Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/VALH0N-oQOGpEfD2QItkmXD6gQk.roa
File: VALH0N-oQOGpEfD2QItkmXD6gQk.roa (raw, json)
Hash identifier: n7EUZ9fMMqveIRF3lTRuxRRek3qkNkxilSRYzudZU6o=
Subject key identifier: 54:02:C7:D0:DF:A8:40:E1:A9:11:F0:F6:40:8B:64:99:70:FA:81:09
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 0185A2386C7175A328A5ABDAE374C8570AAD
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/VALH0N-oQOGpEfD2QItkmXD6gQk.roa
Signing time: Wed 11 Jan 2023 19:04:44 +0000
ROA not before: Wed 11 Jan 2023 19:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42375
IP address blocks: 45.151.30.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a2:38:6c:71:75:a3:28:a5:ab:da:e3:74:c8:57:0a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Jan 11 19:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5402c7d0dfa840e1a911f0f6408b649970fa8109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:36:43:8d:39:72:b0:98:b4:fb:a1:4b:0c:7a:
5b:72:c2:f6:ff:46:9e:f8:0f:1e:3e:fc:e2:f1:9c:
47:c8:d5:cc:77:07:82:72:b1:7b:a6:d1:ee:11:2c:
c7:dd:1d:4f:32:e7:0e:b3:dd:55:d3:05:5b:4e:5d:
54:e0:f0:42:b9:b9:63:83:02:66:6a:09:f5:c9:d7:
33:1f:90:79:0a:a0:96:5e:77:1b:1a:f0:7b:35:63:
0d:9c:c7:f6:bf:4e:f3:b6:5a:ee:f5:ce:15:85:37:
80:dc:d8:cd:7b:75:66:29:22:a5:65:7d:ce:67:f8:
b1:39:e8:00:81:41:59:65:50:b4:52:cf:cc:ca:25:
52:35:47:4f:57:61:56:8a:3d:41:95:e5:f4:bb:cb:
64:e6:8f:24:c4:d8:64:80:7f:44:fb:3c:61:70:f2:
4d:97:f4:3c:6a:09:a6:a9:5c:df:34:43:fb:38:c2:
0a:d1:29:4d:31:61:2c:c6:5b:76:a6:35:ae:29:23:
5b:1f:d2:a5:20:0d:a7:ad:d5:56:ac:12:f6:88:80:
03:27:ca:0f:84:59:85:f5:e9:17:5e:6d:09:37:0e:
64:d1:d0:b3:63:4e:bf:bc:92:35:25:2f:7d:b9:d9:
9a:36:92:35:74:44:9c:8c:ef:91:50:9e:a8:62:96:
67:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:02:C7:D0:DF:A8:40:E1:A9:11:F0:F6:40:8B:64:99:70:FA:81:09
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/VALH0N-oQOGpEfD2QItkmXD6gQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.30.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:92:b7:bb:b1:ef:ee:9a:20:31:e2:3a:8b:a0:5a:a4:ca:0d:
e4:92:31:69:b2:0c:95:bc:4b:c5:d3:b4:09:39:d8:0c:c9:87:
7b:41:be:43:62:89:a0:fd:48:cd:bc:ec:28:2d:c2:df:ac:ca:
ba:ab:bd:f3:40:d9:f8:b2:a0:67:c8:c5:bd:0a:8b:b1:05:c1:
e9:03:60:f5:62:5b:ab:be:34:ab:65:a0:2c:66:65:9d:03:d9:
8f:7e:31:e7:25:84:86:e6:9d:0a:d1:8a:ea:61:04:cf:0d:fa:
a4:00:07:29:d0:ff:65:4e:03:39:ae:96:5a:b6:44:98:41:1b:
87:32:79:48:87:0e:53:a6:71:4b:45:d5:0c:b0:9b:25:ec:47:
38:ef:79:4c:02:57:07:ca:39:59:f6:85:17:5f:67:64:ee:37:
0e:93:4e:8d:54:b3:b6:be:0e:75:01:44:82:e8:ff:a5:f6:d8:
36:d9:90:23:b5:a8:0c:c9:00:a2:83:be:71:35:61:78:9e:41:
4d:da:11:6e:7c:8b:b2:88:41:38:ce:bb:87:c5:e9:8d:6e:2b:
8b:43:72:9b:09:2c:58:fe:dd:dc:52:3a:5f:09:d6:27:5b:85:
33:0c:d4:11:2a:36:f5:5b:7d:65:a0:b5:b5:20:65:75:ad:1e:
50:b1:35:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWiOGxxdaMopava43TIVwqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjMwMTExMTkwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDAyYzdkMGRmYTg0MGUxYTkxMWYwZjY0MDhiNjQ5OTcwZmE4MTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjZDjTlysJi0+6FLDHpbcsL2/0ae
+A8ePvzi8ZxHyNXMdweCcrF7ptHuESzH3R1PMucOs91V0wVbTl1U4PBCubljgwJm
agn1ydczH5B5CqCWXncbGvB7NWMNnMf2v07ztlru9c4VhTeA3NjNe3VmKSKlZX3O
Z/ixOegAgUFZZVC0Us/MyiVSNUdPV2FWij1BleX0u8tk5o8kxNhkgH9E+zxhcPJN
l/Q8agmmqVzfNEP7OMIK0SlNMWEsxlt2pjWuKSNbH9KlIA2nrdVWrBL2iIADJ8oP
hFmF9ekXXm0JNw5k0dCzY06/vJI1JS99udmaNpI1dEScjO+RUJ6oYpZnewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFQCx9DfqEDhqRHw9kCLZJlw+oEJMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvVkFMSDBOLW9RT0dwRWZEMlFJdGttWEQ2Z1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZceMA0G
CSqGSIb3DQEBCwUAA4IBAQAPkre7se/umiAx4jqLoFqkyg3kkjFpsgyVvEvF07QJ
OdgMyYd7Qb5DYomg/UjNvOwoLcLfrMq6q73zQNn4sqBnyMW9CouxBcHpA2D1Ylur
vjSrZaAsZmWdA9mPfjHnJYSG5p0K0YrqYQTPDfqkAAcp0P9lTgM5rpZatkSYQRuH
MnlIhw5TpnFLRdUMsJsl7Ec473lMAlcHyjlZ9oUXX2dk7jcOk06NVLO2vg51AUSC
6P+l9tg22ZAjtagMyQCig75xNWF4nkFN2hFufIuyiEE4zruHxemNbiuLQ3KbCSxY
/t3cUjpfCdYnW4UzDNQRKjb1W31loLW1IGV1rR5QsTXb
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:02 2025 by rpki-client