Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/iWClOaSZH561UF6O4a7NORRAh6w.roa
File: iWClOaSZH561UF6O4a7NORRAh6w.roa (raw, json)
Hash identifier: 6cvIN2B3RY4L3RUv0GjOjV7+NhZ+NZq7ZvB73reWYus=
Subject key identifier: 89:60:A5:39:A4:99:1F:9E:B5:50:5E:8E:E1:AE:CD:39:14:40:87:AC
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 0193E840C8FB05D31C3560DEDFD34E1D3E95
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/iWClOaSZH561UF6O4a7NORRAh6w.roa
Signing time: Sat 21 Dec 2024 08:06:20 +0000
ROA not before: Sat 21 Dec 2024 08:06:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199724
IP address blocks: 45.10.56.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e8:40:c8:fb:05:d3:1c:35:60:de:df:d3:4e:1d:3e:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Dec 21 08:06:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8960a539a4991f9eb5505e8ee1aecd39144087ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:89:86:49:5a:b6:40:58:96:b5:07:e0:40:02:
7f:70:72:58:38:2d:60:bf:11:8b:f7:fb:29:cc:46:
bd:d4:94:64:8f:c6:4c:14:09:54:20:fe:f0:ec:32:
85:b2:d9:e3:bf:9b:d1:0d:fa:24:7d:0e:93:62:62:
5d:0f:75:20:53:90:bb:ea:c0:80:04:d1:1c:00:53:
6b:5d:a3:7f:0e:bb:c7:4d:29:3c:ed:a6:67:f8:41:
50:3c:3d:b9:c6:fe:44:a2:09:86:75:b6:49:29:ad:
03:e2:b0:0f:3b:df:80:a6:c9:72:ff:86:38:f1:73:
2f:25:a2:3b:f6:37:b7:47:01:26:78:54:5c:a1:c2:
0e:87:ef:f9:69:8d:57:c7:83:2f:7b:97:e2:e0:f3:
32:09:0b:c8:f3:ae:03:b2:41:37:88:9d:63:3a:5c:
39:22:d1:7d:b4:91:de:a8:5a:60:11:3f:2a:60:f8:
c2:f8:8f:b3:38:a0:13:51:38:20:4a:c8:09:01:08:
cb:a1:40:04:4d:b0:85:62:8f:a2:3a:8b:24:b7:99:
76:b5:28:64:bf:39:38:d2:1a:0d:b0:48:62:3a:99:
1d:ae:48:a2:fc:2f:35:98:19:97:bc:6a:c0:42:ca:
ab:92:93:eb:bf:3f:7c:1c:10:4e:aa:7e:4d:fb:f1:
c8:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:60:A5:39:A4:99:1F:9E:B5:50:5E:8E:E1:AE:CD:39:14:40:87:AC
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/iWClOaSZH561UF6O4a7NORRAh6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.56.0/24
Signature Algorithm: sha256WithRSAEncryption
64:9c:3c:a1:9f:e0:6b:b9:49:c3:c0:b6:66:a3:01:a4:d9:a5:
f9:85:3f:0f:1d:b6:7d:96:5c:4e:d5:17:df:6e:d8:09:2d:cd:
97:4c:35:66:c6:d8:f3:b1:1d:ce:81:d0:4e:e5:db:4e:62:fc:
ef:05:24:8c:a4:3a:7b:79:f9:89:12:d3:f2:07:c1:ea:b2:d3:
fe:68:c8:c2:fb:91:db:93:b8:71:de:1c:73:e0:0f:1c:a9:42:
90:e8:bc:e3:d3:ef:43:7a:cc:e0:e7:bf:4a:d9:4b:e2:0b:ba:
cf:02:4a:d6:a9:27:b2:69:c9:96:24:d4:a6:2c:43:3a:0b:b2:
7a:f1:34:61:b6:fb:d1:8f:19:0a:73:cd:67:3b:b3:f7:4e:de:
7f:5d:fc:37:67:39:ea:39:b3:0c:95:39:ca:e3:c8:c7:e3:80:
4d:50:5e:d0:18:4b:88:2b:79:38:99:38:de:24:a9:7b:d9:4e:
99:34:8b:5b:71:3c:db:6b:94:bf:e2:47:f4:b0:8f:f5:9a:5a:
8b:27:38:da:4f:94:47:b8:84:99:80:5d:54:1e:b0:93:1b:f9:
82:54:8d:49:8b:c9:fa:6d:78:ae:96:af:10:3c:06:c4:d7:8d:
1c:f9:eb:a2:8f:ec:fc:d6:7d:ac:1e:5c:c8:3e:34:0b:85:7a:
44:db:34:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPoQMj7BdMcNWDe39NOHT6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjQxMjIxMDgwNjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTYwYTUzOWE0OTkxZjllYjU1MDVlOGVlMWFlY2QzOTE0NDA4N2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYmGSVq2QFiWtQfgQAJ/cHJYOC1g
vxGL9/spzEa91JRkj8ZMFAlUIP7w7DKFstnjv5vRDfokfQ6TYmJdD3UgU5C76sCA
BNEcAFNrXaN/DrvHTSk87aZn+EFQPD25xv5EogmGdbZJKa0D4rAPO9+Apsly/4Y4
8XMvJaI79je3RwEmeFRcocIOh+/5aY1Xx4Mve5fi4PMyCQvI864DskE3iJ1jOlw5
ItF9tJHeqFpgET8qYPjC+I+zOKATUTggSsgJAQjLoUAETbCFYo+iOoskt5l2tShk
vzk40hoNsEhiOpkdrkii/C81mBmXvGrAQsqrkpPrvz98HBBOqn5N+/HItQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIlgpTmkmR+etVBejuGuzTkUQIesMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvaVdDbE9hU1pINTYxVUY2TzRhN05PUlJBaDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQo4MA0G
CSqGSIb3DQEBCwUAA4IBAQBknDyhn+BruUnDwLZmowGk2aX5hT8PHbZ9llxO1Rff
btgJLc2XTDVmxtjzsR3OgdBO5dtOYvzvBSSMpDp7efmJEtPyB8HqstP+aMjC+5Hb
k7hx3hxz4A8cqUKQ6Lzj0+9Deszg579K2UviC7rPAkrWqSeyacmWJNSmLEM6C7J6
8TRhtvvRjxkKc81nO7P3Tt5/Xfw3ZznqObMMlTnK48jH44BNUF7QGEuIK3k4mTje
JKl72U6ZNItbcTzba5S/4kf0sI/1mlqLJzjaT5RHuISZgF1UHrCTG/mCVI1Ji8n6
bXiulq8QPAbE140c+euij+z81n2sHlzIPjQLhXpE2zQh
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:16:15 2025 by rpki-client