Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/Dak4KtFx0h5JT9LUY5AqW4cY_o4.roa
File: Dak4KtFx0h5JT9LUY5AqW4cY_o4.roa (raw, json)
Hash identifier: iIuZ+iYCaYua3JLVXP0hizCCjvRerQo7JXsNN2mkRaE=
Subject key identifier: 0D:A9:38:2A:D1:71:D2:1E:49:4F:D2:D4:63:90:2A:5B:87:18:FE:8E
Certificate issuer: /CN=39f086ca6211bb95d0643089c7da576fe67c2152
Certificate serial: 4D415C
Authority key identifier: 39:F0:86:CA:62:11:BB:95:D0:64:30:89:C7:DA:57:6F:E6:7C:21:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfCGymIRu5XQZDCJx9pXb-Z8IVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/Dak4KtFx0h5JT9LUY5AqW4cY_o4.roa
Signing time: Sat 30 Apr 2022 08:47:41 +0000
ROA not before: Sat 30 Apr 2022 08:47:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60840
IP address blocks: 45.150.25.0/24 maxlen: 24
45.150.27.0/24 maxlen: 24
45.150.26.0/24 maxlen: 24
45.150.24.0/24 maxlen: 24
45.150.24.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5063004 (0x4d415c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f086ca6211bb95d0643089c7da576fe67c2152
Validity
Not Before: Apr 30 08:47:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0da9382ad171d21e494fd2d463902a5b8718fe8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:29:a7:0b:b1:d8:1e:5d:e3:17:ec:b9:76:aa:
95:a6:1d:cf:70:f7:34:53:0e:1f:39:d1:8d:ab:4b:
a6:a4:9a:cc:86:44:b0:95:27:78:84:3a:d7:d4:31:
ad:d3:18:32:a9:df:c7:4c:e3:a9:08:2b:42:36:05:
07:cd:7c:54:98:4f:12:27:52:7e:14:60:a3:12:b4:
be:69:a4:37:09:d2:38:01:e0:70:84:5d:95:d5:10:
99:46:af:8a:0d:9a:c7:4d:1c:6b:82:3a:bb:1e:64:
1c:27:a7:3e:a9:4e:4f:a0:78:68:3e:da:80:c6:97:
3d:06:79:dd:63:60:a7:98:e6:70:1b:4e:8a:bb:4d:
8d:19:4b:8e:d4:1f:35:28:b8:30:6f:7b:38:08:11:
f2:55:6f:1b:6d:c6:65:28:87:4d:45:c7:72:4e:c8:
d7:7b:55:75:eb:d8:5d:a7:91:42:72:29:d4:48:d4:
cb:c1:d6:c5:f1:bf:65:2f:b0:1c:be:e0:84:f9:2a:
7c:df:57:37:91:98:5d:01:ee:fc:32:49:39:84:2f:
50:35:de:93:1b:81:41:18:06:33:66:a0:13:8c:83:
30:50:3e:42:90:90:0a:97:b5:a2:d6:ea:9d:2f:88:
89:37:73:b0:c2:fc:20:59:9e:ea:a0:e8:78:84:19:
b1:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:A9:38:2A:D1:71:D2:1E:49:4F:D2:D4:63:90:2A:5B:87:18:FE:8E
X509v3 Authority Key Identifier:
keyid:39:F0:86:CA:62:11:BB:95:D0:64:30:89:C7:DA:57:6F:E6:7C:21:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfCGymIRu5XQZDCJx9pXb-Z8IVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/Dak4KtFx0h5JT9LUY5AqW4cY_o4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/OfCGymIRu5XQZDCJx9pXb-Z8IVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.24.0/22
Signature Algorithm: sha256WithRSAEncryption
12:29:9f:f9:33:e0:ae:06:20:b2:c4:5f:9e:c5:35:7c:1e:14:
b2:d2:25:f4:70:bc:19:10:20:43:ad:c1:b7:ce:0b:c1:59:6a:
bb:78:b7:1e:95:74:06:d0:80:1a:71:d1:c4:2e:38:82:11:fd:
8b:04:3a:52:e8:7b:84:da:bd:20:a8:bc:7f:2a:33:f1:dd:d7:
1f:e9:51:ce:a1:c0:37:ce:48:9d:d8:25:83:07:a8:d2:be:db:
b3:56:4d:46:a2:24:bb:1f:25:27:66:a9:b8:dd:b7:9f:21:5a:
db:c3:53:9e:be:5c:be:06:5c:92:d4:0d:40:20:1e:f7:b2:16:
da:7b:6a:59:63:7a:30:dd:bd:49:f5:94:0a:c5:e0:7f:47:ea:
02:29:19:a2:cc:92:3d:1f:01:06:9c:86:e6:43:20:49:a5:43:
91:21:78:4c:aa:a4:59:af:f7:7d:08:f3:db:86:dc:76:d2:c4:
49:2d:63:9f:9c:4a:a3:44:8f:5b:d2:00:bf:9e:0a:c1:ed:2c:
e5:5c:78:1e:0e:0a:7c:45:8a:82:8e:dd:8a:bf:dd:1a:78:a7:
7b:ef:5d:91:10:cf:41:65:59:99:8d:41:24:62:3a:19:4d:33:
e8:a5:ec:0f:a8:b2:5a:93:8f:d0:8a:c7:f8:fd:9d:15:39:1e:
71:4e:05:e5
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDTUFcMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM5
ZjA4NmNhNjIxMWJiOTVkMDY0MzA4OWM3ZGE1NzZmZTY3YzIxNTIwHhcNMjIwNDMw
MDg0NzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwZGE5MzgyYWQxNzFk
MjFlNDk0ZmQyZDQ2MzkwMmE1Yjg3MThmZThlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqimnC7HYHl3jF+y5dqqVph3PcPc0Uw4fOdGNq0umpJrMhkSw
lSd4hDrX1DGt0xgyqd/HTOOpCCtCNgUHzXxUmE8SJ1J+FGCjErS+aaQ3CdI4AeBw
hF2V1RCZRq+KDZrHTRxrgjq7HmQcJ6c+qU5PoHhoPtqAxpc9BnndY2CnmOZwG06K
u02NGUuO1B81KLgwb3s4CBHyVW8bbcZlKIdNRcdyTsjXe1V169hdp5FCcinUSNTL
wdbF8b9lL7AcvuCE+Sp831c3kZhdAe78Mkk5hC9QNd6TG4FBGAYzZqATjIMwUD5C
kJAKl7Wi1uqdL4iJN3OwwvwgWZ7qoOh4hBmxqwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFA2pOCrRcdIeSU/S1GOQKluHGP6OMB8GA1UdIwQYMBaAFDnwhspiEbuV0GQw
icfaV2/mfCFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
T2ZDR3ltSVJ1NVhRWkRDSng5cFhiLVo4SVZJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wZS8wZDY0ZTItZTJkYS00NjhhLThmN2QtN2ZlMzI4NTcxOTM4LzEv
RGFrNEt0RngwaDVKVDlMVVk1QXFXNGNZX280LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8w
ZDY0ZTItZTJkYS00NjhhLThmN2QtN2ZlMzI4NTcxOTM4LzEvT2ZDR3ltSVJ1NVhR
WkRDSng5cFhiLVo4SVZJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZYYMA0GCSqGSIb3DQEBCwUAA4IB
AQASKZ/5M+CuBiCyxF+exTV8HhSy0iX0cLwZECBDrcG3zgvBWWq7eLcelXQG0IAa
cdHELjiCEf2LBDpS6HuE2r0gqLx/KjPx3dcf6VHOocA3zkid2CWDB6jSvtuzVk1G
oiS7HyUnZqm43befIVrbw1Oevly+BlyS1A1AIB73shbae2pZY3ow3b1J9ZQKxeB/
R+oCKRmizJI9HwEGnIbmQyBJpUORIXhMqqRZr/d9CPPbhtx20sRJLWOfnEqjRI9b
0gC/ngrB7SzlXHgeDgp8RYqCjt2Kv90aeKd7712REM9BZVmZjUEkYjoZTTPopewP
qLJak4/Qisf4/Z0VOR5xTgXl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:46 2024 by rpki-client on console-ams.rpki-client.org