Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/lAXCY9kUNuMwW1gkwPfjUBLKW18.roa
File: lAXCY9kUNuMwW1gkwPfjUBLKW18.roa (raw, json)
Hash identifier: 8xLMfKAysPGktTXUcCdgBmdNmw1MlFKtPJRCEJDqtbc=
Subject key identifier: 94:05:C2:63:D9:14:36:E3:30:5B:58:24:C0:F7:E3:50:12:CA:5B:5F
Certificate issuer: /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial: 0184AA1540B7780E459137C3D1D7B1164BE7
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/lAXCY9kUNuMwW1gkwPfjUBLKW18.roa
Signing time: Thu 24 Nov 2022 14:40:30 +0000
ROA not before: Thu 24 Nov 2022 14:40:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60392
IP address blocks: 139.45.244.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:aa:15:40:b7:78:0e:45:91:37:c3:d1:d7:b1:16:4b:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
Validity
Not Before: Nov 24 14:40:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9405c263d91436e3305b5824c0f7e35012ca5b5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1f:cc:83:57:43:42:1f:c7:6a:b2:f4:ea:ab:
10:0f:65:3e:8d:7d:f3:87:79:85:33:b5:c2:85:9c:
ff:18:d0:d8:28:61:f0:8c:8b:52:3b:8f:13:8d:5a:
f9:c2:a3:fd:c8:13:cf:eb:d4:56:e8:43:e1:93:d5:
0d:c3:05:8e:ef:0d:d1:b9:03:c3:b8:d9:c2:1c:23:
d8:6e:45:e7:60:68:8a:43:d2:64:10:3d:d8:89:d5:
18:23:60:fb:ff:a2:7b:20:b1:12:61:07:f3:76:ba:
e6:d7:b6:2a:8c:ac:fd:d8:76:e5:31:b4:8e:1d:ec:
c5:65:13:3e:f3:a7:cb:6d:46:f2:7d:dd:67:08:f6:
0a:27:59:60:51:e1:18:0b:a7:67:54:9b:a7:10:26:
42:05:1a:62:ec:90:db:df:38:cd:39:61:5a:08:1f:
de:18:91:e0:51:df:e5:07:a8:85:59:35:a8:77:03:
61:2d:b1:61:68:95:ce:55:0f:ac:5a:26:f3:e0:33:
c9:60:d9:dc:b3:fb:84:ac:06:da:ea:01:29:17:37:
67:f8:2d:dc:fd:cf:28:41:53:9b:5c:ff:c8:4d:79:
c9:e1:24:c9:41:0f:78:1f:bc:cf:14:74:e7:a6:62:
42:7a:62:67:e9:95:e9:a1:36:4b:12:79:a4:dc:12:
28:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:05:C2:63:D9:14:36:E3:30:5B:58:24:C0:F7:E3:50:12:CA:5B:5F
X509v3 Authority Key Identifier:
keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/lAXCY9kUNuMwW1gkwPfjUBLKW18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.45.244.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:db:d4:89:d3:c9:e6:98:f1:24:f7:c2:dd:a7:b9:0e:ef:5b:
90:54:8c:b8:25:81:2c:de:3f:40:8a:6b:f7:25:15:75:b7:81:
f2:a2:b7:2a:36:47:5e:a7:f4:12:fa:62:e9:1d:fd:47:02:2e:
5b:10:d7:c1:04:e9:61:53:3a:3d:f4:16:de:43:8d:d1:aa:94:
e8:5b:77:ae:83:3c:d2:c4:a7:04:d8:37:9a:74:4e:fd:25:a8:
b8:bc:74:30:e1:b6:0c:86:c2:30:ba:75:d0:79:f4:81:4b:15:
5b:da:c8:39:4f:b9:04:cc:0a:fa:09:f5:b3:62:8a:da:c7:e2:
b9:c0:1c:23:99:8d:8c:21:c9:47:e8:b0:9d:5e:91:cb:6a:66:
6e:60:3b:0c:f2:5f:f8:69:20:54:eb:cb:ad:14:e2:c1:1b:81:
89:42:ba:bf:d7:a7:ba:57:47:ba:5b:0a:c9:6e:a8:74:9c:13:
95:f6:43:8f:73:fe:9b:71:62:40:74:59:24:36:4e:69:de:bd:
e5:30:c4:53:a3:7d:d5:58:92:33:17:d0:70:cf:cb:3d:67:9f:
31:8d:2a:91:75:5d:9d:92:03:ab:79:fe:ae:4a:24:38:a0:43:
6c:0a:40:ef:86:d1:c4:17:0a:f4:8b:76:0e:88:51:3f:0f:44:
51:8e:49:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSqFUC3eA5FkTfD0dexFkvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YmUwMmRlYTBhMDg2ZTk4ODBmNTY0Yzg2ODcyYmJjNTk3
Y2M2NzIwHhcNMjIxMTI0MTQ0MDMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDA1YzI2M2Q5MTQzNmUzMzA1YjU4MjRjMGY3ZTM1MDEyY2E1YjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR/Mg1dDQh/HarL06qsQD2U+jX3z
h3mFM7XChZz/GNDYKGHwjItSO48TjVr5wqP9yBPP69RW6EPhk9UNwwWO7w3RuQPD
uNnCHCPYbkXnYGiKQ9JkED3YidUYI2D7/6J7ILESYQfzdrrm17YqjKz92HblMbSO
HezFZRM+86fLbUbyfd1nCPYKJ1lgUeEYC6dnVJunECZCBRpi7JDb3zjNOWFaCB/e
GJHgUd/lB6iFWTWodwNhLbFhaJXOVQ+sWibz4DPJYNncs/uErAba6gEpFzdn+C3c
/c8oQVObXP/ITXnJ4STJQQ94H7zPFHTnpmJCemJn6ZXpoTZLEnmk3BIolwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJQFwmPZFDbjMFtYJMD341ASyltfMB8GA1UdIwQY
MBaAFCm+At6goIbpiA9WTIaHK7xZfMZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMt
MDAzYTE1NjhiZjNmLzEvbEFYQ1k5a1VOdU13VzFna3dQZmpVQkxLVzE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMtMDAzYTE1NjhiZjNm
LzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBiy30MA0G
CSqGSIb3DQEBCwUAA4IBAQB929SJ08nmmPEk98Ldp7kO71uQVIy4JYEs3j9Aimv3
JRV1t4HyorcqNkdep/QS+mLpHf1HAi5bENfBBOlhUzo99BbeQ43RqpToW3eugzzS
xKcE2DeadE79Jai4vHQw4bYMhsIwunXQefSBSxVb2sg5T7kEzAr6CfWzYorax+K5
wBwjmY2MIclH6LCdXpHLamZuYDsM8l/4aSBU68utFOLBG4GJQrq/16e6V0e6WwrJ
bqh0nBOV9kOPc/6bcWJAdFkkNk5p3r3lMMRTo33VWJIzF9Bwz8s9Z58xjSqRdV2d
kgOref6uSiQ4oENsCkDvhtHEFwr0i3YOiFE/D0RRjkml
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:17 2024 by rpki-client on console-fra.rpki-client.org