttw339RG8=
Subject key identifier: 91:DC:72:0E:19:D0:D5:DB:8E:9C:E3:A2:2B:2D:09:CC:38:4C:37:FA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0186E171F7A314FD8A2ECEC9F3E3CBF7B2E7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kdxyDhnQ1duOnOOiKy0JzDhMN_o.roa
Signing time: Tue 14 Mar 2023 18:46:27 +0000
ROA not before: Tue 14 Mar 2023 18:46:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1
IP address blocks: 45.139.100.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e1:71:f7:a3:14:fd:8a:2e:ce:c9:f3:e3:cb:f7:b2:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 14 18:46:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91dc720e19d0d5db8e9ce3a22b2d09cc384c37fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e5:88:7d:91:57:13:70:4a:73:0d:88:b3:65:
60:2f:39:66:14:5f:41:0f:92:ed:2a:dc:08:8d:48:
75:e2:bb:10:94:da:a4:b9:41:42:26:28:e5:f6:c1:
57:e8:2d:f0:8e:4e:7e:3e:9b:71:c2:84:e3:c7:a6:
65:ed:7c:a7:e2:1a:bd:6f:ff:eb:24:54:11:e4:e0:
90:4c:c6:80:e0:6c:c9:00:b5:cc:89:23:2c:80:0a:
ad:19:1c:1e:e2:3d:64:a5:63:99:c5:79:02:85:e6:
54:af:8a:fc:0b:4d:90:ff:9f:ee:18:ab:f1:b2:5d:
07:02:a6:23:bc:cb:89:2c:a9:64:a7:49:72:d2:e8:
23:fd:91:4a:50:51:33:83:1d:68:cc:5b:cd:f9:47:
b2:f5:5b:85:c8:ac:4f:3d:81:a6:50:27:d4:6c:da:
07:39:b6:e3:b6:1f:b0:58:30:dd:ad:00:e8:d6:22:
f5:a8:6c:c0:83:53:10:c9:c1:b1:d2:f0:5f:1a:b4:
5f:84:8d:c1:de:0c:1d:b2:84:62:33:4e:81:6e:27:
c3:27:c9:c1:38:22:52:d3:73:f6:b7:ea:43:01:c5:
92:6a:38:47:5c:28:d8:a8:58:a8:ee:fa:38:fd:88:
75:c8:ee:e8:89:f9:af:bb:5d:38:83:00:fd:3b:02:
e2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:DC:72:0E:19:D0:D5:DB:8E:9C:E3:A2:2B:2D:09:CC:38:4C:37:FA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kdxyDhnQ1duOnOOiKy0JzDhMN_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.100.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:79:ad:33:a2:31:55:e7:da:c2:56:76:ac:17:06:1f:4e:d9:
4c:c3:b1:1a:c0:f2:ac:a8:3a:b0:f8:9f:6b:e5:bc:e0:6d:da:
af:27:f9:11:65:4d:4a:03:48:d5:32:d4:31:40:5e:8f:ed:50:
51:7a:8c:ca:99:eb:92:1c:73:04:e8:ed:da:0c:d2:e2:6b:ff:
94:ee:7c:ff:25:55:6d:f5:d6:6c:0e:27:c4:33:60:34:b8:21:
50:3d:ae:1a:b1:30:d1:d9:46:27:00:8b:ab:db:af:f2:51:89:
2b:aa:77:d6:b0:e9:aa:45:1c:34:56:41:3d:aa:c9:43:2b:f3:
c7:46:2f:80:c4:b9:b6:dd:7a:b2:31:b1:7f:c7:53:ee:71:f0:
df:a3:12:0d:cd:9b:3b:93:62:86:88:18:31:b1:28:2f:fd:c5:
cd:70:8d:6f:49:b9:51:7e:a8:8b:50:69:ff:20:af:71:c3:38:
e3:95:4d:b8:c4:d7:51:bd:79:b1:3b:3c:18:8b:4e:07:22:ae:
45:8e:02:6c:c6:09:9f:31:03:fb:a8:2f:25:ac:b8:fb:0d:cc:
63:84:55:03:8b:30:cb:21:ea:d3:77:11:f1:b6:49:c6:1f:36:
11:22:c9:a3:40:46:8e:16:84:0c:3f:85:41:81:28:9a:59:35:
54:bc:29:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbhcfejFP2KLs7J8+PL97LnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMzE0MTg0NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWRjNzIwZTE5ZDBkNWRiOGU5Y2UzYTIyYjJkMDljYzM4NGMzN2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeWIfZFXE3BKcw2Is2VgLzlmFF9B
D5LtKtwIjUh14rsQlNqkuUFCJijl9sFX6C3wjk5+PptxwoTjx6Zl7Xyn4hq9b//r
JFQR5OCQTMaA4GzJALXMiSMsgAqtGRwe4j1kpWOZxXkCheZUr4r8C02Q/5/uGKvx
sl0HAqYjvMuJLKlkp0ly0ugj/ZFKUFEzgx1ozFvN+Uey9VuFyKxPPYGmUCfUbNoH
Obbjth+wWDDdrQDo1iL1qGzAg1MQycGx0vBfGrRfhI3B3gwdsoRiM06BbifDJ8nB
OCJS03P2t+pDAcWSajhHXCjYqFio7vo4/Yh1yO7oifmvu104gwD9OwLiwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJHccg4Z0NXbjpzjoistCcw4TDf6MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEva2R4eURoblExZHVPbk9PaUt5MEp6RGhNTl9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYtkMA0G
CSqGSIb3DQEBCwUAA4IBAQBfea0zojFV59rCVnasFwYfTtlMw7EawPKsqDqw+J9r
5bzgbdqvJ/kRZU1KA0jVMtQxQF6P7VBReozKmeuSHHME6O3aDNLia/+U7nz/JVVt
9dZsDifEM2A0uCFQPa4asTDR2UYnAIur26/yUYkrqnfWsOmqRRw0VkE9qslDK/PH
Ri+AxLm23XqyMbF/x1PucfDfoxINzZs7k2KGiBgxsSgv/cXNcI1vSblRfqiLUGn/
IK9xwzjjlU24xNdRvXmxOzwYi04HIq5FjgJsxgmfMQP7qC8lrLj7DcxjhFUDizDL
IerTdxHxtknGHzYRIsmjQEaOFoQMP4VBgSiaWTVUvCng
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:17 2024 by rpki-client on console-fra.rpki-client.org