Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/J5H2w6AdokLGwFoQpl2X7HfhUC4.roa
File: J5H2w6AdokLGwFoQpl2X7HfhUC4.roa (raw, json)
Hash identifier: JQJ81aC1rM+AZ4BtVl1CzQiE73QZzU1B+i2VHLDqdPU=
Subject key identifier: 27:91:F6:C3:A0:1D:A2:42:C6:C0:5A:10:A6:5D:97:EC:77:E1:50:2E
Certificate issuer: /CN=7803558ea6e5165b3876097af75bf1e92a142cf2
Certificate serial: 018D13D7EB4976F31BF97DCB04BE1EF87439
Authority key identifier: 78:03:55:8E:A6:E5:16:5B:38:76:09:7A:F7:5B:F1:E9:2A:14:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eANVjqblFls4dgl691vx6SoULPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/J5H2w6AdokLGwFoQpl2X7HfhUC4.roa
Signing time: Tue 16 Jan 2024 19:55:33 +0000
ROA not before: Tue 16 Jan 2024 19:55:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 45.129.197.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:eb:49:76:f3:1b:f9:7d:cb:04:be:1e:f8:74:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7803558ea6e5165b3876097af75bf1e92a142cf2
Validity
Not Before: Jan 16 19:55:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2791f6c3a01da242c6c05a10a65d97ec77e1502e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c8:b1:b7:b2:ad:02:35:8f:0b:90:7a:94:9d:
71:fc:26:37:21:0e:20:02:e7:1c:49:3a:94:57:3d:
67:21:8b:cc:cb:ff:69:a7:ad:95:b3:97:84:da:a3:
89:56:6a:a2:17:15:6a:e0:d1:45:9b:c1:c4:90:74:
06:04:c5:e8:1e:ff:e1:2f:29:5e:a0:56:fa:f2:2b:
8f:cc:95:e3:3e:d9:af:67:c8:df:be:15:2d:4c:ee:
6b:85:0e:3a:b4:30:53:bb:b9:66:96:c7:93:58:b8:
ad:60:63:a9:f3:49:7d:07:97:51:dd:f3:d9:7c:b5:
13:7d:7f:f4:a8:1c:9c:79:e7:4e:63:21:10:f8:3e:
8d:95:d3:ed:a8:49:ba:ec:47:82:9c:cb:22:91:4a:
c8:64:81:c4:52:09:59:80:8b:e9:5b:b9:5d:05:82:
88:0c:a0:c5:ea:07:82:25:d7:c4:00:33:f2:25:e4:
e7:00:d7:b7:04:2c:66:9b:8c:cf:7d:25:44:ab:ba:
9f:e3:fa:1a:f0:78:36:05:1d:8e:ce:13:73:ba:fb:
6c:f3:bf:4d:fe:55:01:97:0d:e5:6e:e3:70:ec:b1:
f9:e1:d8:5c:82:6d:04:00:71:bc:32:37:ff:03:c3:
80:a6:42:ad:cd:b9:da:32:5c:5a:0b:49:36:26:cd:
cf:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:91:F6:C3:A0:1D:A2:42:C6:C0:5A:10:A6:5D:97:EC:77:E1:50:2E
X509v3 Authority Key Identifier:
keyid:78:03:55:8E:A6:E5:16:5B:38:76:09:7A:F7:5B:F1:E9:2A:14:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eANVjqblFls4dgl691vx6SoULPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/J5H2w6AdokLGwFoQpl2X7HfhUC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/eANVjqblFls4dgl691vx6SoULPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.197.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:e9:7b:6a:ae:a3:80:f7:76:e4:78:eb:d0:76:81:24:bf:06:
32:4a:ae:98:21:15:1c:67:5b:a6:fb:5d:cc:df:c5:64:ba:67:
2c:ea:30:e4:53:29:3a:ad:2a:51:19:da:a2:a4:3e:37:98:59:
71:72:35:1d:93:b6:2e:34:a3:74:58:6b:3c:56:8b:16:32:7d:
ad:65:19:fb:3a:cc:f1:9f:6c:ae:01:b4:95:7c:b0:6c:31:d1:
b6:af:9d:57:cc:65:31:1c:ca:b2:88:59:86:16:56:28:3a:f6:
e0:ab:27:67:35:02:7a:70:f9:5e:a2:85:d6:d3:81:6c:2d:96:
a0:5c:d2:4c:a3:47:ca:fd:a2:9f:04:e0:c4:64:d2:73:b7:21:
ae:81:2f:03:39:2f:d9:2a:31:ad:52:f7:00:f7:24:aa:55:e2:
c1:5f:c9:af:8d:3e:e4:80:31:8e:95:9e:df:63:8c:45:22:98:
c9:fd:e1:ec:d9:4b:a4:a2:fe:8f:08:7e:69:30:d5:b4:33:45:
dc:32:1b:cc:e3:90:a3:db:04:3e:62:57:38:58:a3:56:1d:0b:
b2:87:3e:a4:f9:db:97:2e:6d:7f:a6:58:aa:3d:38:04:7e:31:
37:36:b0:aa:01:d9:cf:f7:f3:bf:8f:9f:c4:19:48:3b:79:fa:
b8:a1:71:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0T1+tJdvMb+X3LBL4e+HQ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MDM1NThlYTZlNTE2NWIzODc2MDk3YWY3NWJmMWU5MmEx
NDJjZjIwHhcNMjQwMTE2MTk1NTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzkxZjZjM2EwMWRhMjQyYzZjMDVhMTBhNjVkOTdlYzc3ZTE1MDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcixt7KtAjWPC5B6lJ1x/CY3IQ4g
AuccSTqUVz1nIYvMy/9pp62Vs5eE2qOJVmqiFxVq4NFFm8HEkHQGBMXoHv/hLyle
oFb68iuPzJXjPtmvZ8jfvhUtTO5rhQ46tDBTu7lmlseTWLitYGOp80l9B5dR3fPZ
fLUTfX/0qByceedOYyEQ+D6NldPtqEm67EeCnMsikUrIZIHEUglZgIvpW7ldBYKI
DKDF6geCJdfEADPyJeTnANe3BCxmm4zPfSVEq7qf4/oa8Hg2BR2OzhNzuvts879N
/lUBlw3lbuNw7LH54dhcgm0EAHG8Mjf/A8OApkKtzbnaMlxaC0k2Js3PkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCeR9sOgHaJCxsBaEKZdl+x34VAuMB8GA1UdIwQY
MBaAFHgDVY6m5RZbOHYJevdb8ekqFCzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUFOVmpxYmxGbHM0ZGdsNjkxdng2U29VTFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81OWEzYWEtNGVhZS00NGU3LWFjYzEt
NmYxNjgzNGJjODQ3LzEvSjVIMnc2QWRva0xHd0ZvUXBsMlg3SGZoVUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS81OWEzYWEtNGVhZS00NGU3LWFjYzEtNmYxNjgzNGJjODQ3
LzEvZUFOVmpxYmxGbHM0ZGdsNjkxdng2U29VTFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYHFMA0G
CSqGSIb3DQEBCwUAA4IBAQBM6XtqrqOA93bkeOvQdoEkvwYySq6YIRUcZ1um+13M
38Vkumcs6jDkUyk6rSpRGdqipD43mFlxcjUdk7YuNKN0WGs8VosWMn2tZRn7Oszx
n2yuAbSVfLBsMdG2r51XzGUxHMqyiFmGFlYoOvbgqydnNQJ6cPleooXW04FsLZag
XNJMo0fK/aKfBODEZNJztyGugS8DOS/ZKjGtUvcA9ySqVeLBX8mvjT7kgDGOlZ7f
Y4xFIpjJ/eHs2Uukov6PCH5pMNW0M0XcMhvM45Cj2wQ+Ylc4WKNWHQuyhz6k+duX
Lm1/pliqPTgEfjE3NrCqAdnP9/O/j5/EGUg7efq4oXGh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:56 2024 by rpki-client on console-fra.rpki-client.org