Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/u2kEOAI_mt9yqHYesgVHSlxuyz0.roa
File: u2kEOAI_mt9yqHYesgVHSlxuyz0.roa (raw, json)
Hash identifier: 88lSKYqk3/Ap/l5W4Vmpo8Gq1kQ8+Bk+m6eMqszplTA=
Subject key identifier: BB:69:04:38:02:3F:9A:DF:72:A8:76:1E:B2:05:47:4A:5C:6E:CB:3D
Certificate issuer: /CN=42ca1a1e3d0925423310c154b502c2842888e612
Certificate serial: 13A56435
Authority key identifier: 42:CA:1A:1E:3D:09:25:42:33:10:C1:54:B5:02:C2:84:28:88:E6:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsoaHj0JJUIzEMFUtQLChCiI5hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/u2kEOAI_mt9yqHYesgVHSlxuyz0.roa
Signing time: Wed 15 Jun 2022 15:38:45 +0000
ROA not before: Wed 15 Jun 2022 15:38:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 45.155.32.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 329606197 (0x13a56435)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42ca1a1e3d0925423310c154b502c2842888e612
Validity
Not Before: Jun 15 15:38:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb690438023f9adf72a8761eb205474a5c6ecb3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2b:66:40:dc:04:3f:86:58:7b:32:53:d8:d4:
62:d9:f9:4d:4e:ee:18:07:57:69:e3:41:e9:64:a7:
16:0d:2e:15:c7:11:f5:03:c2:e7:b7:70:dc:ad:23:
c0:14:59:1e:63:33:65:47:ef:d7:d7:2e:11:5c:ef:
fd:e0:b9:76:bd:7f:12:7a:cc:ad:b2:f1:83:1b:1e:
c4:12:9e:f6:bf:8a:fc:8f:a7:c8:0e:de:f0:69:b1:
9b:2f:b0:c5:3f:2d:d5:25:83:ce:ce:c4:09:e1:b1:
08:3c:75:ef:ae:dd:e0:4f:1e:56:71:2e:06:94:82:
c6:9f:2e:b7:48:d5:24:ed:f2:79:38:ee:65:8d:57:
2f:f5:18:13:76:75:e4:17:1c:0d:37:92:63:de:33:
e1:ae:68:56:17:4c:f2:5d:2c:3b:29:d3:12:ab:51:
4d:5b:d1:fb:b8:20:5f:4b:25:63:81:1e:ac:a6:e9:
00:c9:fb:9b:b3:9e:6b:24:da:f2:29:48:ce:a1:a1:
9f:48:b5:7e:c9:60:63:f3:e6:a2:54:36:07:d0:67:
0f:ca:7f:c2:4b:dd:8d:97:8d:b6:9e:bc:08:8f:9f:
6f:40:b4:c9:c4:f6:a8:5d:3c:ac:81:0b:18:4b:dd:
0b:4c:48:4f:27:d8:2f:85:b2:0a:bf:b9:6a:e1:52:
8a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:69:04:38:02:3F:9A:DF:72:A8:76:1E:B2:05:47:4A:5C:6E:CB:3D
X509v3 Authority Key Identifier:
keyid:42:CA:1A:1E:3D:09:25:42:33:10:C1:54:B5:02:C2:84:28:88:E6:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsoaHj0JJUIzEMFUtQLChCiI5hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/u2kEOAI_mt9yqHYesgVHSlxuyz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/QsoaHj0JJUIzEMFUtQLChCiI5hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.32.0/23
Signature Algorithm: sha256WithRSAEncryption
b6:d3:91:5b:1a:16:39:26:cd:43:dd:5c:91:14:5d:be:2f:75:
8b:f7:d6:85:d2:32:1e:40:05:59:4e:8d:a1:c5:e0:88:f6:c5:
dc:9d:4c:4d:f3:cf:67:b5:c5:4f:d5:0b:88:04:cf:2e:dc:c8:
02:7f:d6:c3:80:6e:95:3e:e7:77:1b:cb:be:aa:ff:4d:5b:3b:
58:69:79:2e:a0:50:22:49:95:d5:f4:6d:b4:d0:fe:d8:0a:1e:
58:e9:66:8b:ac:df:f8:a8:3f:7c:26:3f:99:7a:8d:2b:e2:55:
20:f4:ea:02:e9:f1:3b:94:18:0f:fe:e8:45:89:2d:a0:3c:8e:
42:6e:41:e7:1c:90:06:4c:40:48:e2:08:5e:5c:ad:dd:80:bd:
1f:ab:1a:3a:f4:f6:6b:08:71:1f:1b:bc:b1:b4:33:ac:82:41:
68:09:05:35:52:46:d4:e9:1c:ff:49:79:87:ec:b0:17:34:c9:
c7:b8:e0:b6:bb:c6:6b:76:19:b9:7f:ed:de:14:f5:a2:b0:0c:
14:c9:dd:c0:a1:be:c6:1c:f0:11:5c:f3:dd:d5:2c:db:68:8b:
25:02:30:d2:44:53:fa:b8:3e:cc:8d:35:13:6e:d9:f8:30:2f:
94:c5:f9:ec:33:94:bb:78:f4:6f:88:13:62:7a:a8:ca:67:d9:
97:0c:96:18
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE6VkNTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MmNhMWExZTNkMDkyNTQyMzMxMGMxNTRiNTAyYzI4NDI4ODhlNjEyMB4XDTIyMDYx
NTE1Mzg0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmI2OTA0MzgwMjNm
OWFkZjcyYTg3NjFlYjIwNTQ3NGE1YzZlY2IzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMgrZkDcBD+GWHsyU9jUYtn5TU7uGAdXaeNB6WSnFg0uFccR
9QPC57dw3K0jwBRZHmMzZUfv19cuEVzv/eC5dr1/EnrMrbLxgxsexBKe9r+K/I+n
yA7e8Gmxmy+wxT8t1SWDzs7ECeGxCDx1767d4E8eVnEuBpSCxp8ut0jVJO3yeTju
ZY1XL/UYE3Z15BccDTeSY94z4a5oVhdM8l0sOynTEqtRTVvR+7ggX0slY4EerKbp
AMn7m7OeayTa8ilIzqGhn0i1fslgY/PmolQ2B9BnD8p/wkvdjZeNtp68CI+fb0C0
ycT2qF08rIELGEvdC0xITyfYL4WyCr+5auFSisECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS7aQQ4Aj+a33Kodh6yBUdKXG7LPTAfBgNVHSMEGDAWgBRCyhoePQklQjMQ
wVS1AsKEKIjmEjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Fzb2FIajBKSlVJekVNRlV0UUxDaENpSTVoSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTYvOTJiOGFlLTljMDktNDQzYy1iOGJhLTQzNmJmYjllNzdlZC8x
L3Uya0VPQUlfbXQ5eXFIWWVzZ1ZIU2x4dXl6MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYv
OTJiOGFlLTljMDktNDQzYy1iOGJhLTQzNmJmYjllNzdlZC8xL1Fzb2FIajBKSlVJ
ekVNRlV0UUxDaENpSTVoSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS2bIDANBgkqhkiG9w0BAQsFAAOC
AQEAttORWxoWOSbNQ91ckRRdvi91i/fWhdIyHkAFWU6NocXgiPbF3J1MTfPPZ7XF
T9ULiATPLtzIAn/Ww4BulT7ndxvLvqr/TVs7WGl5LqBQIkmV1fRttND+2AoeWOlm
i6zf+Kg/fCY/mXqNK+JVIPTqAunxO5QYD/7oRYktoDyOQm5B5xyQBkxASOIIXlyt
3YC9H6saOvT2awhxHxu8sbQzrIJBaAkFNVJG1Okc/0l5h+ywFzTJx7jgtrvGa3YZ
uX/t3hT1orAMFMndwKG+xhzwEVzz3dUs22iLJQIw0kRT+rg+zI01E27Z+DAvlMX5
7DOUu3j0b4gTYnqoymfZlwyWGA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:16 2025 by rpki-client