Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/oC-W9SLIje3-bvdMfkUAdftgQIc.roa
File: oC-W9SLIje3-bvdMfkUAdftgQIc.roa (raw, json)
Hash identifier: pOrDc3fDfvx00xpe9ibpWG0u4vp/fMgj3lN21NVvkeY=
Subject key identifier: A0:2F:96:F5:22:C8:8D:ED:FE:6E:F7:4C:7E:45:00:75:FB:60:40:87
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 02700DBB
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/oC-W9SLIje3-bvdMfkUAdftgQIc.roa
Signing time: Wed 25 May 2022 08:05:16 +0000
ROA not before: Wed 25 May 2022 08:05:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42093
IP address blocks: 45.93.148.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40897979 (0x2700dbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: May 25 08:05:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a02f96f522c88dedfe6ef74c7e450075fb604087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:83:86:ef:1f:f8:32:64:83:4b:e2:17:81:bf:
70:69:76:40:68:d1:5d:a4:2d:f6:1b:ce:80:0e:eb:
a9:5c:c4:f7:d2:f5:62:31:03:be:29:d3:ee:13:bf:
9e:1e:81:55:12:7a:67:40:99:66:93:00:04:61:20:
5a:7b:2e:ea:53:34:82:55:ad:d9:50:a8:43:ee:5a:
9f:c3:3a:8a:95:c4:f0:4e:63:b6:61:19:d2:a4:0a:
dc:03:3e:48:11:37:24:f3:8a:62:e8:ff:51:95:67:
fc:28:84:3a:ff:0b:bf:20:f4:50:a5:9f:c2:63:0e:
47:6d:8d:8c:09:e2:21:39:7a:f3:ef:11:0c:a3:ad:
16:aa:cc:41:9e:a0:09:0d:d1:c3:8a:dc:15:6d:0e:
9e:6e:49:12:4a:e9:cc:44:21:e4:42:ef:cd:df:e6:
41:f6:64:af:c0:01:19:a0:50:a0:35:ac:a8:31:32:
f9:03:3b:7b:7f:97:38:7a:2b:88:96:56:db:03:b4:
8a:92:5b:a1:39:c6:f6:d7:67:bb:e2:3d:37:9f:87:
29:ae:43:25:77:ad:4c:b8:bf:38:34:3c:ba:a6:96:
3a:c4:e9:d0:38:98:fe:09:43:53:a7:3f:f2:71:42:
0f:79:c9:4b:71:83:ad:56:b5:03:9a:91:c2:62:28:
29:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:2F:96:F5:22:C8:8D:ED:FE:6E:F7:4C:7E:45:00:75:FB:60:40:87
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/oC-W9SLIje3-bvdMfkUAdftgQIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.148.0/24
Signature Algorithm: sha256WithRSAEncryption
45:ff:33:67:d6:89:f5:57:0f:30:74:86:db:dc:d6:c1:5e:7f:
7b:d1:7b:2a:d4:68:4c:b5:7f:30:33:89:18:88:e9:87:01:e1:
ad:e7:52:f8:e8:45:8f:26:02:43:c3:ad:b5:d7:09:13:c5:74:
aa:e9:c4:eb:5f:c7:23:30:f7:50:14:c4:87:20:f2:e9:65:18:
ef:ce:79:4a:45:80:b4:51:95:62:4d:ba:5c:21:af:d8:3c:f3:
3a:76:5c:8f:77:02:5a:d6:7c:85:cb:8e:a6:de:f2:b4:6f:6b:
4d:b9:3c:c1:c1:e9:16:9b:b2:71:bb:4c:ba:f4:04:e8:e2:45:
f9:c0:4d:b0:35:78:f3:06:ed:60:b5:43:72:5d:70:70:1e:8b:
91:1f:03:10:57:27:3b:4a:ad:86:cb:b3:e2:e3:4e:6f:88:fa:
ff:03:8b:00:79:ea:91:91:49:34:07:2f:09:9b:be:aa:ed:ee:
c2:81:5b:f4:3e:b3:6e:a0:d1:72:a8:9d:2b:1a:cb:0b:ba:27:
fd:02:66:ce:3f:4b:c2:93:fc:5f:c1:78:c9:c0:6e:f9:92:8c:
0e:9f:6c:2b:92:38:8e:89:25:92:a8:e6:09:3e:48:af:2e:a0:
c9:be:82:cb:70:dd:22:c4:76:e7:eb:38:a6:0b:77:b9:41:4d:
2b:a7:35:27
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAnANuzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZTFjMTE2NThkMjA0MWVhZjI1MDJmZTU0MDhlZDQ5M2JiZDRmMzE4MB4XDTIyMDUy
NTA4MDUxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTAyZjk2ZjUyMmM4
OGRlZGZlNmVmNzRjN2U0NTAwNzVmYjYwNDA4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALyDhu8f+DJkg0viF4G/cGl2QGjRXaQt9hvOgA7rqVzE99L1
YjEDvinT7hO/nh6BVRJ6Z0CZZpMABGEgWnsu6lM0glWt2VCoQ+5an8M6ipXE8E5j
tmEZ0qQK3AM+SBE3JPOKYuj/UZVn/CiEOv8LvyD0UKWfwmMOR22NjAniITl68+8R
DKOtFqrMQZ6gCQ3Rw4rcFW0Onm5JEkrpzEQh5ELvzd/mQfZkr8ABGaBQoDWsqDEy
+QM7e3+XOHoriJZW2wO0ipJboTnG9tdnu+I9N5+HKa5DJXetTLi/ODQ8uqaWOsTp
0DiY/glDU6c/8nFCD3nJS3GDrVa1A5qRwmIoKckCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSgL5b1IsiN7f5u90x+RQB1+2BAhzAfBgNVHSMEGDAWgBSOHBFljSBB6vJQ
L+VAjtSTu9TzGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pod1JaWTBnUWVyeVVDX2xRSTdVazd2VTh4Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNzBiZjhiLWQ4YzQtNDBjMy05MDIyLTYzMzQ4Y2RiZjAyNC8x
L29DLVc5U0xJamUzLWJ2ZE1ma1VBZGZ0Z1FJYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NzBiZjhiLWQ4YzQtNDBjMy05MDIyLTYzMzQ4Y2RiZjAyNC8xL2pod1JaWTBnUWVy
eVVDX2xRSTdVazd2VTh4Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1dlDANBgkqhkiG9w0BAQsFAAOC
AQEARf8zZ9aJ9VcPMHSG29zWwV5/e9F7KtRoTLV/MDOJGIjphwHhredS+OhFjyYC
Q8OttdcJE8V0qunE61/HIzD3UBTEhyDy6WUY7855SkWAtFGVYk26XCGv2DzzOnZc
j3cCWtZ8hcuOpt7ytG9rTbk8wcHpFpuycbtMuvQE6OJF+cBNsDV48wbtYLVDcl1w
cB6LkR8DEFcnO0qthsuz4uNOb4j6/wOLAHnqkZFJNAcvCZu+qu3uwoFb9D6zbqDR
cqidKxrLC7on/QJmzj9LwpP8X8F4ycBu+ZKMDp9sK5I4joklkqjmCT5Iry6gyb6C
y3DdIsR25+s4pgt3uUFNK6c1Jw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:43 2023 by rpki-client on console-ams.rpki-client.org