Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/AkP68KhHwONhSTNNIX_F9-ObwxE.roa
File: AkP68KhHwONhSTNNIX_F9-ObwxE.roa (raw, json)
Hash identifier: SttBEUZa8HJMEA6kNtS7om7Bl3axZm+yezdErQKMO10=
Subject key identifier: 02:43:FA:F0:A8:47:C0:E3:61:49:33:4D:21:7F:C5:F7:E3:9B:C3:11
Certificate issuer: /CN=42ca1a1e3d0925423310c154b502c2842888e612
Certificate serial: 13928393
Authority key identifier: 42:CA:1A:1E:3D:09:25:42:33:10:C1:54:B5:02:C2:84:28:88:E6:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsoaHj0JJUIzEMFUtQLChCiI5hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/AkP68KhHwONhSTNNIX_F9-ObwxE.roa
Signing time: Thu 09 Jun 2022 15:19:05 +0000
ROA not before: Thu 09 Jun 2022 15:19:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31898
IP address blocks: 45.155.32.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 328369043 (0x13928393)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42ca1a1e3d0925423310c154b502c2842888e612
Validity
Not Before: Jun 9 15:19:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0243faf0a847c0e36149334d217fc5f7e39bc311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:93:62:f9:40:2f:89:e9:9a:6c:88:68:a5:42:
83:80:b6:ac:54:ad:d3:c5:2a:14:2a:09:3b:d5:7c:
0a:51:a0:bb:c5:ea:05:ad:58:5b:33:fd:4e:62:93:
55:bb:23:44:fe:98:a5:39:af:7d:2a:5e:47:91:66:
90:c0:06:6c:fd:a7:67:a8:17:b6:3c:28:0e:05:c9:
31:08:52:37:55:db:d6:62:61:8e:d0:8b:77:fa:7b:
cf:2f:6a:ee:67:64:4d:39:af:1c:b9:ad:90:3e:b7:
3b:31:79:ab:e6:1d:3e:1b:db:2d:d9:ab:f1:54:54:
0c:13:a3:50:6c:fb:73:f0:57:88:5f:e9:28:02:58:
13:8b:52:69:f2:f4:fd:12:6e:60:97:3a:59:33:0e:
92:91:f1:ed:29:db:e8:8d:69:c8:60:e6:68:a2:04:
fd:b0:98:6b:47:a9:e6:b1:f6:e6:4b:5a:dd:f8:f6:
1c:9d:b6:ab:70:1e:01:90:d7:ad:37:b6:b6:97:9f:
49:e2:19:26:c0:d7:fa:fc:53:73:20:55:f4:27:3a:
54:d3:ca:e4:e6:bf:5e:f5:b3:5e:79:68:04:78:09:
65:b8:b7:37:89:7d:e3:94:e5:e9:d1:16:1a:c3:1b:
83:53:b3:f8:d2:26:e3:ca:7d:ce:e3:5f:d7:65:58:
7d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:43:FA:F0:A8:47:C0:E3:61:49:33:4D:21:7F:C5:F7:E3:9B:C3:11
X509v3 Authority Key Identifier:
keyid:42:CA:1A:1E:3D:09:25:42:33:10:C1:54:B5:02:C2:84:28:88:E6:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsoaHj0JJUIzEMFUtQLChCiI5hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/AkP68KhHwONhSTNNIX_F9-ObwxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/QsoaHj0JJUIzEMFUtQLChCiI5hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.32.0/22
Signature Algorithm: sha256WithRSAEncryption
19:71:67:ff:fc:92:fe:4f:ab:a8:98:df:72:e9:88:36:86:c4:
88:6c:80:2f:5e:f6:bd:12:23:f3:54:59:36:62:09:8c:b2:34:
56:c5:35:72:3d:03:a5:7f:65:1c:53:66:fd:80:a4:c0:91:34:
f4:a3:31:8a:64:19:9a:f2:82:8d:48:10:c0:c1:09:bc:d2:d3:
f0:64:fc:7d:7d:a6:21:e5:98:07:9b:9a:8f:a5:25:94:33:3f:
04:20:95:36:f7:91:82:61:4e:7f:db:7e:2e:4a:f6:45:87:a2:
58:d9:58:19:73:03:4c:9a:69:9d:57:86:48:44:01:1b:0c:95:
cb:98:df:d0:de:ab:04:21:a5:2b:35:24:9d:d4:42:b6:89:24:
bd:b0:ae:39:c1:5c:5d:da:93:94:b9:9b:6f:5a:36:45:e2:ce:
41:e0:6d:3d:2d:da:c2:9f:5d:ea:b6:31:a2:8b:d3:0e:d2:f5:
52:b0:01:9a:78:10:35:97:b8:8e:32:94:9d:a8:5e:1e:93:0a:
f6:57:07:1b:13:3c:27:c5:4d:d2:12:2d:ba:85:ca:b9:36:46:
5e:09:b8:30:c2:d7:ee:0a:a6:ea:06:76:8c:53:21:db:95:d0:
b9:04:66:22:f2:cf:fd:31:ce:93:41:84:94:c3:b3:e6:d4:a2:
a4:18:42:91
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE5KDkzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MmNhMWExZTNkMDkyNTQyMzMxMGMxNTRiNTAyYzI4NDI4ODhlNjEyMB4XDTIyMDYw
OTE1MTkwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDI0M2ZhZjBhODQ3
YzBlMzYxNDkzMzRkMjE3ZmM1ZjdlMzliYzMxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJuTYvlAL4npmmyIaKVCg4C2rFSt08UqFCoJO9V8ClGgu8Xq
Ba1YWzP9TmKTVbsjRP6YpTmvfSpeR5FmkMAGbP2nZ6gXtjwoDgXJMQhSN1Xb1mJh
jtCLd/p7zy9q7mdkTTmvHLmtkD63OzF5q+YdPhvbLdmr8VRUDBOjUGz7c/BXiF/p
KAJYE4tSafL0/RJuYJc6WTMOkpHx7Snb6I1pyGDmaKIE/bCYa0ep5rH25kta3fj2
HJ22q3AeAZDXrTe2tpefSeIZJsDX+vxTcyBV9Cc6VNPK5Oa/XvWzXnloBHgJZbi3
N4l945Tl6dEWGsMbg1Oz+NIm48p9zuNf12VYfQ8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQCQ/rwqEfA42FJM00hf8X345vDETAfBgNVHSMEGDAWgBRCyhoePQklQjMQ
wVS1AsKEKIjmEjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Fzb2FIajBKSlVJekVNRlV0UUxDaENpSTVoSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTYvOTJiOGFlLTljMDktNDQzYy1iOGJhLTQzNmJmYjllNzdlZC8x
L0FrUDY4S2hId09OaFNUTk5JWF9GOS1PYnd4RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYv
OTJiOGFlLTljMDktNDQzYy1iOGJhLTQzNmJmYjllNzdlZC8xL1Fzb2FIajBKSlVJ
ekVNRlV0UUxDaENpSTVoSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2bIDANBgkqhkiG9w0BAQsFAAOC
AQEAGXFn//yS/k+rqJjfcumINobEiGyAL172vRIj81RZNmIJjLI0VsU1cj0DpX9l
HFNm/YCkwJE09KMximQZmvKCjUgQwMEJvNLT8GT8fX2mIeWYB5uaj6UllDM/BCCV
NveRgmFOf9t+Lkr2RYeiWNlYGXMDTJppnVeGSEQBGwyVy5jf0N6rBCGlKzUkndRC
tokkvbCuOcFcXdqTlLmbb1o2ReLOQeBtPS3awp9d6rYxoovTDtL1UrABmngQNZe4
jjKUnaheHpMK9lcHGxM8J8VN0hItuoXKuTZGXgm4MMLX7gqm6gZ2jFMh25XQuQRm
IvLP/THOk0GElMOz5tSipBhCkQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:46 2025 by rpki-client