Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/OURwt2RRi5ZtajNd0Q24uGCWkvw.roa
File: OURwt2RRi5ZtajNd0Q24uGCWkvw.roa (raw, json)
Hash identifier: XIvOJ4bGcXDjYuNxyTjdpPgS5Adtt91GKPw6gRMUXX8=
Subject key identifier: 39:44:70:B7:64:51:8B:96:6D:6A:33:5D:D1:0D:B8:B8:60:96:92:FC
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 01856F42CE9E5435BB709291A1C59A57D45E
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/OURwt2RRi5ZtajNd0Q24uGCWkvw.roa
Signing time: Sun 01 Jan 2023 21:35:27 +0000
ROA not before: Sun 01 Jan 2023 21:35:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 45.8.27.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:ce:9e:54:35:bb:70:92:91:a1:c5:9a:57:d4:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 1 21:35:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=394470b764518b966d6a335dd10db8b8609692fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:28:0f:dd:f7:78:a3:c0:38:ad:c2:1a:80:31:
eb:bc:ee:74:e4:e7:0d:ed:60:54:c6:eb:d4:20:98:
fc:5a:c7:47:8d:11:18:70:2d:45:1d:a9:86:db:d3:
10:ae:26:1f:5c:f8:ce:4b:21:d1:50:da:7f:d0:bf:
0e:fe:89:47:6a:03:6a:e5:d2:d6:d8:d7:0f:01:53:
38:42:88:d0:07:5b:5e:7c:48:d8:27:e6:28:9a:2e:
2d:ad:70:cb:b1:9c:18:1a:2b:3c:db:58:47:3d:2f:
78:3a:dd:fe:18:f7:5a:a8:0c:ed:d8:40:eb:37:03:
1e:74:c2:27:51:70:2d:28:90:44:71:01:a7:79:dc:
c4:e1:b7:cb:b3:7e:90:7c:76:3f:fe:54:d4:6a:9e:
da:a7:8f:79:83:8e:62:f3:05:41:9f:81:10:e1:07:
81:83:3c:96:c1:6e:58:36:b8:74:00:b3:10:ef:d0:
7c:b1:f3:6d:db:67:8e:46:32:13:94:0e:fe:a2:da:
1e:dd:e7:6b:14:88:a9:12:c7:19:c1:38:a9:43:5b:
4e:e1:16:16:80:3f:25:45:91:76:ff:2e:cc:89:56:
45:13:33:0a:00:c3:b1:0c:73:25:41:50:08:4c:49:
de:78:66:fc:fa:67:bc:3a:aa:a4:ff:21:fd:fc:19:
9a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:44:70:B7:64:51:8B:96:6D:6A:33:5D:D1:0D:B8:B8:60:96:92:FC
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/OURwt2RRi5ZtajNd0Q24uGCWkvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.27.0/24
Signature Algorithm: sha256WithRSAEncryption
48:5d:d3:ca:f7:87:2f:84:4e:a2:6f:d1:df:19:28:e0:21:ab:
5c:dc:e8:90:d4:86:4b:6b:50:6a:37:a4:d1:a1:62:0f:21:f4:
1b:35:c4:ce:27:e3:11:a7:42:25:75:38:69:c6:bf:4a:00:36:
a5:8d:22:11:c3:14:b5:ff:25:d2:56:f8:e0:17:4b:48:c4:5f:
b8:93:38:7e:b0:a7:eb:1e:3d:6a:27:26:76:eb:81:4e:33:39:
48:43:38:8b:67:96:a9:88:98:c1:51:86:e7:7b:32:91:db:f4:
2b:fe:9f:c0:70:6d:63:db:a7:7e:4a:c7:19:90:27:fa:19:24:
ed:73:d2:cc:1e:08:c8:37:f3:ae:32:02:bc:a1:5e:b4:6a:dc:
dd:10:d4:f9:71:77:a0:ff:e6:d9:4c:00:ea:4a:00:e8:cf:cd:
e5:3c:a7:61:ae:cc:b6:be:f5:1b:52:c6:0e:78:7c:61:0b:ec:
45:0a:08:3c:c5:c2:f1:16:d5:e3:18:11:64:67:bc:57:2f:aa:
67:02:4f:d6:52:7e:be:a6:b6:b2:dd:cd:88:55:a6:db:e1:25:
b2:99:26:e9:ca:f9:77:c7:80:5b:1b:08:ce:d7:1c:3d:b5:c2:
11:86:32:40:ea:f4:c7:95:56:38:35:99:fc:69:72:53:3d:ab:
fc:4d:5c:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQs6eVDW7cJKRocWaV9ReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjMwMTAxMjEzNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTQ0NzBiNzY0NTE4Yjk2NmQ2YTMzNWRkMTBkYjhiODYwOTY5MmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgigP3fd4o8A4rcIagDHrvO505OcN
7WBUxuvUIJj8WsdHjREYcC1FHamG29MQriYfXPjOSyHRUNp/0L8O/olHagNq5dLW
2NcPAVM4QojQB1tefEjYJ+Yomi4trXDLsZwYGis821hHPS94Ot3+GPdaqAzt2EDr
NwMedMInUXAtKJBEcQGnedzE4bfLs36QfHY//lTUap7ap495g45i8wVBn4EQ4QeB
gzyWwW5YNrh0ALMQ79B8sfNt22eORjITlA7+otoe3edrFIipEscZwTipQ1tO4RYW
gD8lRZF2/y7MiVZFEzMKAMOxDHMlQVAITEneeGb8+me8Oqqk/yH9/BmaCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDlEcLdkUYuWbWozXdENuLhglpL8MB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvT1VSd3QyUlJpNVp0YWpOZDBRMjR1R0NXa3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQgbMA0G
CSqGSIb3DQEBCwUAA4IBAQBIXdPK94cvhE6ib9HfGSjgIatc3OiQ1IZLa1BqN6TR
oWIPIfQbNcTOJ+MRp0IldThpxr9KADaljSIRwxS1/yXSVvjgF0tIxF+4kzh+sKfr
Hj1qJyZ264FOMzlIQziLZ5apiJjBUYbnezKR2/Qr/p/AcG1j26d+SscZkCf6GSTt
c9LMHgjIN/OuMgK8oV60atzdENT5cXeg/+bZTADqSgDoz83lPKdhrsy2vvUbUsYO
eHxhC+xFCgg8xcLxFtXjGBFkZ7xXL6pnAk/WUn6+pray3c2IVabb4SWymSbpyvl3
x4BbGwjO1xw9tcIRhjJA6vTHlVY4NZn8aXJTPav8TVwH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:02 2023 by rpki-client on console-fra.rpki-client.org