Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/XeLt2B6-nhsVffAc4C8vrMnIYl8.roa
File: XeLt2B6-nhsVffAc4C8vrMnIYl8.roa (raw, json)
Hash identifier: UmbZoqJIS1oJ4AzUDbtNPE5VyOuSPdespQ8oNbVnyhg=
Subject key identifier: 5D:E2:ED:D8:1E:BE:9E:1B:15:7D:F0:1C:E0:2F:2F:AC:C9:C8:62:5F
Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Certificate serial: 01856BD341ADA76EE00A9A3467E208F80189
Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/XeLt2B6-nhsVffAc4C8vrMnIYl8.roa
Signing time: Sun 01 Jan 2023 05:34:45 +0000
ROA not before: Sun 01 Jan 2023 05:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200918
IP address blocks: 45.140.40.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:41:ad:a7:6e:e0:0a:9a:34:67:e2:08:f8:01:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Validity
Not Before: Jan 1 05:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5de2edd81ebe9e1b157df01ce02f2facc9c8625f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b1:88:8e:03:bb:c7:e4:b7:cd:4d:e5:e5:16:
85:f9:27:e0:7a:d5:11:c1:8e:8f:69:f5:09:bb:04:
c0:85:9e:41:b5:7e:b5:af:fe:4c:12:3b:14:a9:e7:
7c:f0:7b:04:01:1c:1b:5c:db:8b:7e:98:34:7a:67:
de:6b:b8:bf:ce:d9:85:e0:1e:0c:b3:a8:2a:ea:a6:
22:21:1a:6a:0e:85:0f:a2:8e:1e:43:a6:1a:46:f5:
39:06:60:88:d3:bc:73:22:81:ee:2a:45:07:0b:16:
94:ad:8b:14:9d:d1:d2:ed:aa:bf:3b:62:ea:5f:a3:
cb:1f:92:3b:15:d9:16:82:e5:2e:17:0b:4b:cc:e2:
e6:0e:d2:74:56:9e:ea:74:28:56:dc:4e:55:f8:e3:
8f:e4:2b:47:e6:ae:00:2d:8d:e5:61:70:c7:07:13:
e4:6f:f8:58:bf:d6:ef:d3:fd:6c:55:bd:ef:9b:e0:
11:5b:ca:ae:0d:87:96:fc:06:93:83:7f:ea:9d:28:
7f:9f:99:bf:c8:98:49:f5:1e:fd:5c:0b:29:8d:90:
5a:e9:ea:02:5d:9f:c7:a6:18:32:fd:07:d7:9e:1d:
0a:df:91:4b:ac:9c:d8:58:0c:5f:70:30:34:4f:c5:
20:c0:77:6b:0c:34:18:6e:d1:7e:80:70:06:6c:58:
26:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E2:ED:D8:1E:BE:9E:1B:15:7D:F0:1C:E0:2F:2F:AC:C9:C8:62:5F
X509v3 Authority Key Identifier:
keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/XeLt2B6-nhsVffAc4C8vrMnIYl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.40.0/22
Signature Algorithm: sha256WithRSAEncryption
26:32:21:b8:ad:d0:1d:3f:17:fe:aa:4b:f0:17:1e:df:a0:30:
ab:3e:f8:0a:34:c9:93:64:8f:dd:0b:b7:22:9d:b8:e5:3d:d6:
c2:2b:09:70:33:e6:50:88:fb:27:00:e6:e6:da:53:3e:b8:f0:
44:65:bb:3e:89:11:2d:17:be:dc:f5:80:bb:16:77:65:2a:57:
17:33:b4:48:5b:44:e8:ed:e3:1c:9f:7b:ef:f7:3b:fa:eb:fd:
94:92:ce:04:37:96:4c:00:39:ed:07:f8:f4:cb:05:c7:6a:b3:
09:99:27:77:3c:76:a3:de:79:50:bc:5b:c6:15:34:aa:d1:90:
8a:f8:52:fd:3c:70:95:be:6a:37:dc:a7:28:63:8a:e1:59:9f:
2b:44:e5:29:59:e8:51:e4:08:ee:35:61:29:e6:13:00:e6:c8:
3d:14:50:ca:d4:e7:c2:6d:e1:99:1d:81:b4:81:c4:6f:bb:40:
ac:fa:fc:04:8f:47:ec:01:aa:67:29:4e:90:be:3c:2d:4d:25:
c6:5e:b9:6d:0e:39:1a:0b:ca:a8:bd:b3:d6:76:cc:8f:5e:30:
51:70:85:eb:f5:19:f1:34:c8:02:aa:23:79:50:15:ef:15:dc:
34:ca:9c:13:65:d8:80:d2:d2:ad:17:21:b0:52:be:93:61:4b:
ee:e5:8b:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr00Gtp27gCpo0Z+II+AGJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWU5M2Y5MDIzNTRjZTQ4MDRiNGNiMDQ5Y2Y2OGIyMGY3
NmFlYjIwHhcNMjMwMTAxMDUzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGUyZWRkODFlYmU5ZTFiMTU3ZGYwMWNlMDJmMmZhY2M5Yzg2MjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibGIjgO7x+S3zU3l5RaF+SfgetUR
wY6PafUJuwTAhZ5BtX61r/5MEjsUqed88HsEARwbXNuLfpg0emfea7i/ztmF4B4M
s6gq6qYiIRpqDoUPoo4eQ6YaRvU5BmCI07xzIoHuKkUHCxaUrYsUndHS7aq/O2Lq
X6PLH5I7FdkWguUuFwtLzOLmDtJ0Vp7qdChW3E5V+OOP5CtH5q4ALY3lYXDHBxPk
b/hYv9bv0/1sVb3vm+ARW8quDYeW/AaTg3/qnSh/n5m/yJhJ9R79XAspjZBa6eoC
XZ/Hphgy/QfXnh0K35FLrJzYWAxfcDA0T8UgwHdrDDQYbtF+gHAGbFgmNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF3i7dgevp4bFX3wHOAvL6zJyGJfMB8GA1UdIwQY
MBaAFK9ek/kCNUzkgEtMsEnPaLIPdq6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWIt
N2UwNWFkMDE5MGNlLzEvWGVMdDJCNi1uaHNWZmZBYzRDOHZyTW5JWWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWItN2UwNWFkMDE5MGNl
LzEvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYwoMA0G
CSqGSIb3DQEBCwUAA4IBAQAmMiG4rdAdPxf+qkvwFx7foDCrPvgKNMmTZI/dC7ci
nbjlPdbCKwlwM+ZQiPsnAObm2lM+uPBEZbs+iREtF77c9YC7FndlKlcXM7RIW0To
7eMcn3vv9zv66/2Uks4EN5ZMADntB/j0ywXHarMJmSd3PHaj3nlQvFvGFTSq0ZCK
+FL9PHCVvmo33KcoY4rhWZ8rROUpWehR5AjuNWEp5hMA5sg9FFDK1OfCbeGZHYG0
gcRvu0Cs+vwEj0fsAapnKU6QvjwtTSXGXrltDjkaC8qovbPWdsyPXjBRcIXr9Rnx
NMgCqiN5UBXvFdw0ypwTZdiA0tKtFyGwUr6TYUvu5Yso
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:09 2024 by rpki-client on console-fra.rpki-client.org