Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/s1nPE_DaCF3ueIIixfkhclf3Jxc.roa
File: s1nPE_DaCF3ueIIixfkhclf3Jxc.roa (raw, json)
Hash identifier: 72wD2EmcBSeFu4UBifViUrv8Yn4xkO8tw/7gX7FIal8=
Subject key identifier: B3:59:CF:13:F0:DA:08:5D:EE:78:82:22:C5:F9:21:72:57:F7:27:17
Certificate issuer: /CN=145ceb292089e0df75719db3e96c509754f94837
Certificate serial: 01856D4AAA702306B3EEF097B239A0EB27B3
Authority key identifier: 14:5C:EB:29:20:89:E0:DF:75:71:9D:B3:E9:6C:50:97:54:F9:48:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/s1nPE_DaCF3ueIIixfkhclf3Jxc.roa
Signing time: Sun 01 Jan 2023 12:24:47 +0000
ROA not before: Sun 01 Jan 2023 12:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205122
IP address blocks: 45.92.52.0/24 maxlen: 24
45.92.53.0/24 maxlen: 24
45.92.52.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:aa:70:23:06:b3:ee:f0:97:b2:39:a0:eb:27:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=145ceb292089e0df75719db3e96c509754f94837
Validity
Not Before: Jan 1 12:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b359cf13f0da085dee788222c5f9217257f72717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:7c:2b:a8:e5:e7:3c:f6:42:48:fc:2e:66:e1:
0a:a0:f5:2a:6a:72:d3:a6:fb:52:39:78:1f:2b:ae:
d2:64:2a:e2:7c:55:77:3d:13:82:7a:68:1b:19:e2:
9a:dc:e9:58:0b:c6:e6:75:71:ea:46:2c:5d:0a:e2:
fc:75:0b:b7:71:26:98:12:53:62:3f:fa:dd:a0:1c:
e5:c8:58:b7:a9:9d:52:0c:bc:57:90:28:57:01:81:
e6:b6:8e:5a:82:02:0e:9c:28:d1:ee:88:8c:f5:00:
fa:9e:5f:79:2e:0e:ec:b3:4f:0b:7f:e6:a8:28:3a:
c4:ac:eb:f7:92:53:de:54:52:81:d0:61:53:fb:93:
d0:73:b7:21:bc:50:bd:97:dc:ff:c1:2d:e9:3b:c3:
6f:c2:ee:33:98:d3:ca:90:5f:93:72:c2:dd:d1:5a:
3c:b3:2b:98:96:01:79:8a:ee:41:c4:c7:4c:2e:af:
9b:ec:57:5b:e1:fb:a6:72:1b:30:ed:48:11:0c:5a:
b7:c1:d9:c0:c9:28:f4:33:61:18:bd:30:39:f4:05:
08:df:5a:a2:9f:b8:e4:15:00:d6:8c:e3:40:9d:42:
bb:0a:ac:3a:f2:48:71:7c:28:d7:c9:4c:30:c2:05:
e0:88:ef:da:1c:27:e6:92:36:0d:91:f7:ea:9e:00:
48:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:59:CF:13:F0:DA:08:5D:EE:78:82:22:C5:F9:21:72:57:F7:27:17
X509v3 Authority Key Identifier:
keyid:14:5C:EB:29:20:89:E0:DF:75:71:9D:B3:E9:6C:50:97:54:F9:48:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/s1nPE_DaCF3ueIIixfkhclf3Jxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.52.0/22
Signature Algorithm: sha256WithRSAEncryption
39:55:30:4c:fe:bd:04:2a:99:df:04:92:68:b0:41:f5:94:36:
7f:39:fd:d9:dc:41:2e:f0:0c:7c:7f:53:61:5d:af:2b:e6:68:
30:e4:9e:b5:96:9b:7a:10:0d:44:c0:74:7f:25:88:2c:09:c6:
cb:1d:58:db:34:3d:92:45:5d:57:52:46:74:51:56:7e:fc:a0:
2b:15:01:c6:50:fd:af:12:16:1c:4d:a9:ac:25:72:a3:9f:2e:
ef:ab:60:bb:47:7e:00:52:d6:18:b0:7c:79:b1:8c:37:95:54:
c2:c7:9e:1f:29:55:2d:dd:90:e9:b0:71:fb:54:5e:02:11:17:
5b:40:4e:46:5b:94:ad:34:50:2d:e0:2b:a0:cf:6f:e5:d7:fc:
6e:6a:59:9e:67:eb:a5:88:8e:40:68:4a:4f:c5:a5:f3:cc:38:
36:ad:ee:81:83:54:f5:fa:66:49:6b:0f:97:ec:81:ba:14:a0:
15:81:c5:f7:84:8c:d5:c8:8a:f1:54:33:e2:c0:4f:37:d7:9a:
e0:15:10:79:54:87:07:9c:06:65:58:89:d3:75:cc:a2:18:cd:
7f:03:f1:37:96:b1:32:e2:a8:ed:98:38:bc:fb:13:37:c2:80:
c7:ce:e5:12:08:74:37:27:05:1d:b6:43:6d:e0:7b:14:8c:6e:
e9:9e:b6:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtSqpwIwaz7vCXsjmg6yezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NWNlYjI5MjA4OWUwZGY3NTcxOWRiM2U5NmM1MDk3NTRm
OTQ4MzcwHhcNMjMwMTAxMTIyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzU5Y2YxM2YwZGEwODVkZWU3ODgyMjJjNWY5MjE3MjU3ZjcyNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnwrqOXnPPZCSPwuZuEKoPUqanLT
pvtSOXgfK67SZCrifFV3PROCemgbGeKa3OlYC8bmdXHqRixdCuL8dQu3cSaYElNi
P/rdoBzlyFi3qZ1SDLxXkChXAYHmto5aggIOnCjR7oiM9QD6nl95Lg7ss08Lf+ao
KDrErOv3klPeVFKB0GFT+5PQc7chvFC9l9z/wS3pO8Nvwu4zmNPKkF+TcsLd0Vo8
syuYlgF5iu5BxMdMLq+b7Fdb4fumchsw7UgRDFq3wdnAySj0M2EYvTA59AUI31qi
n7jkFQDWjONAnUK7Cqw68khxfCjXyUwwwgXgiO/aHCfmkjYNkffqngBIjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLNZzxPw2ghd7niCIsX5IXJX9ycXMB8GA1UdIwQY
MBaAFBRc6ykgieDfdXGds+lsUJdU+Ug3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkZ6cktTQ0o0TjkxY1oyejZXeFFsMVQ1U0RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9jNzFmZGUtM2VmMi00YmY3LTg2NDEt
MTI3MTljMjYxY2MwLzEvczFuUEVfRGFDRjN1ZUlJaXhma2hjbGYzSnhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9jNzFmZGUtM2VmMi00YmY3LTg2NDEtMTI3MTljMjYxY2Mw
LzEvRkZ6cktTQ0o0TjkxY1oyejZXeFFsMVQ1U0RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVw0MA0G
CSqGSIb3DQEBCwUAA4IBAQA5VTBM/r0EKpnfBJJosEH1lDZ/Of3Z3EEu8Ax8f1Nh
Xa8r5mgw5J61lpt6EA1EwHR/JYgsCcbLHVjbND2SRV1XUkZ0UVZ+/KArFQHGUP2v
EhYcTamsJXKjny7vq2C7R34AUtYYsHx5sYw3lVTCx54fKVUt3ZDpsHH7VF4CERdb
QE5GW5StNFAt4Cugz2/l1/xualmeZ+uliI5AaEpPxaXzzDg2re6Bg1T1+mZJaw+X
7IG6FKAVgcX3hIzVyIrxVDPiwE8315rgFRB5VIcHnAZlWInTdcyiGM1/A/E3lrEy
4qjtmDi8+xM3woDHzuUSCHQ3JwUdtkNt4HsUjG7pnrbT
-----END CERTIFICATE-----
Generated at Wed Dec 27 16:05:47 2023 by rpki-client on console-ams.rpki-client.org