Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/RfFHj0wIGVMku7hrFm8I8gd0yyU.roa
File: RfFHj0wIGVMku7hrFm8I8gd0yyU.roa (raw, json)
Hash identifier: S1hO1SPdr6RL0Vb/CVFOQs9Vig/orccne96H84nXf2A=
Subject key identifier: 45:F1:47:8F:4C:08:19:53:24:BB:B8:6B:16:6F:08:F2:07:74:CB:25
Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Certificate serial: 01856BD33FCB096F001F59527B8CC6F71022
Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/RfFHj0wIGVMku7hrFm8I8gd0yyU.roa
Signing time: Sun 01 Jan 2023 05:34:44 +0000
ROA not before: Sun 01 Jan 2023 05:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56361
IP address blocks: 45.140.24.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:3f:cb:09:6f:00:1f:59:52:7b:8c:c6:f7:10:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Validity
Not Before: Jan 1 05:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45f1478f4c08195324bbb86b166f08f20774cb25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:aa:54:f7:e7:9a:69:1e:02:ca:fb:25:17:50:
78:df:b9:d5:5a:f1:90:82:d3:48:e0:bf:92:dc:8e:
d5:64:0e:df:53:cd:4b:7b:7c:69:fc:75:76:ac:42:
40:91:67:bc:73:34:47:6c:be:3e:7d:a9:45:e4:ba:
51:93:61:47:c9:08:b4:7f:21:bb:92:49:43:23:ea:
e3:2c:64:ff:33:91:70:67:22:13:35:55:71:f4:41:
92:51:b4:67:fd:b9:26:69:a5:f8:c0:90:8a:74:61:
5e:ae:a6:d4:4e:78:58:99:31:e6:02:81:15:99:f2:
19:51:17:68:a7:1a:22:67:72:aa:74:84:d4:3e:5d:
25:51:0d:bb:a0:8a:48:b1:ee:7b:d9:9c:2c:8d:bd:
c1:ea:3f:b2:b5:af:7d:e5:be:01:d3:ce:c1:3a:b8:
17:48:cf:ac:0c:3d:bf:98:9f:ed:79:05:65:c8:c2:
97:95:8e:7d:37:e1:b8:b5:c5:34:e3:2b:b5:33:52:
5c:dd:31:53:e3:c2:ff:e9:67:be:08:29:69:7c:25:
68:14:54:90:91:87:ce:92:e3:59:5e:bc:31:2c:32:
89:4c:f3:a0:06:ce:49:8d:59:a0:5c:2e:87:2b:72:
2e:af:bb:6c:bf:f1:91:7f:ac:51:07:5a:d9:00:d1:
30:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F1:47:8F:4C:08:19:53:24:BB:B8:6B:16:6F:08:F2:07:74:CB:25
X509v3 Authority Key Identifier:
keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/RfFHj0wIGVMku7hrFm8I8gd0yyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.24.0/22
Signature Algorithm: sha256WithRSAEncryption
19:75:09:11:c2:47:79:55:b3:09:12:2e:45:f1:0f:77:0d:29:
06:7e:6b:ae:73:41:a4:82:a0:6b:d5:89:8c:c0:7e:9d:a5:e8:
ef:fc:49:66:6b:29:b3:1e:45:29:9c:94:4e:44:26:4e:48:a0:
6f:46:70:86:80:b6:f2:a9:9b:db:d1:0d:96:01:e3:72:2a:df:
f6:d8:34:57:1d:72:ce:0c:0e:d8:5a:0c:4f:ce:84:1c:10:6f:
2a:60:9c:c2:d0:b7:19:d8:13:11:89:d1:d8:4d:83:fa:26:49:
80:a2:0e:ca:56:b5:58:bc:b8:e1:ae:40:fa:2e:51:a3:08:b0:
d8:43:2d:82:4c:01:2d:bc:48:ed:d6:86:98:b2:34:95:8f:1e:
3c:b2:f6:35:06:a5:23:d8:aa:90:8e:13:16:b6:88:76:b4:49:
6c:06:34:50:ec:dd:3b:62:1e:97:32:eb:6b:fd:18:74:e2:11:
6f:a0:fb:dc:66:5b:b0:d6:78:68:0e:28:6a:ed:e2:f2:6c:47:
c1:7f:65:8f:a3:11:23:0f:4e:ef:28:b0:a4:8a:10:d2:b2:d2:
ae:51:88:17:50:98:60:04:a8:48:4c:c4:4a:cb:eb:b1:46:b2:
e3:5f:8b:cc:c8:a5:1c:52:78:26:c1:27:fd:14:28:18:cd:71:
50:1b:48:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr0z/LCW8AH1lSe4zG9xAiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWU5M2Y5MDIzNTRjZTQ4MDRiNGNiMDQ5Y2Y2OGIyMGY3
NmFlYjIwHhcNMjMwMTAxMDUzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWYxNDc4ZjRjMDgxOTUzMjRiYmI4NmIxNjZmMDhmMjA3NzRjYjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKpU9+eaaR4CyvslF1B437nVWvGQ
gtNI4L+S3I7VZA7fU81Le3xp/HV2rEJAkWe8czRHbL4+falF5LpRk2FHyQi0fyG7
kklDI+rjLGT/M5FwZyITNVVx9EGSUbRn/bkmaaX4wJCKdGFerqbUTnhYmTHmAoEV
mfIZURdopxoiZ3KqdITUPl0lUQ27oIpIse572Zwsjb3B6j+yta995b4B087BOrgX
SM+sDD2/mJ/teQVlyMKXlY59N+G4tcU04yu1M1Jc3TFT48L/6We+CClpfCVoFFSQ
kYfOkuNZXrwxLDKJTPOgBs5JjVmgXC6HK3Iur7tsv/GRf6xRB1rZANEwgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEXxR49MCBlTJLu4axZvCPIHdMslMB8GA1UdIwQY
MBaAFK9ek/kCNUzkgEtMsEnPaLIPdq6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWIt
N2UwNWFkMDE5MGNlLzEvUmZGSGowd0lHVk1rdTdockZtOEk4Z2QweXlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWItN2UwNWFkMDE5MGNl
LzEvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYwYMA0G
CSqGSIb3DQEBCwUAA4IBAQAZdQkRwkd5VbMJEi5F8Q93DSkGfmuuc0GkgqBr1YmM
wH6dpejv/ElmaymzHkUpnJRORCZOSKBvRnCGgLbyqZvb0Q2WAeNyKt/22DRXHXLO
DA7YWgxPzoQcEG8qYJzC0LcZ2BMRidHYTYP6JkmAog7KVrVYvLjhrkD6LlGjCLDY
Qy2CTAEtvEjt1oaYsjSVjx48svY1BqUj2KqQjhMWtoh2tElsBjRQ7N07Yh6XMutr
/Rh04hFvoPvcZluw1nhoDihq7eLybEfBf2WPoxEjD07vKLCkihDSstKuUYgXUJhg
BKhITMRKy+uxRrLjX4vMyKUcUngmwSf9FCgYzXFQG0jn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:09 2024 by rpki-client on console-fra.rpki-client.org