Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/PFQxUp0toBg7wptUMAYxemMHdIE.roa
File: PFQxUp0toBg7wptUMAYxemMHdIE.roa (raw, json)
Hash identifier: QmTlUkERnUriYchmm/EdxrmyutGo0sHdfb+G+UDIuEg=
Subject key identifier: 3C:54:31:52:9D:2D:A0:18:3B:C2:9B:54:30:06:31:7A:63:07:74:81
Certificate issuer: /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial: 018CC64B652CDD1755AACE6DF873E3D482FD
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/PFQxUp0toBg7wptUMAYxemMHdIE.roa
Signing time: Mon 01 Jan 2024 18:31:19 +0000
ROA not before: Mon 01 Jan 2024 18:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32181
IP address blocks: 45.153.125.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:65:2c:dd:17:55:aa:ce:6d:f8:73:e3:d4:82:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Validity
Not Before: Jan 1 18:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c5431529d2da0183bc29b543006317a63077481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a2:07:03:4d:74:0c:6e:de:74:23:60:bd:80:
92:57:2e:77:38:7f:e7:84:86:5d:4b:76:e7:47:8c:
dd:94:f5:da:fe:fb:a5:69:d8:20:b6:d1:1f:5e:08:
3b:17:ca:ae:1f:b3:08:bc:cc:d5:5d:71:81:73:a8:
8a:5b:e0:9f:06:55:71:b4:4e:83:13:90:ba:a5:b5:
b6:cd:4d:03:a3:a9:38:24:44:8c:b4:bd:77:4c:03:
c2:4d:f7:09:74:6b:23:90:95:c5:fb:58:df:37:85:
64:17:2b:08:75:2c:df:30:9a:5f:43:e7:c6:e4:0d:
06:a8:17:c4:3c:13:93:8b:ac:19:cc:72:42:96:dc:
d1:68:41:aa:fb:28:d9:e9:e2:62:8e:5b:16:50:14:
cc:d5:2a:81:8a:e2:7c:4d:f9:75:b2:95:5a:91:4a:
7a:b4:41:04:70:48:a9:29:90:e4:62:48:45:12:d8:
9a:57:69:87:bd:c5:f0:6a:81:0c:61:02:13:af:e3:
d6:ad:6e:de:fd:1d:14:89:14:06:eb:84:e9:3f:d8:
79:51:2d:3b:7b:3f:35:5d:88:3a:de:ca:5e:c2:08:
38:a0:23:2e:e6:b1:17:da:2b:fc:07:c5:0f:ae:f6:
7f:05:bd:6f:0f:87:48:04:6c:a3:78:7d:6b:1a:b4:
0d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:54:31:52:9D:2D:A0:18:3B:C2:9B:54:30:06:31:7A:63:07:74:81
X509v3 Authority Key Identifier:
keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/PFQxUp0toBg7wptUMAYxemMHdIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.125.0/24
Signature Algorithm: sha256WithRSAEncryption
95:94:9a:7d:38:a9:78:86:b0:82:8c:a1:ac:01:ea:2b:69:1f:
8b:94:04:5e:a3:ad:13:da:e4:89:3b:37:64:2b:55:1b:64:57:
30:26:3c:4d:00:d3:f7:8f:89:51:bd:9a:e7:a0:2a:b2:87:58:
64:bb:2b:eb:33:26:c9:a3:87:a8:9d:5e:4d:b8:ba:c3:fb:aa:
1d:99:b6:5d:ad:47:82:8b:94:35:6f:00:f8:7a:c9:66:03:6b:
e4:96:3c:44:e4:80:74:48:a5:ca:73:c9:36:72:0c:b8:2e:47:
53:c8:be:ca:09:31:cd:7d:63:4e:68:e2:02:00:f4:c4:35:db:
76:60:e9:f2:37:5f:ed:83:1f:c8:0b:85:c6:21:cf:90:28:ec:
15:5e:87:bb:e3:61:f4:4d:df:84:df:0b:9f:36:4f:c1:a7:50:
91:bc:ba:ea:fe:34:e4:f7:1c:64:c1:1e:f8:ec:b7:6b:38:51:
74:88:cb:48:39:fa:4e:d4:be:82:d4:ed:24:95:95:05:2e:bc:
70:d4:d8:30:7c:2e:bf:a5:a8:a0:e8:ab:e9:29:2c:06:9d:b0:
9a:65:25:5d:f3:b9:92:fa:37:74:4a:15:0d:24:fc:47:99:8a:
f9:6a:0d:f8:0f:30:cb:1c:3b:04:19:aa:6d:5d:d7:fd:ba:fa:
6e:63:b7:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS2Us3RdVqs5t+HPj1IL9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjQwMTAxMTgzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzU0MzE1MjlkMmRhMDE4M2JjMjliNTQzMDA2MzE3YTYzMDc3NDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaIHA010DG7edCNgvYCSVy53OH/n
hIZdS3bnR4zdlPXa/vuladggttEfXgg7F8quH7MIvMzVXXGBc6iKW+CfBlVxtE6D
E5C6pbW2zU0Do6k4JESMtL13TAPCTfcJdGsjkJXF+1jfN4VkFysIdSzfMJpfQ+fG
5A0GqBfEPBOTi6wZzHJCltzRaEGq+yjZ6eJijlsWUBTM1SqBiuJ8Tfl1spVakUp6
tEEEcEipKZDkYkhFEtiaV2mHvcXwaoEMYQITr+PWrW7e/R0UiRQG64TpP9h5US07
ez81XYg63spewgg4oCMu5rEX2iv8B8UPrvZ/Bb1vD4dIBGyjeH1rGrQNVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDxUMVKdLaAYO8KbVDAGMXpjB3SBMB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvUEZReFVwMHRvQmc3d3B0VU1BWXhlbU1IZElFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZl9MA0G
CSqGSIb3DQEBCwUAA4IBAQCVlJp9OKl4hrCCjKGsAeoraR+LlAReo60T2uSJOzdk
K1UbZFcwJjxNANP3j4lRvZrnoCqyh1hkuyvrMybJo4eonV5NuLrD+6odmbZdrUeC
i5Q1bwD4eslmA2vkljxE5IB0SKXKc8k2cgy4LkdTyL7KCTHNfWNOaOICAPTENdt2
YOnyN1/tgx/IC4XGIc+QKOwVXoe742H0Td+E3wufNk/Bp1CRvLrq/jTk9xxkwR74
7LdrOFF0iMtIOfpO1L6C1O0klZUFLrxw1NgwfC6/paig6KvpKSwGnbCaZSVd87mS
+jd0ShUNJPxHmYr5ag34DzDLHDsEGaptXdf9uvpuY7eO
-----END CERTIFICATE-----
Generated at Mon Sep 2 15:35:04 2024 by rpki-client on console-ams.rpki-client.org