Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/h-54ItsCYFJW9czbnLLnXvpi9Zc.roa
File: h-54ItsCYFJW9czbnLLnXvpi9Zc.roa (raw, json)
Hash identifier: EK5/xxi3ug6le8ahcBi4dvcFaVYvlUo4l7yQSkY6xzY=
Subject key identifier: 87:EE:78:22:DB:02:60:52:56:F5:CC:DB:9C:B2:E7:5E:FA:62:F5:97
Certificate issuer: /CN=38401e58890bf230dcae5d0305119ff2c2b8d433
Certificate serial: 0AA68266
Authority key identifier: 38:40:1E:58:89:0B:F2:30:DC:AE:5D:03:05:11:9F:F2:C2:B8:D4:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEAeWIkL8jDcrl0DBRGf8sK41DM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/h-54ItsCYFJW9czbnLLnXvpi9Zc.roa
Signing time: Wed 20 Apr 2022 12:16:14 +0000
ROA not before: Wed 20 Apr 2022 12:16:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213220
IP address blocks: 192.145.97.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 178684518 (0xaa68266)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38401e58890bf230dcae5d0305119ff2c2b8d433
Validity
Not Before: Apr 20 12:16:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87ee7822db02605256f5ccdb9cb2e75efa62f597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:23:08:38:c7:57:a5:0e:2e:39:92:e0:c8:a7:
91:65:f2:38:31:bb:a0:1c:5e:5e:bf:e4:00:27:b5:
50:ae:09:ec:20:d9:9a:1b:95:4c:33:9d:2c:6a:25:
11:7d:3f:47:ad:8d:51:15:aa:07:18:5b:b4:d6:ee:
fa:b2:04:bc:a2:23:36:9a:16:86:bf:b7:20:f0:4d:
3d:71:8c:c5:61:19:2d:55:73:c5:bd:c9:18:87:44:
d6:e7:35:41:56:b1:12:f0:ca:e5:85:ac:22:01:4c:
46:bd:23:52:d5:44:c4:59:b1:a7:c3:1c:d6:25:ab:
4b:9a:4d:4c:86:1d:5c:2b:2f:e8:8f:d3:4f:76:6e:
e7:4a:2a:4c:33:78:b6:35:e2:71:6c:12:8b:04:48:
9c:92:bf:65:b5:61:bc:40:25:b3:49:1d:53:9d:db:
5b:7d:9f:18:28:d1:2d:b7:29:ed:81:77:bf:4e:59:
bd:38:1f:42:ab:b5:1f:83:c4:a2:10:16:f3:80:71:
48:ff:91:ab:f1:b5:b2:04:4c:30:eb:34:52:2e:44:
b7:66:1d:1d:bd:80:78:e1:d1:cf:95:6c:b1:04:07:
d7:c0:cc:38:b2:dc:3d:29:cb:18:a6:e3:6a:76:76:
ae:11:3c:7c:61:fd:b3:ae:8d:0a:69:b9:8a:c5:ef:
2a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:EE:78:22:DB:02:60:52:56:F5:CC:DB:9C:B2:E7:5E:FA:62:F5:97
X509v3 Authority Key Identifier:
keyid:38:40:1E:58:89:0B:F2:30:DC:AE:5D:03:05:11:9F:F2:C2:B8:D4:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEAeWIkL8jDcrl0DBRGf8sK41DM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/h-54ItsCYFJW9czbnLLnXvpi9Zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/OEAeWIkL8jDcrl0DBRGf8sK41DM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.97.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:19:0b:0b:c3:47:5a:1a:0b:1a:92:96:ce:4b:d3:69:6d:90:
4a:40:87:fa:10:a3:7e:d0:0c:cc:c4:10:2f:d2:31:f4:97:b9:
72:a7:12:51:86:81:69:9c:66:7f:78:32:6b:c0:3a:39:37:3e:
9f:2b:b3:fe:47:20:66:ba:39:d5:63:71:c0:f6:ed:e3:85:db:
e0:66:13:d0:70:a8:6b:8c:a8:cf:e4:79:eb:29:84:a3:20:f3:
11:6f:07:71:9a:07:fa:39:99:a0:c8:65:4f:e3:13:30:12:cc:
f2:44:b8:09:91:5f:12:a7:45:6d:bc:f6:22:e1:a4:a3:2e:45:
ae:40:21:6f:a6:c8:f3:79:e9:65:79:52:cb:70:2c:45:59:1f:
0c:e7:2c:e1:8f:6a:ef:cb:c6:a4:7a:84:7c:04:3f:48:6b:60:
63:03:b0:23:77:76:84:4d:29:c7:b2:57:0e:17:10:ca:3f:02:
a3:77:1d:19:fd:7c:64:e6:39:f0:ed:e7:ca:4c:3c:86:6f:99:
3f:a5:19:b4:45:9d:1c:39:f2:38:32:af:63:fb:a3:db:0e:ac:
0d:60:9c:38:28:8a:22:7a:b3:24:99:ba:58:0d:93:67:79:41:
43:dd:80:ee:64:fa:95:75:ab:f6:b4:d1:98:07:98:98:35:d2:
86:1f:20:d8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECqaCZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ODQwMWU1ODg5MGJmMjMwZGNhZTVkMDMwNTExOWZmMmMyYjhkNDMzMB4XDTIyMDQy
MDEyMTYxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODdlZTc4MjJkYjAy
NjA1MjU2ZjVjY2RiOWNiMmU3NWVmYTYyZjU5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALAjCDjHV6UOLjmS4MinkWXyODG7oBxeXr/kACe1UK4J7CDZ
mhuVTDOdLGolEX0/R62NURWqBxhbtNbu+rIEvKIjNpoWhr+3IPBNPXGMxWEZLVVz
xb3JGIdE1uc1QVaxEvDK5YWsIgFMRr0jUtVExFmxp8Mc1iWrS5pNTIYdXCsv6I/T
T3Zu50oqTDN4tjXicWwSiwRInJK/ZbVhvEAls0kdU53bW32fGCjRLbcp7YF3v05Z
vTgfQqu1H4PEohAW84BxSP+Rq/G1sgRMMOs0Ui5Et2YdHb2AeOHRz5VssQQH18DM
OLLcPSnLGKbjanZ2rhE8fGH9s66NCmm5isXvKhUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSH7ngi2wJgUlb1zNucsude+mL1lzAfBgNVHSMEGDAWgBQ4QB5YiQvyMNyu
XQMFEZ/ywrjUMzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09FQWVXSWtMOGpEY3JsMERCUkdmOHNLNDFETS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvNjdkM2I4LWM0M2QtNDRiNy1hZmE2LThiOWNkZGI3MzQwOC8x
L2gtNTRJdHNDWUZKVzljemJuTExuWHZwaTlaYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
NjdkM2I4LWM0M2QtNDRiNy1hZmE2LThiOWNkZGI3MzQwOC8xL09FQWVXSWtMOGpE
Y3JsMERCUkdmOHNLNDFETS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMCRYTANBgkqhkiG9w0BAQsFAAOC
AQEAmhkLC8NHWhoLGpKWzkvTaW2QSkCH+hCjftAMzMQQL9Ix9Je5cqcSUYaBaZxm
f3gya8A6OTc+nyuz/kcgZro51WNxwPbt44Xb4GYT0HCoa4yoz+R56ymEoyDzEW8H
cZoH+jmZoMhlT+MTMBLM8kS4CZFfEqdFbbz2IuGkoy5FrkAhb6bI83npZXlSy3As
RVkfDOcs4Y9q78vGpHqEfAQ/SGtgYwOwI3d2hE0px7JXDhcQyj8Co3cdGf18ZOY5
8O3nykw8hm+ZP6UZtEWdHDnyODKvY/uj2w6sDWCcOCiKInqzJJm6WA2TZ3lBQ92A
7mT6lXWr9rTRmAeYmDXShh8g2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:36 2024 by rpki-client on console-ams.rpki-client.org