Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/KeIatUKiIz6tp9Rudvtd91IxuCU.roa
File: KeIatUKiIz6tp9Rudvtd91IxuCU.roa (raw, json)
Hash identifier: Rv9jMVWyxrvw6TuYCww1lWvlMnJ6VDxA0O1vUx/tpbA=
Subject key identifier: 29:E2:1A:B5:42:A2:23:3E:AD:A7:D4:6E:76:FB:5D:F7:52:31:B8:25
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 14BD4603
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/KeIatUKiIz6tp9Rudvtd91IxuCU.roa
Signing time: Wed 20 Apr 2022 09:55:21 +0000
ROA not before: Wed 20 Apr 2022 09:55:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49006
IP address blocks: 45.10.12.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 347948547 (0x14bd4603)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Apr 20 09:55:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29e21ab542a2233eada7d46e76fb5df75231b825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e2:21:02:a1:be:95:47:95:ea:92:a7:a3:c5:
2c:0a:2d:99:12:0f:88:c0:7c:8c:33:4a:4a:48:cf:
02:c5:2d:58:b9:33:1c:f9:96:4d:44:45:0f:5c:2f:
eb:28:47:7e:c5:1a:8f:43:d0:d6:9e:e1:9f:01:b6:
6b:35:03:78:f1:8a:60:46:b9:0f:d1:37:c3:95:f5:
b4:44:f3:64:07:78:e6:50:c9:51:6d:a5:3a:53:e9:
89:0d:43:e9:74:a7:90:4b:f0:e6:73:2e:65:4f:14:
8c:6f:59:15:76:d1:2b:15:e6:9c:f4:c4:5e:99:b0:
1d:af:f0:44:4d:fd:f5:b7:f0:48:14:b4:dc:ea:da:
0f:89:65:76:1d:7e:de:58:d5:1d:a7:cc:73:ca:ff:
d6:4f:ce:dd:42:ad:95:18:42:b2:49:35:37:da:7b:
f1:86:54:10:3e:a4:81:39:1e:76:00:ec:8c:23:19:
a7:ba:cb:46:83:c8:f5:73:7c:b4:41:34:a0:f0:0c:
3f:be:20:27:58:50:8a:c7:6e:44:eb:d9:76:de:ff:
b1:30:93:bb:24:f9:ce:19:24:43:f1:13:45:33:ba:
c7:5a:0d:36:19:20:91:f5:50:7e:1e:cc:cf:98:d0:
4c:a2:f2:49:1c:23:d3:af:a2:df:8f:c7:dc:8c:32:
46:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E2:1A:B5:42:A2:23:3E:AD:A7:D4:6E:76:FB:5D:F7:52:31:B8:25
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/KeIatUKiIz6tp9Rudvtd91IxuCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.12.0/22
Signature Algorithm: sha256WithRSAEncryption
21:76:0d:16:b9:31:03:a2:86:91:24:6e:3e:1e:d6:5f:6d:9c:
6d:89:56:0a:12:44:e9:01:25:01:ea:a2:5a:29:39:c2:26:32:
bc:b1:9a:b5:11:75:b2:f7:4a:3e:4b:80:d7:13:a9:e0:5c:a4:
be:75:51:56:df:99:a8:73:8f:36:fc:22:6e:da:45:12:6a:2e:
e1:0b:0c:f2:c7:17:d0:d9:e3:32:41:67:a8:36:c0:aa:0e:71:
97:0f:75:b0:66:1f:17:e8:1a:05:08:ae:32:54:51:70:11:14:
18:47:bd:b3:0c:2d:4b:1a:3f:9f:83:5d:b9:b8:92:ae:e8:ed:
76:0a:ee:ce:3d:6c:11:0e:17:7b:7f:3e:ee:76:2a:71:90:ac:
1e:f4:03:28:df:ee:e8:ec:ab:00:44:fa:11:60:49:56:bf:9b:
95:7f:2f:af:3f:44:24:a6:60:94:23:3c:36:bb:50:35:9c:80:
34:99:82:5b:71:8d:fa:87:58:a4:d2:68:45:09:f2:0b:ca:70:
85:4b:ed:cc:7f:2f:11:fa:db:3f:fe:28:40:68:7d:54:51:74:
af:67:b6:e5:53:00:f4:53:3c:47:ce:c5:99:8e:a8:b8:e7:e3:
35:9a:05:18:88:7c:ef:b9:5d:ec:89:2e:1a:3c:2f:81:cd:31:
f0:5d:f6:48
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFL1GAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDQy
MDA5NTUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjllMjFhYjU0MmEy
MjMzZWFkYTdkNDZlNzZmYjVkZjc1MjMxYjgyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLiIQKhvpVHleqSp6PFLAotmRIPiMB8jDNKSkjPAsUtWLkz
HPmWTURFD1wv6yhHfsUaj0PQ1p7hnwG2azUDePGKYEa5D9E3w5X1tETzZAd45lDJ
UW2lOlPpiQ1D6XSnkEvw5nMuZU8UjG9ZFXbRKxXmnPTEXpmwHa/wRE399bfwSBS0
3OraD4lldh1+3ljVHafMc8r/1k/O3UKtlRhCskk1N9p78YZUED6kgTkedgDsjCMZ
p7rLRoPI9XN8tEE0oPAMP74gJ1hQisduROvZdt7/sTCTuyT5zhkkQ/ETRTO6x1oN
NhkgkfVQfh7Mz5jQTKLySRwj06+i34/H3IwyRlcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQp4hq1QqIjPq2n1G52+133UjG4JTAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L0tlSWF0VUtpSXo2dHA5UnVkdnRkOTFJeHVDVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi0KDDANBgkqhkiG9w0BAQsFAAOC
AQEAIXYNFrkxA6KGkSRuPh7WX22cbYlWChJE6QElAeqiWik5wiYyvLGatRF1svdK
PkuA1xOp4FykvnVRVt+ZqHOPNvwibtpFEmou4QsM8scX0NnjMkFnqDbAqg5xlw91
sGYfF+gaBQiuMlRRcBEUGEe9swwtSxo/n4NdubiSrujtdgruzj1sEQ4Xe38+7nYq
cZCsHvQDKN/u6OyrAET6EWBJVr+blX8vrz9EJKZglCM8NrtQNZyANJmCW3GN+odY
pNJoRQnyC8pwhUvtzH8vEfrbP/4oQGh9VFF0r2e25VMA9FM8R87FmY6ouOfjNZoF
GIh877ld7IkuGjwvgc0x8F32SA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org