Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/TQAGQNuFbc_LQ99uXsEr3ENNh3A.roa
File: TQAGQNuFbc_LQ99uXsEr3ENNh3A.roa (raw, json)
Hash identifier: ko2q3hvGYda0prpT85bH2kr4D9QG1/23Cq+kLuEwfrI=
Subject key identifier: 4D:00:06:40:DB:85:6D:CF:CB:43:DF:6E:5E:C1:2B:DC:43:4D:87:70
Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Certificate serial: 0183323836E24A8FB60E98D1C790149CDA14
Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/TQAGQNuFbc_LQ99uXsEr3ENNh3A.roa
Signing time: Mon 12 Sep 2022 15:01:28 +0000
ROA not before: Mon 12 Sep 2022 15:01:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200918
IP address blocks: 45.140.40.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:32:38:36:e2:4a:8f:b6:0e:98:d1:c7:90:14:9c:da:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Validity
Not Before: Sep 12 15:01:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d000640db856dcfcb43df6e5ec12bdc434d8770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1e:ab:43:52:ce:fa:7e:1c:16:8e:2f:f3:71:
78:55:c6:a1:03:11:e7:ea:4a:85:1d:67:1d:71:24:
74:7d:50:a4:a6:39:7b:9e:91:e9:2b:74:e2:d0:6f:
09:99:e5:da:6d:c2:f3:ff:9c:ce:16:a5:3b:53:05:
00:f6:b5:a7:27:32:9a:f0:74:b4:18:63:99:16:40:
1e:35:4f:e6:d5:00:d1:84:ec:99:06:20:9e:21:19:
d1:40:db:cf:c1:20:5a:43:0a:0c:8f:64:fc:87:9b:
17:7e:e6:4a:d5:c3:8b:06:c4:9f:e9:bd:71:41:96:
46:d1:b7:94:1c:28:78:25:89:cd:03:c7:49:4a:e3:
3f:75:bc:59:cd:24:b7:85:2b:fa:13:92:8d:0c:dc:
f3:79:32:4c:03:fa:8a:61:08:51:80:62:6a:30:5a:
3b:87:31:4a:09:d4:5c:de:30:65:d2:a1:9e:c9:8c:
9e:df:d1:87:27:84:b5:c0:7d:5c:52:98:b0:f2:a8:
f7:5d:19:24:64:95:5c:d8:6e:1e:0f:a0:37:99:d1:
0e:47:f8:90:f6:fc:bb:01:0a:00:a3:90:56:f1:f5:
69:ee:0f:be:20:ad:7d:c2:db:07:27:6e:1b:88:af:
a6:ca:39:d4:93:01:86:79:bc:52:bb:7b:3e:e9:25:
b0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:00:06:40:DB:85:6D:CF:CB:43:DF:6E:5E:C1:2B:DC:43:4D:87:70
X509v3 Authority Key Identifier:
keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/TQAGQNuFbc_LQ99uXsEr3ENNh3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.40.0/22
Signature Algorithm: sha256WithRSAEncryption
11:21:00:60:ee:24:80:c8:5b:61:cb:a8:f1:83:f9:05:92:d8:
5a:3c:ea:25:da:50:ca:fd:d8:8e:99:d6:93:d7:54:11:d8:5b:
fd:af:60:73:a8:46:8d:cd:d7:41:a9:70:b5:3b:ac:3d:54:dd:
a2:62:21:6e:37:fc:b4:9e:11:6b:10:02:61:d9:d7:b3:b3:e0:
da:c2:f9:e2:c1:da:4f:a7:82:be:81:91:7c:be:ba:2e:3d:96:
94:aa:e5:9a:e6:1d:fe:be:fd:78:48:23:24:c8:d8:33:16:6f:
2a:6d:a5:71:fb:52:7e:06:67:9c:65:45:d5:67:b1:10:4c:24:
01:b8:8c:8e:ad:67:ca:e2:69:77:e9:94:65:4e:24:6c:dc:0e:
06:a3:41:6c:8e:c7:e6:43:a6:d9:ea:22:9a:39:54:d9:1e:97:
e3:76:a7:8d:5a:4b:83:36:cf:f2:3f:26:d1:95:dd:51:04:4e:
3f:37:fa:bb:ae:6d:8c:27:13:26:c8:af:e0:3c:a7:4f:71:9e:
24:fd:88:a6:b0:35:fe:05:0f:30:03:fe:aa:4c:fc:18:7e:88:
8c:d5:32:d3:0d:ca:22:ff:78:10:4d:17:1a:fa:df:3b:81:af:
11:26:38:4b:25:ae:fd:af:eb:18:b5:20:f1:f2:e6:00:db:0a:
21:5f:f0:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMyODbiSo+2DpjRx5AUnNoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWU5M2Y5MDIzNTRjZTQ4MDRiNGNiMDQ5Y2Y2OGIyMGY3
NmFlYjIwHhcNMjIwOTEyMTUwMTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDAwMDY0MGRiODU2ZGNmY2I0M2RmNmU1ZWMxMmJkYzQzNGQ4NzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhR6rQ1LO+n4cFo4v83F4VcahAxHn
6kqFHWcdcSR0fVCkpjl7npHpK3Ti0G8JmeXabcLz/5zOFqU7UwUA9rWnJzKa8HS0
GGOZFkAeNU/m1QDRhOyZBiCeIRnRQNvPwSBaQwoMj2T8h5sXfuZK1cOLBsSf6b1x
QZZG0beUHCh4JYnNA8dJSuM/dbxZzSS3hSv6E5KNDNzzeTJMA/qKYQhRgGJqMFo7
hzFKCdRc3jBl0qGeyYye39GHJ4S1wH1cUpiw8qj3XRkkZJVc2G4eD6A3mdEOR/iQ
9vy7AQoAo5BW8fVp7g++IK19wtsHJ24biK+myjnUkwGGebxSu3s+6SWwbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE0ABkDbhW3Py0Pfbl7BK9xDTYdwMB8GA1UdIwQY
MBaAFK9ek/kCNUzkgEtMsEnPaLIPdq6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWIt
N2UwNWFkMDE5MGNlLzEvVFFBR1FOdUZiY19MUTk5dVhzRXIzRU5OaDNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWItN2UwNWFkMDE5MGNl
LzEvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYwoMA0G
CSqGSIb3DQEBCwUAA4IBAQARIQBg7iSAyFthy6jxg/kFkthaPOol2lDK/diOmdaT
11QR2Fv9r2BzqEaNzddBqXC1O6w9VN2iYiFuN/y0nhFrEAJh2dezs+DawvniwdpP
p4K+gZF8vrouPZaUquWa5h3+vv14SCMkyNgzFm8qbaVx+1J+BmecZUXVZ7EQTCQB
uIyOrWfK4ml36ZRlTiRs3A4Go0FsjsfmQ6bZ6iKaOVTZHpfjdqeNWkuDNs/yPybR
ld1RBE4/N/q7rm2MJxMmyK/gPKdPcZ4k/YimsDX+BQ8wA/6qTPwYfoiM1TLTDcoi
/3gQTRca+t87ga8RJjhLJa79r+sYtSDx8uYA2wohX/Cv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:09 2024 by rpki-client on console-fra.rpki-client.org