Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/IROmd9kMyZv0ioig6w3h65LytCo.roa
File: IROmd9kMyZv0ioig6w3h65LytCo.roa (raw, json)
Hash identifier: nImQ0xYC4U9ANU5Hn6A3aT9MpyvnBozIQkz5rcxNRUs=
Subject key identifier: 21:13:A6:77:D9:0C:C9:9B:F4:8A:88:A0:EB:0D:E1:EB:92:F2:B4:2A
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 05A7C241
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/IROmd9kMyZv0ioig6w3h65LytCo.roa
Signing time: Sat 01 Jan 2022 07:57:07 +0000
ROA not before: Sat 01 Jan 2022 07:57:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39361
IP address blocks: 45.151.147.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94880321 (0x5a7c241)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 07:57:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2113a677d90cc99bf48a88a0eb0de1eb92f2b42a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:69:c4:dd:eb:97:19:ab:e1:29:fa:00:6b:1f:
ba:d4:a6:d5:b5:31:51:44:1f:ed:b5:4d:63:64:94:
2a:5c:77:22:f2:25:bf:43:e6:6f:aa:8f:5c:15:2e:
af:82:cd:b7:c1:e0:4c:e7:a9:a9:b0:0c:12:ab:b0:
8e:55:f4:69:92:0f:42:ca:86:f1:48:d7:7e:3d:e5:
0f:24:e3:30:48:14:69:b6:d8:4c:b1:d8:b5:b9:0e:
73:b0:b4:a9:29:cc:54:e1:52:dd:d0:c9:98:a6:75:
90:d0:84:de:42:31:9e:99:2c:9c:26:1e:da:29:be:
85:85:03:9a:eb:75:59:4e:1a:37:6d:8b:4a:a3:ec:
cd:95:ad:c1:07:cd:65:d0:71:46:fd:cd:ab:85:15:
d4:79:ed:5f:33:14:00:6b:af:bb:64:4e:30:cd:fd:
f3:de:c1:75:72:39:00:2c:91:d3:b6:41:fa:7e:dc:
f5:76:b1:aa:4e:6e:87:9f:6c:bc:dc:7a:7f:cc:e6:
4d:9c:8e:d6:79:63:64:d7:58:6b:33:f3:07:6b:d4:
99:18:5a:2d:90:e5:cd:35:fc:71:49:45:8f:da:e2:
59:05:53:6e:aa:86:c3:67:b1:c1:ce:94:bc:80:7a:
27:d8:dc:dc:88:38:a5:a1:b1:43:75:88:49:78:c5:
f8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:13:A6:77:D9:0C:C9:9B:F4:8A:88:A0:EB:0D:E1:EB:92:F2:B4:2A
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/IROmd9kMyZv0ioig6w3h65LytCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.147.0/24
Signature Algorithm: sha256WithRSAEncryption
32:81:40:37:a6:62:13:8e:05:99:c3:e2:b3:c1:85:21:52:e4:
ed:c9:77:76:5a:08:4d:5d:8e:a3:d0:60:bf:97:16:82:b5:3a:
65:1e:2f:0b:48:df:7b:89:e4:0c:ae:a7:7f:28:20:72:88:3f:
54:5b:50:a1:64:bf:25:f1:51:39:bf:2f:dc:42:fc:10:66:18:
31:f8:49:58:17:ea:ba:7c:87:91:07:7e:45:f6:a0:09:0e:70:
39:97:7d:15:a1:e9:12:8a:0a:36:c2:9d:42:3e:6e:db:72:67:
44:f3:08:77:f0:49:fb:d4:b9:5a:83:73:8b:63:57:80:bd:22:
7f:01:4b:65:8b:08:c3:0e:6a:5d:84:c3:64:37:6a:86:1d:6c:
e0:dd:25:0c:ad:6e:ba:a2:30:f1:d7:3e:2d:71:6c:c3:bd:8b:
e6:0e:09:8b:71:c5:37:98:62:43:15:b5:00:1c:04:30:de:c9:
8f:04:cb:48:05:c7:e3:4d:06:aa:32:34:0f:de:7e:9e:bb:75:
9d:a0:da:63:e1:f3:18:4e:3a:8e:e0:42:5c:8b:9f:77:6a:97:
c1:66:bb:0b:f4:62:2c:22:b2:45:ef:66:63:1c:14:e7:6f:96:
4c:dc:fa:aa:44:73:fa:c0:28:da:cd:1f:78:0d:dd:d3:63:ad:
b4:7e:09:b8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBafCQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDEw
MTA3NTcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjExM2E2NzdkOTBj
Yzk5YmY0OGE4OGEwZWIwZGUxZWI5MmYyYjQyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFpxN3rlxmr4Sn6AGsfutSm1bUxUUQf7bVNY2SUKlx3IvIl
v0Pmb6qPXBUur4LNt8HgTOepqbAMEquwjlX0aZIPQsqG8UjXfj3lDyTjMEgUabbY
TLHYtbkOc7C0qSnMVOFS3dDJmKZ1kNCE3kIxnpksnCYe2im+hYUDmut1WU4aN22L
SqPszZWtwQfNZdBxRv3Nq4UV1HntXzMUAGuvu2ROMM39897BdXI5ACyR07ZB+n7c
9Xaxqk5uh59svNx6f8zmTZyO1nljZNdYazPzB2vUmRhaLZDlzTX8cUlFj9riWQVT
bqqGw2exwc6UvIB6J9jc3Ig4paGxQ3WISXjF+BUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQhE6Z32QzJm/SKiKDrDeHrkvK0KjAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L0lST21kOWtNeVp2MGlvaWc2dzNoNjVMeXRDby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2XkzANBgkqhkiG9w0BAQsFAAOC
AQEAMoFAN6ZiE44FmcPis8GFIVLk7cl3dloITV2Oo9Bgv5cWgrU6ZR4vC0jfe4nk
DK6nfyggcog/VFtQoWS/JfFROb8v3EL8EGYYMfhJWBfqunyHkQd+RfagCQ5wOZd9
FaHpEooKNsKdQj5u23JnRPMId/BJ+9S5WoNzi2NXgL0ifwFLZYsIww5qXYTDZDdq
hh1s4N0lDK1uuqIw8dc+LXFsw72L5g4Ji3HFN5hiQxW1ABwEMN7JjwTLSAXH400G
qjI0D95+nrt1naDaY+HzGE46juBCXIufd2qXwWa7C/RiLCKyRe9mYxwU52+WTNz6
qkRz+sAo2s0feA3d02OttH4JuA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org