Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/3OtHVO03LbRqqINTeo415t-hO3U.roa
File: 3OtHVO03LbRqqINTeo415t-hO3U.roa (raw, json)
Hash identifier: 6xYGTcxSfbhd2h2J//gnApm8Fkta1guXoe+j83/F8T8=
Subject key identifier: DC:EB:47:54:ED:37:2D:B4:6A:A8:83:53:7A:8E:35:E6:DF:A1:3B:75
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 0189654A8CECEDF916974C08E62B948D7A02
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/3OtHVO03LbRqqINTeo415t-hO3U.roa
Signing time: Mon 17 Jul 2023 19:18:51 +0000
ROA not before: Mon 17 Jul 2023 19:18:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34665
IP address blocks: 45.128.128.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:65:4a:8c:ec:ed:f9:16:97:4c:08:e6:2b:94:8d:7a:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Jul 17 19:18:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dceb4754ed372db46aa883537a8e35e6dfa13b75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:26:cd:5b:e2:99:81:ab:69:ec:c1:9f:9c:02:
89:e1:73:26:67:09:90:e1:78:83:03:60:5b:6a:61:
9d:28:9f:e7:a4:8b:09:d5:03:08:84:bd:b3:bd:cb:
b7:2b:04:19:83:1b:4e:5c:3a:d6:1d:34:66:d1:87:
2c:0b:6e:aa:17:7c:f7:1e:0a:e5:65:f9:28:fd:87:
95:86:aa:3b:e5:a7:a1:dd:1d:7c:35:38:2b:14:6b:
02:c1:b0:cf:3a:bb:fe:d4:b0:5e:f6:82:3c:dc:0b:
fd:b5:61:f2:e2:a6:4f:82:38:53:f5:75:b3:a6:a7:
b3:6c:b8:fd:0d:b5:10:79:4e:00:2c:28:42:72:f8:
c9:1c:49:1d:e6:9a:29:36:75:f8:4b:e5:33:5f:13:
a8:ae:ee:72:5e:07:e0:9d:71:f0:33:55:81:54:52:
f7:f4:32:01:5b:f3:33:4c:39:4f:04:b0:d2:48:ed:
ad:92:5f:01:57:68:0a:54:b9:c5:c6:f2:c7:f2:0f:
a6:d2:df:c7:d9:be:64:f8:cc:7d:99:c3:90:45:24:
88:2e:19:03:69:7e:a8:64:e0:f2:a5:a0:04:b1:e5:
b5:aa:19:c6:cc:ef:a0:d2:bf:62:64:8e:5a:c0:22:
c2:82:eb:90:1a:98:d1:e8:5b:cd:e4:1f:5d:47:6a:
ae:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:EB:47:54:ED:37:2D:B4:6A:A8:83:53:7A:8E:35:E6:DF:A1:3B:75
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/3OtHVO03LbRqqINTeo415t-hO3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.128.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:2a:b9:5e:9e:e8:37:b3:74:f5:04:e4:a6:bf:c8:06:80:a3:
d3:90:89:9d:ab:d8:47:fe:2f:d5:aa:da:5d:29:1c:e3:49:88:
27:c3:9d:41:80:80:3f:6b:91:4e:1a:e6:d7:33:11:ff:b3:67:
fd:a9:c1:f8:eb:d3:f3:4e:27:e6:e3:c5:31:fd:e4:dd:c2:07:
ae:5c:1d:4b:c5:5f:11:2e:a6:d2:01:5d:04:25:e6:8a:0a:33:
ae:a4:67:bd:a1:f4:cb:1f:05:d9:78:66:84:6d:2e:cb:60:bc:
a1:fb:61:f1:2a:0f:ff:b7:fd:76:14:92:07:55:67:ee:e8:c1:
b0:f8:1b:4c:c9:83:e0:9c:4c:44:6b:c6:06:dc:01:b4:36:33:
6a:bd:e9:a6:d2:fa:d0:53:e6:30:08:33:f6:80:41:65:ec:e3:
68:9f:c3:a7:f7:6e:00:fa:e6:9a:91:38:ca:b3:f9:ee:3b:f7:
0e:2c:b8:7e:21:99:0b:b6:f5:fe:14:33:2a:f4:d6:eb:9d:00:
b7:c4:f9:04:29:d3:2e:82:30:4f:bc:00:7a:7f:91:d1:2e:70:
81:03:4b:5f:29:11:16:8c:15:39:5b:bc:98:49:f9:8d:10:39:
40:81:aa:2c:9f:dd:4f:a2:8d:5d:6d:19:0b:53:26:1f:8b:5c:
e9:08:73:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYllSozs7fkWl0wI5iuUjXoCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjMwNzE3MTkxODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2ViNDc1NGVkMzcyZGI0NmFhODgzNTM3YThlMzVlNmRmYTEzYjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SbNW+KZgatp7MGfnAKJ4XMmZwmQ
4XiDA2BbamGdKJ/npIsJ1QMIhL2zvcu3KwQZgxtOXDrWHTRm0YcsC26qF3z3Hgrl
Zfko/YeVhqo75aeh3R18NTgrFGsCwbDPOrv+1LBe9oI83Av9tWHy4qZPgjhT9XWz
pqezbLj9DbUQeU4ALChCcvjJHEkd5popNnX4S+UzXxOoru5yXgfgnXHwM1WBVFL3
9DIBW/MzTDlPBLDSSO2tkl8BV2gKVLnFxvLH8g+m0t/H2b5k+Mx9mcOQRSSILhkD
aX6oZODypaAEseW1qhnGzO+g0r9iZI5awCLCguuQGpjR6FvN5B9dR2quFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNzrR1TtNy20aqiDU3qONebfoTt1MB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvM090SFZPMDNMYlJxcUlOVGVvNDE1dC1oTzNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYCAMA0G
CSqGSIb3DQEBCwUAA4IBAQB7Krlenug3s3T1BOSmv8gGgKPTkImdq9hH/i/Vqtpd
KRzjSYgnw51BgIA/a5FOGubXMxH/s2f9qcH469PzTifm48Ux/eTdwgeuXB1LxV8R
LqbSAV0EJeaKCjOupGe9ofTLHwXZeGaEbS7LYLyh+2HxKg//t/12FJIHVWfu6MGw
+BtMyYPgnExEa8YG3AG0NjNqvemm0vrQU+YwCDP2gEFl7ONon8On924A+uaakTjK
s/nuO/cOLLh+IZkLtvX+FDMq9NbrnQC3xPkEKdMugjBPvAB6f5HRLnCBA0tfKREW
jBU5W7yYSfmNEDlAgaosn91Poo1dbRkLUyYfi1zpCHNm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:02 2024 by rpki-client on console-fra.rpki-client.org