Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/rcwQ728KQToZf04RrMW95tcQ1R4.roa
File: rcwQ728KQToZf04RrMW95tcQ1R4.roa (raw, json)
Hash identifier: 9sCu8a9tLXWRZW3h0Bc/RtFeS94J0XtBkz1EqTQYdn0=
Subject key identifier: AD:CC:10:EF:6F:0A:41:3A:19:7F:4E:11:AC:C5:BD:E6:D7:10:D5:1E
Certificate issuer: /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial: 018221169468F5AD114BD891DF34F6EC36AA
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/rcwQ728KQToZf04RrMW95tcQ1R4.roa
Signing time: Thu 21 Jul 2022 14:08:24 +0000
ROA not before: Thu 21 Jul 2022 14:08:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60392
IP address blocks: 139.45.244.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:21:16:94:68:f5:ad:11:4b:d8:91:df:34:f6:ec:36:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
Validity
Not Before: Jul 21 14:08:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=adcc10ef6f0a413a197f4e11acc5bde6d710d51e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:93:21:a9:af:15:57:6b:d5:b4:03:b3:16:00:
8a:68:d2:f1:2f:58:6a:b3:cd:46:69:82:2d:df:67:
ee:e8:3a:65:a0:9e:dc:08:a3:f3:86:64:94:ca:cd:
bc:a3:aa:1b:7b:d9:be:a0:0c:01:cc:3d:21:34:bf:
13:82:4c:83:fe:7e:cd:08:54:0a:ce:a4:3e:c2:ab:
59:cd:dd:56:84:48:c9:ed:58:79:f2:ff:30:e1:80:
cc:72:85:14:3f:7e:81:2a:7a:38:96:99:4d:d7:b6:
b8:9a:b0:61:b8:ad:80:f3:2c:e1:dc:f7:83:5e:9c:
d8:1c:b1:5a:14:f9:50:9f:8c:9e:79:4c:dd:f2:85:
c3:46:88:f9:9a:3d:a5:78:02:26:39:ad:bf:ed:3e:
3c:da:50:28:5c:e8:a4:a5:30:82:12:01:73:0a:86:
38:c2:e8:00:c3:88:43:94:6f:ba:12:27:b9:ba:d2:
07:10:72:bd:51:8f:10:f2:7c:fa:6e:da:65:8e:c5:
36:a3:d6:b0:4c:13:dd:e1:6c:80:d9:dd:fb:bb:29:
e7:0a:a9:17:8e:34:d8:e5:ea:91:14:8a:c8:84:62:
d7:40:43:6a:b8:8e:15:92:cb:c3:ff:d5:ae:04:43:
71:66:ef:2f:3c:2c:a4:76:26:d3:8a:6e:fd:70:9c:
7b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:CC:10:EF:6F:0A:41:3A:19:7F:4E:11:AC:C5:BD:E6:D7:10:D5:1E
X509v3 Authority Key Identifier:
keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/rcwQ728KQToZf04RrMW95tcQ1R4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.45.244.0/23
Signature Algorithm: sha256WithRSAEncryption
85:42:58:6e:97:c4:07:ad:57:b3:96:e8:70:90:e2:55:cd:ff:
22:26:c6:69:fa:15:e1:2e:c0:43:aa:62:82:a2:60:df:9f:bd:
63:f6:79:22:a9:ee:13:d8:6a:b2:57:18:ac:ca:79:c0:27:3d:
78:89:64:58:16:c6:61:e7:5d:02:da:8e:6b:b1:c8:9d:cc:fe:
4c:15:d6:4a:0f:c4:75:64:bf:5a:4b:d7:69:30:a2:ad:d7:b3:
db:9a:b4:82:f0:ab:06:b1:87:8f:45:98:cb:2b:c5:9d:0e:79:
b7:83:3a:c1:aa:61:73:90:7c:fb:8f:1e:0a:16:7a:09:b7:ce:
e1:cd:d5:16:0d:cd:b9:26:10:38:14:96:46:c2:ee:3c:71:26:
2e:24:c8:b2:f1:ae:bf:3a:9b:3f:62:d2:ca:78:80:d3:87:3c:
56:5b:cf:bb:e6:19:77:16:7a:8c:e5:20:3e:af:88:f8:cb:55:
88:a3:86:c0:47:6d:d3:6d:ba:38:ce:50:18:06:37:b2:fe:c8:
7f:88:52:f3:06:13:21:44:dc:34:9b:59:46:e9:f4:4b:65:47:
6e:24:65:69:03:8a:06:9e:01:d7:2c:1b:dc:ed:d5:8f:61:79:
b9:85:3a:54:ab:44:86:d5:03:f5:bc:60:b0:a7:b9:96:38:8f:
09:f2:9f:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIhFpRo9a0RS9iR3zT27DaqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YmUwMmRlYTBhMDg2ZTk4ODBmNTY0Yzg2ODcyYmJjNTk3
Y2M2NzIwHhcNMjIwNzIxMTQwODI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGNjMTBlZjZmMGE0MTNhMTk3ZjRlMTFhY2M1YmRlNmQ3MTBkNTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpMhqa8VV2vVtAOzFgCKaNLxL1hq
s81GaYIt32fu6DploJ7cCKPzhmSUys28o6obe9m+oAwBzD0hNL8TgkyD/n7NCFQK
zqQ+wqtZzd1WhEjJ7Vh58v8w4YDMcoUUP36BKno4lplN17a4mrBhuK2A8yzh3PeD
XpzYHLFaFPlQn4yeeUzd8oXDRoj5mj2leAImOa2/7T482lAoXOikpTCCEgFzCoY4
wugAw4hDlG+6Eie5utIHEHK9UY8Q8nz6btpljsU2o9awTBPd4WyA2d37uynnCqkX
jjTY5eqRFIrIhGLXQENquI4VksvD/9WuBENxZu8vPCykdibTim79cJx7oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK3MEO9vCkE6GX9OEazFvebXENUeMB8GA1UdIwQY
MBaAFCm+At6goIbpiA9WTIaHK7xZfMZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMt
MDAzYTE1NjhiZjNmLzEvcmN3UTcyOEtRVG9aZjA0UnJNVzk1dGNRMVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMtMDAzYTE1NjhiZjNm
LzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBiy30MA0G
CSqGSIb3DQEBCwUAA4IBAQCFQlhul8QHrVezluhwkOJVzf8iJsZp+hXhLsBDqmKC
omDfn71j9nkiqe4T2GqyVxisynnAJz14iWRYFsZh510C2o5rscidzP5MFdZKD8R1
ZL9aS9dpMKKt17PbmrSC8KsGsYePRZjLK8WdDnm3gzrBqmFzkHz7jx4KFnoJt87h
zdUWDc25JhA4FJZGwu48cSYuJMiy8a6/Ops/YtLKeIDThzxWW8+75hl3FnqM5SA+
r4j4y1WIo4bAR23Tbbo4zlAYBjey/sh/iFLzBhMhRNw0m1lG6fRLZUduJGVpA4oG
ngHXLBvc7dWPYXm5hTpUq0SG1QP1vGCwp7mWOI8J8p+a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:09 2024 by rpki-client on console-ams.rpki-client.org