Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/xfe_jhGTmE94kM64ILiB367LMI4.roa
File: xfe_jhGTmE94kM64ILiB367LMI4.roa (raw, json)
Hash identifier: pgmcTvvNLYFcceUHEuHiZdt4upLe34ykpueArpF1WPo=
Subject key identifier: C5:F7:BF:8E:11:93:98:4F:78:90:CE:B8:20:B8:81:DF:AE:CB:30:8E
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 1548DFE1
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/xfe_jhGTmE94kM64ILiB367LMI4.roa
Signing time: Sat 04 Jun 2022 10:42:21 +0000
ROA not before: Sat 04 Jun 2022 10:42:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209961
IP address blocks: 45.150.44.0/22 maxlen: 22
2.57.212.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 357097441 (0x1548dfe1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 4 10:42:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5f7bf8e1193984f7890ceb820b881dfaecb308e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f0:01:10:0e:5f:d5:dc:18:75:c7:51:63:d4:
2f:02:27:f5:e3:17:93:99:48:96:bd:1e:bd:fc:3a:
28:f8:d9:b9:53:5e:53:d1:62:ad:c8:f6:ba:59:eb:
3b:d0:e5:66:af:1d:0c:14:91:91:60:0e:91:55:95:
b2:4d:10:0c:a1:db:49:00:11:8f:f1:5a:18:75:23:
1a:9e:99:23:e6:3c:36:46:8f:2c:f9:2b:d6:c0:80:
2e:ca:cd:9a:1c:a8:4f:3d:65:0c:6c:8c:17:84:4c:
67:36:68:85:9d:a0:f6:fa:42:ab:54:4d:01:ce:11:
4a:5c:77:46:1d:66:c0:6f:42:34:02:bf:fe:f7:f6:
3d:f4:b1:0f:03:1d:77:d7:20:2e:e4:a4:a7:5b:b0:
bb:67:38:fe:57:7c:a0:c2:5f:d6:bb:92:fc:23:b3:
8e:c6:55:7a:e8:9d:72:ca:f3:e8:28:86:bf:90:b9:
95:5b:dc:95:d1:53:ba:82:4a:c7:75:35:11:9d:41:
6f:93:0b:19:28:e0:f5:67:40:31:02:95:fe:35:46:
6c:46:a5:e3:f5:05:51:6a:4f:d0:9d:4d:0e:0e:51:
b2:9b:17:3b:31:77:60:f7:63:f1:4a:29:6f:1c:a2:
44:77:60:80:96:8c:ef:6f:df:82:37:f8:69:32:a4:
d5:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F7:BF:8E:11:93:98:4F:78:90:CE:B8:20:B8:81:DF:AE:CB:30:8E
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/xfe_jhGTmE94kM64ILiB367LMI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.212.0/22
45.150.44.0/22
Signature Algorithm: sha256WithRSAEncryption
70:30:6f:15:89:69:b6:bf:94:90:5b:dd:31:3f:c3:1b:c3:e3:
22:e7:c9:61:7f:19:9a:fb:f9:8a:6b:b4:f8:dd:85:35:10:16:
07:19:10:84:51:0c:7b:83:a5:c7:d8:01:ac:26:87:18:6b:e8:
3b:14:2f:f0:62:99:33:68:b5:63:17:b0:a0:ff:78:56:3e:1b:
f9:d0:78:fb:a2:fb:3e:81:cd:93:ed:3b:a3:6a:17:83:90:e9:
1e:bb:93:a4:97:f0:48:f4:97:c4:a5:74:f6:bf:fb:87:47:49:
8d:b6:7f:f1:43:50:f6:f4:ac:61:c9:72:81:57:a5:2a:32:c4:
7a:ae:d9:a4:fa:49:f6:2b:53:cb:0e:62:61:36:45:9a:64:66:
1e:19:4c:5e:a2:05:d8:de:09:69:36:26:db:00:94:3f:90:c7:
31:a3:74:c5:2b:df:4d:ba:cd:46:2e:cf:ed:d9:50:39:94:ab:
37:25:fd:c6:2c:62:76:1d:5e:c7:23:cb:0b:c5:69:7e:12:d8:
af:66:7e:32:69:ae:c3:59:2e:32:df:79:62:d1:91:d7:bf:77:
71:90:5b:da:66:e4:c4:4f:af:37:e1:6d:9f:3c:41:c2:92:ee:
0a:1b:52:ad:5e:6f:3c:3c:3b:06:6d:c5:ea:19:e9:6d:d1:1c:
7a:bc:f7:79
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEFUjf4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDYw
NDEwNDIyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzVmN2JmOGUxMTkz
OTg0Zjc4OTBjZWI4MjBiODgxZGZhZWNiMzA4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHwARAOX9XcGHXHUWPULwIn9eMXk5lIlr0evfw6KPjZuVNe
U9Fircj2ulnrO9DlZq8dDBSRkWAOkVWVsk0QDKHbSQARj/FaGHUjGp6ZI+Y8NkaP
LPkr1sCALsrNmhyoTz1lDGyMF4RMZzZohZ2g9vpCq1RNAc4RSlx3Rh1mwG9CNAK/
/vf2PfSxDwMdd9cgLuSkp1uwu2c4/ld8oMJf1ruS/COzjsZVeuidcsrz6CiGv5C5
lVvcldFTuoJKx3U1EZ1Bb5MLGSjg9WdAMQKV/jVGbEal4/UFUWpP0J1NDg5RspsX
OzF3YPdj8UopbxyiRHdggJaM72/fgjf4aTKk1S8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTF97+OEZOYT3iQzrgguIHfrsswjjAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L3hmZV9qaEdUbUU5NGtNNjRJTGlCMzY3TE1JNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAgI51AMEAi2WLDANBgkqhkiG9w0B
AQsFAAOCAQEAcDBvFYlptr+UkFvdMT/DG8PjIufJYX8Zmvv5imu0+N2FNRAWBxkQ
hFEMe4Olx9gBrCaHGGvoOxQv8GKZM2i1YxewoP94Vj4b+dB4+6L7PoHNk+07o2oX
g5DpHruTpJfwSPSXxKV09r/7h0dJjbZ/8UNQ9vSsYclygVelKjLEeq7ZpPpJ9itT
yw5iYTZFmmRmHhlMXqIF2N4JaTYm2wCUP5DHMaN0xSvfTbrNRi7P7dlQOZSrNyX9
xixidh1exyPLC8VpfhLYr2Z+Mmmuw1kuMt95YtGR1793cZBb2mbkxE+vN+FtnzxB
wpLuChtSrV5vPDw7Bm3F6hnpbdEcerz3eQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org