Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/C7CvGgx7in4ARrcKjj55SUtLaQc.roa
File: C7CvGgx7in4ARrcKjj55SUtLaQc.roa (raw, json)
Hash identifier: oCkr7NfCIqkxxmvKX5x7ywZ+3TtDTRX224+iTPzIqo8=
Subject key identifier: 0B:B0:AF:1A:0C:7B:8A:7E:00:46:B7:0A:8E:3E:79:49:4B:4B:69:07
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 0181F46D463A0F9879AD071FF60049ED14DC
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/C7CvGgx7in4ARrcKjj55SUtLaQc.roa
Signing time: Tue 12 Jul 2022 22:00:10 +0000
ROA not before: Tue 12 Jul 2022 22:00:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12722
IP address blocks: 45.11.212.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f4:6d:46:3a:0f:98:79:ad:07:1f:f6:00:49:ed:14:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Jul 12 22:00:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0bb0af1a0c7b8a7e0046b70a8e3e79494b4b6907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:83:fa:fd:8e:7f:62:7a:55:12:b4:ef:c5:39:
ae:be:b8:83:34:dd:da:99:87:a4:ca:ac:bd:35:4d:
e3:13:95:c2:44:cd:0f:9c:63:a5:58:01:0c:db:d7:
97:2b:6b:ef:73:e1:ff:f4:d9:d4:51:95:59:57:ad:
9e:59:99:92:07:0c:a4:67:dd:88:58:92:57:d3:26:
77:37:5f:62:01:eb:00:39:71:d6:ed:49:07:be:49:
da:12:65:81:f8:23:c5:e8:7b:b5:95:69:4b:6d:95:
f7:d0:5f:a3:19:f4:2e:d4:a0:24:d7:31:55:6c:2e:
e6:43:17:f5:2d:7b:2c:32:36:3d:87:47:52:61:3d:
4d:dd:7e:cd:66:5a:b8:31:f9:c6:21:9c:3e:1a:f5:
02:47:e4:7b:36:c4:66:80:e3:5f:62:dc:a3:b1:ad:
d2:7f:8d:90:fb:2a:4d:be:53:8a:b7:85:e4:88:1e:
80:f7:27:90:39:e9:91:58:2a:1e:f3:b3:dc:e1:c1:
e0:88:93:64:0f:e6:cb:ad:cc:13:77:f8:db:94:88:
c9:53:c2:bf:96:59:bc:a2:21:ec:5c:f6:88:c7:7f:
14:72:94:99:db:b5:3c:eb:c8:5a:0b:a3:a4:b3:19:
20:4c:5a:5a:71:be:aa:4a:b7:59:d2:c6:1c:ff:8a:
dc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:B0:AF:1A:0C:7B:8A:7E:00:46:B7:0A:8E:3E:79:49:4B:4B:69:07
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/C7CvGgx7in4ARrcKjj55SUtLaQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.212.0/24
Signature Algorithm: sha256WithRSAEncryption
01:da:ea:68:24:36:d0:fa:fb:2d:7e:33:42:43:de:9a:36:fc:
2d:56:9b:59:4e:a5:79:26:77:c0:12:b5:a6:08:9b:a2:36:bf:
03:45:26:3d:c8:da:d2:e0:3a:13:db:7d:9a:83:fe:95:76:2a:
d4:3b:e9:38:84:5a:d9:ba:1a:48:64:72:e8:b5:d5:34:fb:aa:
d0:85:65:ec:2a:03:db:42:db:36:58:31:4b:3d:08:b9:60:e9:
10:32:03:3a:4f:b5:79:21:2d:af:69:ba:37:f1:52:e1:13:e2:
78:c5:5e:fd:d4:82:85:1f:79:1d:61:61:16:0c:44:c6:f5:74:
47:c8:c8:ad:3d:41:ac:bd:b4:73:89:ff:f7:ed:3a:58:3e:ae:
4b:90:66:9c:f1:36:b0:3b:67:d4:2e:b5:03:c3:80:be:8f:50:
7f:4a:d8:75:ff:58:4a:49:be:10:33:36:ce:48:c0:1d:b9:6f:
b3:a5:a4:eb:05:92:77:72:9a:0d:88:ef:50:aa:8a:1b:6f:ab:
32:66:2b:af:3f:48:fd:a3:b9:99:a1:08:d3:f6:a9:d4:08:63:
fc:57:ce:d4:5c:f9:47:6d:d9:bf:11:cd:15:b9:13:51:3d:52:
26:eb:1b:20:f0:1a:82:29:db:77:10:d8:92:97:c9:bf:d2:67:
56:56:db:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYH0bUY6D5h5rQcf9gBJ7RTcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjIwNzEyMjIwMDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmIwYWYxYTBjN2I4YTdlMDA0NmI3MGE4ZTNlNzk0OTRiNGI2OTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6oP6/Y5/YnpVErTvxTmuvriDNN3a
mYekyqy9NU3jE5XCRM0PnGOlWAEM29eXK2vvc+H/9NnUUZVZV62eWZmSBwykZ92I
WJJX0yZ3N19iAesAOXHW7UkHvknaEmWB+CPF6Hu1lWlLbZX30F+jGfQu1KAk1zFV
bC7mQxf1LXssMjY9h0dSYT1N3X7NZlq4MfnGIZw+GvUCR+R7NsRmgONfYtyjsa3S
f42Q+ypNvlOKt4XkiB6A9yeQOemRWCoe87Pc4cHgiJNkD+bLrcwTd/jblIjJU8K/
llm8oiHsXPaIx38UcpSZ27U868haC6OksxkgTFpacb6qSrdZ0sYc/4rcVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAuwrxoMe4p+AEa3Co4+eUlLS2kHMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvQzdDdkdneDdpbjRBUnJjS2pqNTVTVXRMYVFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQvUMA0G
CSqGSIb3DQEBCwUAA4IBAQAB2upoJDbQ+vstfjNCQ96aNvwtVptZTqV5JnfAErWm
CJuiNr8DRSY9yNrS4DoT232ag/6VdirUO+k4hFrZuhpIZHLotdU0+6rQhWXsKgPb
Qts2WDFLPQi5YOkQMgM6T7V5IS2vabo38VLhE+J4xV791IKFH3kdYWEWDETG9XRH
yMitPUGsvbRzif/37TpYPq5LkGac8TawO2fULrUDw4C+j1B/Sth1/1hKSb4QMzbO
SMAduW+zpaTrBZJ3cpoNiO9Qqoobb6syZiuvP0j9o7mZoQjT9qnUCGP8V87UXPlH
bdm/Ec0VuRNRPVIm6xsg8BqCKdt3ENiSl8m/0mdWVtu1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:55 2024 by rpki-client on console-ams.rpki-client.org