Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/DLNPWn3bb9vZZjO1uHfE2wbZCog.roa
File: DLNPWn3bb9vZZjO1uHfE2wbZCog.roa (raw, json)
Hash identifier: 8Fs8gfxGhamgW6Ebi9kVdwk3dpHcd1kvHkkMQ038wbE=
Subject key identifier: 0C:B3:4F:5A:7D:DB:6F:DB:D9:66:33:B5:B8:77:C4:DB:06:D9:0A:88
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 1414ABF0
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/DLNPWn3bb9vZZjO1uHfE2wbZCog.roa
Signing time: Tue 22 Feb 2022 18:38:16 +0000
ROA not before: Tue 22 Feb 2022 18:38:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202470
IP address blocks: 45.10.12.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 336899056 (0x1414abf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Feb 22 18:38:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0cb34f5a7ddb6fdbd96633b5b877c4db06d90a88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c4:69:fb:1e:3e:c2:87:76:08:a5:de:d0:62:
8f:bb:58:6e:4a:43:3a:b2:55:ff:66:49:8b:c9:ec:
01:0e:78:c8:fb:1a:f5:bb:dd:2b:cd:2d:cc:ba:6f:
fe:b6:57:d1:f1:e5:1c:85:dd:3d:48:6e:47:f8:7e:
cf:94:9a:34:92:50:55:b9:40:a6:68:5a:32:53:fa:
59:d2:72:31:44:2d:0b:12:dd:ea:16:e7:07:74:2f:
4b:68:70:9d:bd:b6:03:a5:c9:c0:97:62:04:c1:ee:
78:56:a4:f3:5c:38:56:76:f2:e7:2f:99:8b:5c:98:
94:00:da:4b:87:e1:56:64:e7:08:81:3a:59:f0:cf:
74:37:bd:7f:99:b5:2d:47:d9:7b:28:7f:bc:46:17:
d0:93:17:2b:09:15:36:75:8b:be:fa:42:c8:2f:24:
9f:bb:66:f0:16:d2:ef:14:75:0e:d7:0a:7a:64:1a:
a5:c2:01:5c:4a:05:f8:68:3e:1e:7e:d8:8f:f9:19:
fb:e2:5b:9b:d5:78:3b:14:59:8f:1e:fc:48:31:15:
d0:b8:6b:c5:36:7b:49:d6:66:af:e8:08:11:61:b5:
58:d4:79:52:d0:b6:b5:48:f2:8f:95:9d:25:8d:ca:
f1:8e:31:9e:14:09:c3:6f:0d:17:1b:5c:bc:39:d0:
26:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:B3:4F:5A:7D:DB:6F:DB:D9:66:33:B5:B8:77:C4:DB:06:D9:0A:88
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/DLNPWn3bb9vZZjO1uHfE2wbZCog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.12.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:0c:bf:8e:9a:d0:d1:d2:6d:9c:88:93:c8:20:ac:e5:67:b2:
42:43:b2:2c:d4:6c:cd:83:d4:2a:02:e6:93:49:20:81:9f:53:
98:54:2d:3b:d5:70:44:5d:a1:ee:01:ae:b9:70:6f:93:bc:9e:
28:e4:cd:7f:4c:73:6e:37:3c:4d:ff:fd:68:e6:ca:88:76:a1:
2c:f8:6e:e5:fe:9d:2d:f8:62:06:ac:1d:f2:49:68:f3:bf:42:
f5:11:46:14:ef:88:c6:19:df:af:0e:6f:bb:ce:70:e3:43:8f:
32:22:e6:1d:4f:65:86:42:68:25:f7:32:af:2b:e3:47:4e:98:
cc:6f:6c:c2:45:71:ae:5d:6c:b8:eb:9d:3d:b3:5e:a7:99:64:
13:65:58:5e:89:6e:34:7c:eb:37:a8:02:c5:72:52:5e:c2:9d:
01:d7:b1:a8:fe:0e:d3:d9:06:04:05:fc:a3:a2:74:aa:b5:6a:
8c:a0:c1:34:36:b2:e2:dd:19:92:01:2d:70:ec:e2:04:9d:7d:
b4:3e:00:20:8f:c2:1e:07:76:33:c1:f6:9f:54:1d:1b:a0:5f:
08:02:bb:36:81:3d:ea:37:0e:3e:f9:c1:c4:ad:4b:93:7d:96:
e2:6a:2a:5e:b5:4b:ee:27:89:c5:d9:6e:b1:4f:95:c1:3a:08:
88:40:e9:a7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFBSr8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDIy
MjE4MzgxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGNiMzRmNWE3ZGRi
NmZkYmQ5NjYzM2I1Yjg3N2M0ZGIwNmQ5MGE4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHEafsePsKHdgil3tBij7tYbkpDOrJV/2ZJi8nsAQ54yPsa
9bvdK80tzLpv/rZX0fHlHIXdPUhuR/h+z5SaNJJQVblApmhaMlP6WdJyMUQtCxLd
6hbnB3QvS2hwnb22A6XJwJdiBMHueFak81w4Vnby5y+Zi1yYlADaS4fhVmTnCIE6
WfDPdDe9f5m1LUfZeyh/vEYX0JMXKwkVNnWLvvpCyC8kn7tm8BbS7xR1DtcKemQa
pcIBXEoF+Gg+Hn7Yj/kZ++Jbm9V4OxRZjx78SDEV0LhrxTZ7SdZmr+gIEWG1WNR5
UtC2tUjyj5WdJY3K8Y4xnhQJw28NFxtcvDnQJucCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQMs09afdtv29lmM7W4d8TbBtkKiDAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L0RMTlBXbjNiYjl2WlpqTzF1SGZFMndiWkNvZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi0KDDANBgkqhkiG9w0BAQsFAAOC
AQEASgy/jprQ0dJtnIiTyCCs5WeyQkOyLNRszYPUKgLmk0kggZ9TmFQtO9VwRF2h
7gGuuXBvk7yeKOTNf0xzbjc8Tf/9aObKiHahLPhu5f6dLfhiBqwd8klo879C9RFG
FO+Ixhnfrw5vu85w40OPMiLmHU9lhkJoJfcyryvjR06YzG9swkVxrl1suOudPbNe
p5lkE2VYXoluNHzrN6gCxXJSXsKdAdexqP4O09kGBAX8o6J0qrVqjKDBNDay4t0Z
kgEtcOziBJ19tD4AII/CHgd2M8H2n1QdG6BfCAK7NoE96jcOPvnBxK1Lk32W4moq
XrVL7ieJxdlusU+VwToIiEDppw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org