Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/N4eQL5rMDiAkppEy6sgfY_XoLgI.roa
File: N4eQL5rMDiAkppEy6sgfY_XoLgI.roa (raw, json)
Hash identifier: YgIG3g7IvRjUAtaLq/rEAs9zGK3IzbZDdQxB9JWOLfs=
Subject key identifier: 37:87:90:2F:9A:CC:0E:20:24:A6:91:32:EA:C8:1F:63:F5:E8:2E:02
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0187B799C82C27861B91B346B0893CD33AE4
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/N4eQL5rMDiAkppEy6sgfY_XoLgI.roa
Signing time: Tue 25 Apr 2023 08:48:41 +0000
ROA not before: Tue 25 Apr 2023 08:48:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202656
IP address blocks: 45.86.171.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b7:99:c8:2c:27:86:1b:91:b3:46:b0:89:3c:d3:3a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Apr 25 08:48:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3787902f9acc0e2024a69132eac81f63f5e82e02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:27:70:7a:d7:5c:ac:6f:d4:be:b5:15:cb:00:
f6:55:a4:91:e2:7c:25:f3:da:ab:9f:94:4d:36:f8:
38:70:bc:8e:8b:89:f2:6e:c0:c2:70:f1:83:fc:bb:
dd:19:fb:c3:c5:5e:1d:ae:3d:fe:2d:f0:f5:72:ca:
ca:70:59:82:3e:9f:a7:b0:31:4e:96:cd:a5:4f:72:
9a:3f:74:80:db:9e:a4:8e:0b:54:53:0e:4e:04:54:
a5:27:79:48:15:ea:70:6e:d2:13:ef:f1:39:ad:a8:
72:99:ef:3f:06:ff:e4:08:d6:7b:20:41:16:ce:d9:
fe:2f:e3:5b:79:79:95:e9:b6:9e:cd:ac:e8:6a:d6:
11:d5:3a:f9:b4:69:f5:5a:8f:f1:9a:36:4d:20:80:
97:51:58:ff:f2:4d:67:89:b5:eb:e1:fa:fe:c5:d9:
ca:3e:fd:41:1e:61:98:9b:4c:7e:2c:85:63:6e:55:
64:d6:c5:94:9b:fe:96:a7:62:f7:ed:19:f9:1c:37:
83:2a:ee:13:0f:e4:79:2e:a7:f0:cd:48:89:8b:b6:
30:35:4d:e0:57:4a:5a:81:d8:26:7d:d8:dd:3e:6e:
f0:2e:00:77:31:15:82:7a:8b:78:96:6a:d6:39:4b:
de:6b:4a:2a:84:ab:aa:1a:41:83:35:e8:ae:82:df:
6d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:87:90:2F:9A:CC:0E:20:24:A6:91:32:EA:C8:1F:63:F5:E8:2E:02
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/N4eQL5rMDiAkppEy6sgfY_XoLgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.171.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:b0:e9:2b:70:8d:f9:87:75:ef:5a:c4:5e:44:d4:1c:b5:c6:
5e:9d:b9:28:68:08:1c:f8:fa:6e:ef:53:3f:70:26:e7:ca:c4:
8f:1c:e4:03:fb:8f:8c:a9:e8:33:15:66:53:81:d6:80:43:a6:
14:77:17:4c:6f:e7:6e:66:f4:da:17:38:b3:82:8b:f5:5a:1b:
5a:a1:8c:0f:83:8b:0c:59:4a:bc:d3:18:55:03:20:b7:0b:74:
72:bb:40:88:28:46:d4:80:ca:10:63:a1:65:cb:bc:43:8d:23:
b6:23:83:87:cc:f1:b7:9e:7c:95:9e:14:cc:09:89:db:a8:dc:
61:4c:3c:2a:3a:d5:7a:eb:ee:69:b4:d5:47:eb:c8:8e:76:ea:
7a:e0:0e:85:f1:12:68:62:45:77:c0:c7:ec:69:7f:82:53:61:
72:2e:68:5c:24:f7:d6:3c:47:1c:01:4b:d9:53:fe:ee:f9:06:
23:1c:ad:cf:3f:4a:66:ae:d5:f2:c7:ab:bc:1e:4e:6d:3d:84:
44:a4:1d:b2:c8:92:01:bc:32:1a:aa:e5:3e:91:72:66:5e:c0:
5a:40:55:f9:90:4a:92:50:ee:98:e3:39:71:14:7e:ad:2d:bc:
34:a1:64:7c:55:9b:8d:e0:05:7b:2a:13:49:d8:fe:4b:f7:29:
4c:46:85:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe3mcgsJ4YbkbNGsIk80zrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwNDI1MDg0ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzg3OTAyZjlhY2MwZTIwMjRhNjkxMzJlYWM4MWY2M2Y1ZTgyZTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSdwetdcrG/UvrUVywD2VaSR4nwl
89qrn5RNNvg4cLyOi4nybsDCcPGD/LvdGfvDxV4drj3+LfD1csrKcFmCPp+nsDFO
ls2lT3KaP3SA256kjgtUUw5OBFSlJ3lIFepwbtIT7/E5rahyme8/Bv/kCNZ7IEEW
ztn+L+NbeXmV6baezazoatYR1Tr5tGn1Wo/xmjZNIICXUVj/8k1nibXr4fr+xdnK
Pv1BHmGYm0x+LIVjblVk1sWUm/6Wp2L37Rn5HDeDKu4TD+R5LqfwzUiJi7YwNU3g
V0pagdgmfdjdPm7wLgB3MRWCeot4lmrWOUvea0oqhKuqGkGDNeiugt9tFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDeHkC+azA4gJKaRMurIH2P16C4CMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvTjRlUUw1ck1EaUFrcHBFeTZzZ2ZZX1hvTGdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVarMA0G
CSqGSIb3DQEBCwUAA4IBAQDMsOkrcI35h3XvWsReRNQctcZenbkoaAgc+Ppu71M/
cCbnysSPHOQD+4+MqegzFWZTgdaAQ6YUdxdMb+duZvTaFzizgov1WhtaoYwPg4sM
WUq80xhVAyC3C3Ryu0CIKEbUgMoQY6Fly7xDjSO2I4OHzPG3nnyVnhTMCYnbqNxh
TDwqOtV66+5ptNVH68iOdup64A6F8RJoYkV3wMfsaX+CU2FyLmhcJPfWPEccAUvZ
U/7u+QYjHK3PP0pmrtXyx6u8Hk5tPYREpB2yyJIBvDIaquU+kXJmXsBaQFX5kEqS
UO6Y4zlxFH6tLbw0oWR8VZuN4AV7KhNJ2P5L9ylMRoVp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org