Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/mCbiOBReTyba6LdZZMBxOJE34X0.roa
File: mCbiOBReTyba6LdZZMBxOJE34X0.roa (raw, json)
Hash identifier: QffgffqWCT/0YdrYzgYboLEROA9R00bHsPW0i6EJ1f0=
Subject key identifier: 98:26:E2:38:14:5E:4F:26:DA:E8:B7:59:64:C0:71:38:91:37:E1:7D
Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Certificate serial: 01849645042073B21FC75683FCA1CD9C7B5A
Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/mCbiOBReTyba6LdZZMBxOJE34X0.roa
Signing time: Sun 20 Nov 2022 18:20:16 +0000
ROA not before: Sun 20 Nov 2022 18:20:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56361
IP address blocks: 45.140.24.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:96:45:04:20:73:b2:1f:c7:56:83:fc:a1:cd:9c:7b:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Validity
Not Before: Nov 20 18:20:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9826e238145e4f26dae8b75964c071389137e17d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a2:df:55:14:b9:7f:74:01:1e:d7:32:53:ad:
b1:e5:2f:c0:55:ed:a4:a4:d4:fd:27:d3:c3:2f:06:
76:14:64:35:05:54:ce:c7:04:45:ce:be:a3:22:cd:
59:d1:21:b3:99:18:33:a2:35:ae:cb:5a:88:03:49:
ae:40:b2:f3:ea:b9:c0:db:b9:35:3e:58:59:51:8c:
62:1c:e8:87:b3:01:99:57:39:ee:01:de:9f:94:4e:
a6:16:e3:4c:ce:bf:a1:6c:42:3c:1b:e0:37:30:63:
6b:57:f4:14:b5:89:09:00:87:1a:3d:99:37:0d:15:
ff:d4:b7:56:8d:59:fe:f0:21:ac:89:e4:73:e1:29:
e6:c1:03:4f:cf:0d:48:92:4d:73:5f:6c:65:a2:fb:
e2:f2:e1:56:3c:7e:30:49:7e:ef:eb:e7:9d:7d:0d:
7b:fe:e8:92:d1:59:95:ac:21:20:85:6c:e1:45:a1:
88:59:1d:85:e5:bf:9d:da:92:14:ad:99:09:e1:06:
29:94:ac:04:fb:27:c0:71:b5:c4:12:9b:0c:69:1f:
e7:fa:22:32:87:7d:d8:49:c2:27:4e:f1:b5:b2:59:
14:5a:df:12:18:92:e1:f8:42:97:98:39:2a:31:63:
34:84:2d:72:62:07:95:f3:6d:3e:19:da:a6:59:7d:
99:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:26:E2:38:14:5E:4F:26:DA:E8:B7:59:64:C0:71:38:91:37:E1:7D
X509v3 Authority Key Identifier:
keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/mCbiOBReTyba6LdZZMBxOJE34X0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.24.0/22
Signature Algorithm: sha256WithRSAEncryption
76:00:3a:bc:8d:a6:15:bd:1b:0b:51:68:4a:ec:61:e7:74:13:
62:2f:e3:1a:ee:80:19:54:89:6e:da:c0:93:f1:b6:d9:e5:e1:
31:16:ea:13:0c:9b:a2:ef:3c:00:cc:d0:62:12:7d:21:01:28:
d9:0d:7e:04:f0:dd:92:ee:84:12:bd:88:5a:82:ae:98:ab:1d:
2b:40:b7:ca:30:00:c2:df:cb:f0:40:fa:bc:c4:53:f2:3e:ff:
d9:d9:3e:a3:51:bf:5b:ef:f8:98:d1:6e:25:cf:7c:b9:77:e1:
ba:16:33:50:c0:f0:f6:ee:e2:ba:ee:1f:aa:ac:7b:ab:09:8b:
4f:e0:1b:b0:8d:d3:70:f5:31:8d:f6:83:66:e6:2e:a8:f4:44:
02:55:cb:9b:88:9b:b8:64:42:8a:d4:e3:75:a2:a7:38:f3:7e:
36:32:f4:77:95:cc:9b:df:53:82:b0:28:e5:0c:fb:f4:0b:f5:
2b:0a:20:c8:de:68:e3:bd:56:6c:7b:c3:a0:b9:b6:37:73:5e:
03:e1:7f:0b:16:6b:f6:01:ed:2a:db:fe:c9:d1:4d:65:52:2c:
2b:73:bc:8f:dc:ef:eb:20:ea:7c:29:b5:dc:9a:19:44:f8:91:
48:f2:77:9e:0a:76:82:17:88:21:aa:d3:60:58:fb:98:fd:39:
b8:56:1f:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSWRQQgc7Ifx1aD/KHNnHtaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNWU5M2Y5MDIzNTRjZTQ4MDRiNGNiMDQ5Y2Y2OGIyMGY3
NmFlYjIwHhcNMjIxMTIwMTgyMDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODI2ZTIzODE0NWU0ZjI2ZGFlOGI3NTk2NGMwNzEzODkxMzdlMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKLfVRS5f3QBHtcyU62x5S/AVe2k
pNT9J9PDLwZ2FGQ1BVTOxwRFzr6jIs1Z0SGzmRgzojWuy1qIA0muQLLz6rnA27k1
PlhZUYxiHOiHswGZVznuAd6flE6mFuNMzr+hbEI8G+A3MGNrV/QUtYkJAIcaPZk3
DRX/1LdWjVn+8CGsieRz4SnmwQNPzw1Ikk1zX2xlovvi8uFWPH4wSX7v6+edfQ17
/uiS0VmVrCEghWzhRaGIWR2F5b+d2pIUrZkJ4QYplKwE+yfAcbXEEpsMaR/n+iIy
h33YScInTvG1slkUWt8SGJLh+EKXmDkqMWM0hC1yYgeV820+GdqmWX2ZIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJgm4jgUXk8m2ui3WWTAcTiRN+F9MB8GA1UdIwQY
MBaAFK9ek/kCNUzkgEtMsEnPaLIPdq6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWIt
N2UwNWFkMDE5MGNlLzEvbUNiaU9CUmVUeWJhNkxkWlpNQnhPSkUzNFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mNDAwNGItZDYwMi00NzVkLTkzMWItN2UwNWFkMDE5MGNl
LzEvcjE2VC1RSTFUT1NBUzB5d1NjOW9zZzkycnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYwYMA0G
CSqGSIb3DQEBCwUAA4IBAQB2ADq8jaYVvRsLUWhK7GHndBNiL+Ma7oAZVIlu2sCT
8bbZ5eExFuoTDJui7zwAzNBiEn0hASjZDX4E8N2S7oQSvYhagq6Yqx0rQLfKMADC
38vwQPq8xFPyPv/Z2T6jUb9b7/iY0W4lz3y5d+G6FjNQwPD27uK67h+qrHurCYtP
4BuwjdNw9TGN9oNm5i6o9EQCVcubiJu4ZEKK1ON1oqc48342MvR3lcyb31OCsCjl
DPv0C/UrCiDI3mjjvVZse8OgubY3c14D4X8LFmv2Ae0q2/7J0U1lUiwrc7yP3O/r
IOp8KbXcmhlE+JFI8neeCnaCF4ghqtNgWPuY/Tm4Vh/J
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:09 2024 by rpki-client on console-fra.rpki-client.org