Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/McekNsEs6Vn5gjLLrrSgYr5vcfg.roa
File: McekNsEs6Vn5gjLLrrSgYr5vcfg.roa (raw, json)
Hash identifier: wvdnU1QfDV6T5E9HMJhjmWAf6fM2fwANMfUWyT55OFI=
Subject key identifier: 31:C7:A4:36:C1:2C:E9:59:F9:82:32:CB:AE:B4:A0:62:BE:6F:71:F8
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018393D7AE9BB796C12C3D696C5CB600908B
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/McekNsEs6Vn5gjLLrrSgYr5vcfg.roa
Signing time: Sat 01 Oct 2022 13:58:49 +0000
ROA not before: Sat 01 Oct 2022 13:58:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3561
IP address blocks: 45.10.12.0/22 maxlen: 22
45.95.88.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:93:d7:ae:9b:b7:96:c1:2c:3d:69:6c:5c:b6:00:90:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Oct 1 13:58:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31c7a436c12ce959f98232cbaeb4a062be6f71f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:26:51:05:d6:8d:64:59:dc:cb:35:f7:a5:d1:
ce:92:85:7a:67:4b:47:86:ab:8f:f4:25:8a:30:2a:
2d:f4:4e:21:9f:d6:1b:29:9d:6e:63:86:9f:b8:bf:
36:08:ba:26:ca:0c:d8:d5:b7:d8:cc:27:c3:1a:64:
f9:52:24:41:c8:0e:76:1a:2a:58:78:77:3d:b7:1c:
65:41:73:99:72:f3:3d:9e:06:50:93:f0:69:18:b2:
8c:c1:2e:2c:b3:b6:2c:2b:82:27:4b:a2:01:67:e0:
10:e9:fd:25:d7:04:35:b8:36:83:b6:14:3f:9c:64:
52:67:34:68:d7:5e:78:ca:95:c3:42:d6:42:df:7e:
3d:0b:4d:40:92:44:f3:b2:ee:f7:47:fa:40:76:8a:
f0:46:db:e8:f8:9c:02:c8:fd:ef:be:e8:21:6a:54:
e1:6a:a0:31:d6:48:8b:d3:b4:70:8c:5f:57:4a:a8:
b6:66:32:23:f0:22:bd:ad:8b:e5:dc:23:0e:85:2e:
4a:69:5c:05:f8:2a:cc:cc:1e:13:38:78:28:7a:62:
57:b4:1c:25:4a:86:ad:53:9e:a9:fc:ae:ee:ef:d6:
f4:b7:4d:d8:22:70:80:15:1e:0d:d4:c6:92:96:b1:
39:eb:7e:43:8d:3a:0a:89:f7:d8:f0:09:94:7b:41:
dd:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C7:A4:36:C1:2C:E9:59:F9:82:32:CB:AE:B4:A0:62:BE:6F:71:F8
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/McekNsEs6Vn5gjLLrrSgYr5vcfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.12.0/22
45.95.88.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:f7:48:57:53:52:89:27:77:b2:95:73:99:1b:65:26:84:de:
d5:59:bf:d8:bf:1b:d5:13:32:ee:b4:ae:80:d7:ba:74:96:28:
43:71:ae:4c:e6:42:8c:7a:d9:c7:9c:a1:39:d8:ae:fb:ef:40:
f9:aa:40:40:e6:31:44:d0:ed:e4:de:62:6b:90:86:9d:57:f2:
76:30:67:a7:1f:30:cd:cc:51:7b:e8:42:be:41:0a:64:76:18:
1f:22:f1:f8:c0:ec:39:22:d1:5c:64:56:31:5d:75:c9:b6:c2:
83:2d:78:6e:ef:5d:d1:50:0a:47:eb:9b:37:10:eb:84:5e:42:
ce:6e:d9:17:5c:1f:9a:8d:f2:ce:89:8c:b1:64:81:04:6a:d6:
8b:33:67:3f:f9:3e:9b:3c:e8:82:41:0e:b0:77:31:80:3d:3b:
a1:2d:b7:45:f9:47:c8:8e:79:cc:1e:9c:96:d7:47:cd:1c:f0:
67:ab:b0:b9:18:38:9d:32:b0:27:c8:99:92:18:c6:a5:12:83:
1f:71:45:fd:2f:51:3b:43:a7:64:0b:5f:ee:22:17:71:a5:b1:
67:82:83:7d:66:68:20:08:58:b3:95:2a:34:51:64:d9:15:74:
7b:41:2d:cc:ee:ea:0c:52:ae:b8:ec:49:e5:d3:ac:c0:1b:bc:
00:0c:b5:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYOT166bt5bBLD1pbFy2AJCLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMDAxMTM1ODQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWM3YTQzNmMxMmNlOTU5Zjk4MjMyY2JhZWI0YTA2MmJlNmY3MWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyZRBdaNZFncyzX3pdHOkoV6Z0tH
hquP9CWKMCot9E4hn9YbKZ1uY4afuL82CLomygzY1bfYzCfDGmT5UiRByA52GipY
eHc9txxlQXOZcvM9ngZQk/BpGLKMwS4ss7YsK4InS6IBZ+AQ6f0l1wQ1uDaDthQ/
nGRSZzRo1154ypXDQtZC3349C01AkkTzsu73R/pAdorwRtvo+JwCyP3vvughalTh
aqAx1kiL07RwjF9XSqi2ZjIj8CK9rYvl3CMOhS5KaVwF+CrMzB4TOHgoemJXtBwl
SoatU56p/K7u79b0t03YInCAFR4N1MaSlrE5635DjToKiffY8AmUe0HdRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDHHpDbBLOlZ+YIyy660oGK+b3H4MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvTWNla05zRXM2Vm41Z2pMTHJyU2dZcjV2Y2ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLQoMAwQC
LV9YMA0GCSqGSIb3DQEBCwUAA4IBAQCl90hXU1KJJ3eylXOZG2UmhN7VWb/YvxvV
EzLutK6A17p0lihDca5M5kKMetnHnKE52K7770D5qkBA5jFE0O3k3mJrkIadV/J2
MGenHzDNzFF76EK+QQpkdhgfIvH4wOw5ItFcZFYxXXXJtsKDLXhu713RUApH65s3
EOuEXkLObtkXXB+ajfLOiYyxZIEEataLM2c/+T6bPOiCQQ6wdzGAPTuhLbdF+UfI
jnnMHpyW10fNHPBnq7C5GDidMrAnyJmSGMalEoMfcUX9L1E7Q6dkC1/uIhdxpbFn
goN9ZmggCFizlSo0UWTZFXR7QS3M7uoMUq647Enl06zAG7wADLWl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org