Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/HaoIZKrd2ngDO-LAbmkFtMPcTUQ.roa
File: HaoIZKrd2ngDO-LAbmkFtMPcTUQ.roa (raw, json)
Hash identifier: QiVyuk/Rzc1Aj7E4A31iGMTNmVTwvxmJ4ackHPFMHbk=
Subject key identifier: 1D:AA:08:64:AA:DD:DA:78:03:3B:E2:C0:6E:69:05:B4:C3:DC:4D:44
Certificate issuer: /CN=39f086ca6211bb95d0643089c7da576fe67c2152
Certificate serial: 22B8DF
Authority key identifier: 39:F0:86:CA:62:11:BB:95:D0:64:30:89:C7:DA:57:6F:E6:7C:21:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfCGymIRu5XQZDCJx9pXb-Z8IVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/HaoIZKrd2ngDO-LAbmkFtMPcTUQ.roa
Signing time: Tue 12 Apr 2022 13:28:26 +0000
ROA not before: Tue 12 Apr 2022 13:28:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60840
IP address blocks: 45.150.24.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2275551 (0x22b8df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f086ca6211bb95d0643089c7da576fe67c2152
Validity
Not Before: Apr 12 13:28:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1daa0864aaddda78033be2c06e6905b4c3dc4d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:eb:b8:92:6b:45:9c:79:ad:1a:f6:ec:07:d9:
ef:6f:6b:a0:ea:3d:27:9e:a3:20:d1:50:7f:31:e1:
b5:07:67:52:04:2b:50:3c:59:d2:ec:f8:8d:b3:8a:
35:c1:7f:13:fa:57:53:f5:e8:be:64:5a:11:83:9b:
cb:f0:79:a4:a7:69:eb:52:32:50:f9:52:5e:e8:63:
10:84:93:31:64:da:bc:00:09:c6:19:98:fc:78:28:
7b:9c:1e:eb:9a:f7:c8:c6:f4:c4:16:25:63:13:0a:
f7:63:2c:e2:b0:6e:dd:35:42:59:d6:60:13:80:87:
68:0d:f6:4e:f0:b2:f8:e3:35:68:e0:20:07:04:07:
e2:79:6a:6a:e9:b9:f2:90:7f:3d:61:67:5e:92:9a:
c4:2b:4c:7d:71:ff:d8:71:71:ad:e8:97:55:21:19:
73:97:d0:cf:a1:26:79:8f:39:33:7a:b5:3b:0a:34:
ab:81:74:62:92:f8:82:91:de:8c:ec:94:9c:ad:bf:
66:33:ee:fc:31:d0:40:e4:40:e0:18:1a:7c:fd:47:
7b:c9:46:04:b6:ff:b5:e6:28:eb:e1:66:d0:23:67:
0c:0b:c1:9a:a9:c7:b9:b7:99:e2:f2:46:35:e6:3a:
ee:38:1d:28:53:41:82:85:f3:77:05:54:c6:19:14:
f2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AA:08:64:AA:DD:DA:78:03:3B:E2:C0:6E:69:05:B4:C3:DC:4D:44
X509v3 Authority Key Identifier:
keyid:39:F0:86:CA:62:11:BB:95:D0:64:30:89:C7:DA:57:6F:E6:7C:21:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfCGymIRu5XQZDCJx9pXb-Z8IVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/HaoIZKrd2ngDO-LAbmkFtMPcTUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/OfCGymIRu5XQZDCJx9pXb-Z8IVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.24.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:89:c9:ef:5c:96:68:14:82:9d:10:bf:38:a6:db:da:3f:f8:
5c:77:00:8c:5e:6c:ab:68:34:14:38:9e:a0:13:bc:4f:01:6b:
ea:a1:26:23:ff:34:aa:ea:a4:0f:82:11:7a:c2:1a:2a:49:0f:
fd:82:2b:1d:9e:fe:bf:5c:56:bd:5c:84:db:d9:cb:b5:1d:1d:
a6:8f:4d:3f:cf:08:31:59:4b:c1:d7:2c:04:90:ac:cb:70:fc:
34:fd:86:61:93:b2:d6:db:e4:9e:7c:8e:4a:fd:d8:f5:c5:60:
90:cb:30:ba:02:9b:c7:7a:d9:b4:d0:f6:19:f9:c9:29:b5:3f:
aa:fd:78:ff:55:22:d5:35:c5:f6:bf:90:a0:67:31:9c:3f:45:
35:b6:a6:0a:3e:64:3b:bd:a2:d0:5d:53:2e:55:4c:c7:ca:3a:
ca:9d:6c:f9:05:46:84:6e:7e:8b:d8:9f:2a:4a:30:d3:36:80:
73:45:2e:a9:02:47:a9:7d:46:e4:2b:7c:82:88:55:72:c4:43:
31:b8:dd:a3:bf:e5:a5:4c:6b:77:12:01:55:4b:87:77:69:32:
f7:86:09:7b:b6:8f:b2:d8:67:ce:e0:ec:a0:ca:0b:ad:66:3b:
5b:96:eb:8a:40:06:e3:2f:c5:4b:14:b8:b9:ba:bc:e7:e5:ac:
3c:f0:30:c9
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDIrjfMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDM5
ZjA4NmNhNjIxMWJiOTVkMDY0MzA4OWM3ZGE1NzZmZTY3YzIxNTIwHhcNMjIwNDEy
MTMyODI2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxZGFhMDg2NGFhZGRk
YTc4MDMzYmUyYzA2ZTY5MDViNGMzZGM0ZDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzOu4kmtFnHmtGvbsB9nvb2ug6j0nnqMg0VB/MeG1B2dSBCtQ
PFnS7PiNs4o1wX8T+ldT9ei+ZFoRg5vL8Hmkp2nrUjJQ+VJe6GMQhJMxZNq8AAnG
GZj8eCh7nB7rmvfIxvTEFiVjEwr3YyzisG7dNUJZ1mATgIdoDfZO8LL44zVo4CAH
BAfieWpq6bnykH89YWdekprEK0x9cf/YcXGt6JdVIRlzl9DPoSZ5jzkzerU7CjSr
gXRikviCkd6M7JScrb9mM+78MdBA5EDgGBp8/Ud7yUYEtv+15ijr4WbQI2cMC8Ga
qce5t5ni8kY15jruOB0oU0GChfN3BVTGGRTy0wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFB2qCGSq3dp4AzviwG5pBbTD3E1EMB8GA1UdIwQYMBaAFDnwhspiEbuV0GQw
icfaV2/mfCFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
T2ZDR3ltSVJ1NVhRWkRDSng5cFhiLVo4SVZJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wZS8wZDY0ZTItZTJkYS00NjhhLThmN2QtN2ZlMzI4NTcxOTM4LzEv
SGFvSVpLcmQybmdETy1MQWJta0Z0TVBjVFVRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8w
ZDY0ZTItZTJkYS00NjhhLThmN2QtN2ZlMzI4NTcxOTM4LzEvT2ZDR3ltSVJ1NVhR
WkRDSng5cFhiLVo4SVZJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZYYMA0GCSqGSIb3DQEBCwUAA4IB
AQAticnvXJZoFIKdEL84ptvaP/hcdwCMXmyraDQUOJ6gE7xPAWvqoSYj/zSq6qQP
ghF6whoqSQ/9gisdnv6/XFa9XITb2cu1HR2mj00/zwgxWUvB1ywEkKzLcPw0/YZh
k7LW2+SefI5K/dj1xWCQyzC6ApvHetm00PYZ+ckptT+q/Xj/VSLVNcX2v5CgZzGc
P0U1tqYKPmQ7vaLQXVMuVUzHyjrKnWz5BUaEbn6L2J8qSjDTNoBzRS6pAkepfUbk
K3yCiFVyxEMxuN2jv+WlTGt3EgFVS4d3aTL3hgl7to+y2GfO4OygygutZjtbluuK
QAbjL8VLFLi5urzn5aw88DDJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:44 2023 by rpki-client on console-fra.rpki-client.org