Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/8NAGCG3ieCZ9LlmmWb4SWpAuWPY.roa
File: 8NAGCG3ieCZ9LlmmWb4SWpAuWPY.roa (raw, json)
Hash identifier: R1r/1pDf1LR6auMqvGJYgwicOkaM9Fe2yKm4VgDT/hE=
Subject key identifier: F0:D0:06:08:6D:E2:78:26:7D:2E:59:A6:59:BE:12:5A:90:2E:58:F6
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 067B4D42
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/8NAGCG3ieCZ9LlmmWb4SWpAuWPY.roa
Signing time: Fri 25 Mar 2022 14:37:29 +0000
ROA not before: Fri 25 Mar 2022 14:37:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35278
IP address blocks: 45.91.8.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 108744002 (0x67b4d42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Mar 25 14:37:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0d006086de278267d2e59a659be125a902e58f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1e:be:dc:12:92:f0:37:84:e5:b6:49:43:cc:
4b:4f:9a:b1:95:9f:84:0c:be:c9:13:82:a3:1a:49:
b6:3f:00:ea:5e:a3:32:ac:87:54:34:80:a0:e2:7d:
a5:ab:c2:88:a5:0e:86:31:b9:89:c4:85:b1:80:77:
9f:ce:10:c1:39:80:31:ff:85:db:db:f3:10:10:7c:
0a:be:5e:93:09:09:c5:27:f4:24:c1:36:db:29:10:
c5:a8:54:84:3c:c1:47:d9:d5:c7:6b:2d:e4:d2:05:
b3:8d:3e:09:4f:d9:8b:8d:e0:1b:9e:d1:45:e5:b4:
5d:84:5d:71:93:08:fb:49:12:99:09:78:a2:ea:fd:
1d:10:57:86:3c:72:6e:cc:1b:31:f4:18:be:22:e0:
a9:d1:0f:d2:87:5b:28:d7:7a:aa:a3:00:5b:7c:93:
76:3a:a8:a2:c0:86:23:c2:7d:c1:36:62:c6:a6:a8:
4c:26:39:a3:75:1c:51:b8:4e:f2:c1:5a:6d:68:04:
67:8b:0a:9f:43:18:b9:e9:9c:9b:c9:fc:53:ed:e8:
1e:99:18:85:f1:15:06:16:f7:52:2e:e9:be:49:c1:
9e:25:f7:d5:1e:ba:8f:f7:b1:e3:5a:2a:57:4e:f7:
6c:46:35:a2:3d:d6:88:76:46:d1:21:28:05:e7:50:
a4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:D0:06:08:6D:E2:78:26:7D:2E:59:A6:59:BE:12:5A:90:2E:58:F6
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/8NAGCG3ieCZ9LlmmWb4SWpAuWPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.8.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:37:66:bb:45:d0:98:df:2c:e2:ad:7d:b7:32:28:89:2d:f9:
8f:e0:d8:e5:a5:21:21:ab:38:f3:d7:81:9f:47:8d:ce:fe:49:
31:95:1d:f3:ae:83:11:f0:b9:3f:5d:0a:9a:03:82:84:eb:07:
ca:bd:26:29:c2:16:9b:46:ef:df:93:d2:0b:e0:c1:68:8e:25:
fa:d0:47:3d:de:d5:10:4c:b2:bf:32:0d:6c:80:a7:60:fa:26:
7b:cb:36:76:1e:b4:87:99:99:88:34:90:fd:58:14:52:de:f9:
4a:60:ae:a1:3d:ab:a9:f8:17:65:19:39:d2:fd:f2:39:dc:4f:
49:29:0c:6b:21:72:1d:25:7a:73:c3:9e:7f:1b:b0:76:16:d6:
1c:06:0e:b2:bc:20:d7:5e:18:ed:cb:28:51:d2:8c:20:35:80:
b1:01:2f:9e:98:e5:ba:f5:64:3e:4e:8b:15:ef:fb:fc:6c:c1:
a9:ea:ae:d6:a3:46:22:b6:54:8e:58:75:59:39:10:70:9a:13:
cc:98:07:95:eb:81:05:ca:e1:d0:b2:90:cd:80:f8:88:fd:95:
ca:47:e2:1d:fa:d2:d8:0c:06:f0:3c:c5:9d:31:1f:89:12:de:
6e:a5:2f:ae:22:49:79:b7:d8:fa:07:44:0f:fe:2c:df:ae:6d:
4c:4b:45:90
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBntNQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDMy
NTE0MzcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjBkMDA2MDg2ZGUy
NzgyNjdkMmU1OWE2NTliZTEyNWE5MDJlNThmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKsevtwSkvA3hOW2SUPMS0+asZWfhAy+yROCoxpJtj8A6l6j
MqyHVDSAoOJ9pavCiKUOhjG5icSFsYB3n84QwTmAMf+F29vzEBB8Cr5ekwkJxSf0
JME22ykQxahUhDzBR9nVx2st5NIFs40+CU/Zi43gG57RReW0XYRdcZMI+0kSmQl4
our9HRBXhjxybswbMfQYviLgqdEP0odbKNd6qqMAW3yTdjqoosCGI8J9wTZixqao
TCY5o3UcUbhO8sFabWgEZ4sKn0MYuemcm8n8U+3oHpkYhfEVBhb3Ui7pvknBniX3
1R66j/ex41oqV073bEY1oj3WiHZG0SEoBedQpBUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTw0AYIbeJ4Jn0uWaZZvhJakC5Y9jAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
LzhOQUdDRzNpZUNaOUxsbW1XYjRTV3BBdVdQWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1bCDANBgkqhkiG9w0BAQsFAAOC
AQEArTdmu0XQmN8s4q19tzIoiS35j+DY5aUhIas489eBn0eNzv5JMZUd866DEfC5
P10KmgOChOsHyr0mKcIWm0bv35PSC+DBaI4l+tBHPd7VEEyyvzINbICnYPome8s2
dh60h5mZiDSQ/VgUUt75SmCuoT2rqfgXZRk50v3yOdxPSSkMayFyHSV6c8Oefxuw
dhbWHAYOsrwg114Y7csoUdKMIDWAsQEvnpjluvVkPk6LFe/7/GzBqequ1qNGIrZU
jlh1WTkQcJoTzJgHleuBBcrh0LKQzYD4iP2VykfiHfrS2AwG8DzFnTEfiRLebqUv
riJJebfY+gdED/4s365tTEtFkA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org