Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/qE0g13D5li8ZrpFsRkA9DdFC5JA.roa
File: qE0g13D5li8ZrpFsRkA9DdFC5JA.roa (raw, json)
Hash identifier: NsqnH9QU1/R63drGNUfdPFj9RzncsWpta7AS7K5c/gU=
Subject key identifier: A8:4D:20:D7:70:F9:96:2F:19:AE:91:6C:46:40:3D:0D:D1:42:E4:90
Certificate issuer: /CN=38401e58890bf230dcae5d0305119ff2c2b8d433
Certificate serial: 09ABC605
Authority key identifier: 38:40:1E:58:89:0B:F2:30:DC:AE:5D:03:05:11:9F:F2:C2:B8:D4:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEAeWIkL8jDcrl0DBRGf8sK41DM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/qE0g13D5li8ZrpFsRkA9DdFC5JA.roa
Signing time: Sat 01 Jan 2022 05:05:32 +0000
ROA not before: Sat 01 Jan 2022 05:05:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51628
IP address blocks: 192.145.99.0/24 maxlen: 24
2a09:6280:2::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162252293 (0x9abc605)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38401e58890bf230dcae5d0305119ff2c2b8d433
Validity
Not Before: Jan 1 05:05:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a84d20d770f9962f19ae916c46403d0dd142e490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:72:a0:a9:e5:79:23:c9:b6:5b:5e:59:86:92:
55:f9:c4:ef:1a:0c:47:8b:9b:6d:8d:38:2a:fa:62:
0f:cd:59:0b:db:f4:d9:e7:50:60:bf:2a:3c:82:a9:
e2:07:74:ab:37:07:b8:56:1b:18:87:e2:ba:b6:15:
42:1d:17:51:a9:18:cc:96:b7:b8:f1:0e:44:e2:14:
91:fb:cf:8c:59:44:0f:59:64:be:9d:5a:52:3c:69:
e8:94:70:4b:f7:2f:22:98:47:be:19:b3:37:7d:5b:
58:8a:b1:87:ae:47:0c:53:5b:78:90:87:e2:1f:ab:
e3:5f:ea:4b:b7:fa:80:1e:7a:87:7f:00:90:1e:4e:
db:db:33:86:5d:14:1a:9d:e4:4a:14:73:76:a2:d9:
4d:fb:bc:f7:11:7b:12:fe:a2:6f:61:c6:cf:7f:07:
b7:57:e9:59:81:73:48:ee:95:62:ab:12:73:72:d8:
d7:4a:60:75:bc:78:f3:4f:5d:88:1f:24:f8:3d:0e:
6c:92:da:0b:7c:c3:bf:2b:c5:ff:1c:aa:f0:47:5f:
4f:76:e3:0b:43:16:27:b7:41:5f:3f:e9:37:88:a9:
84:d2:6c:95:7f:13:7f:34:a3:45:ad:bc:18:2f:35:
6d:d1:cf:14:2f:8c:e8:e6:40:de:ae:a6:d0:b5:58:
4d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:4D:20:D7:70:F9:96:2F:19:AE:91:6C:46:40:3D:0D:D1:42:E4:90
X509v3 Authority Key Identifier:
keyid:38:40:1E:58:89:0B:F2:30:DC:AE:5D:03:05:11:9F:F2:C2:B8:D4:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEAeWIkL8jDcrl0DBRGf8sK41DM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/qE0g13D5li8ZrpFsRkA9DdFC5JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/67d3b8-c43d-44b7-afa6-8b9cddb73408/1/OEAeWIkL8jDcrl0DBRGf8sK41DM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.99.0/24
IPv6:
2a09:6280:2::/48
Signature Algorithm: sha256WithRSAEncryption
0a:a3:0a:cd:66:6c:75:e4:e6:0b:a5:d1:5f:c2:c2:fe:ff:c3:
c7:01:9e:2e:ea:5f:aa:dd:0e:fd:5a:5e:36:0b:4c:d7:13:6d:
ba:f4:4d:07:67:95:6d:53:cd:2b:1f:77:f9:b1:a8:29:67:09:
0a:c2:db:05:43:02:bc:09:3d:7f:0a:65:8e:ec:ee:41:22:88:
d8:9b:70:0c:ea:04:43:ce:84:9b:e6:cb:f9:92:0e:77:07:c3:
8d:15:0b:2e:e6:98:58:b3:73:d2:64:a9:57:8b:7d:b6:fb:f6:
db:ee:c6:f4:13:65:82:13:55:37:fc:93:c5:db:41:ca:d4:2f:
aa:05:1b:b7:a4:60:8f:33:d7:ab:38:16:f8:d9:2a:ce:28:a2:
2d:81:5b:a0:d7:df:dd:41:1e:fe:f5:ed:fd:ed:0c:3b:ab:56:
c3:d4:04:24:95:42:7b:dd:a6:ee:a1:0e:56:eb:65:62:e0:db:
3a:12:35:80:33:30:b8:a7:1f:10:21:37:ea:f1:99:86:19:bb:
fb:6e:8e:86:5c:56:40:9a:2c:b3:e8:eb:3c:10:9c:c9:31:b5:
6a:aa:40:33:54:7e:d2:ba:d8:f6:6a:e5:45:35:ec:63:f8:a7:
6d:88:84:1e:5e:4a:9b:49:14:3b:ee:fb:56:24:a8:31:1d:ea:
6c:16:b7:4f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECavGBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ODQwMWU1ODg5MGJmMjMwZGNhZTVkMDMwNTExOWZmMmMyYjhkNDMzMB4XDTIyMDEw
MTA1MDUzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg0ZDIwZDc3MGY5
OTYyZjE5YWU5MTZjNDY0MDNkMGRkMTQyZTQ5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1yoKnleSPJtlteWYaSVfnE7xoMR4ubbY04KvpiD81ZC9v0
2edQYL8qPIKp4gd0qzcHuFYbGIfiurYVQh0XUakYzJa3uPEOROIUkfvPjFlED1lk
vp1aUjxp6JRwS/cvIphHvhmzN31bWIqxh65HDFNbeJCH4h+r41/qS7f6gB56h38A
kB5O29szhl0UGp3kShRzdqLZTfu89xF7Ev6ib2HGz38Ht1fpWYFzSO6VYqsSc3LY
10pgdbx4809diB8k+D0ObJLaC3zDvyvF/xyq8EdfT3bjC0MWJ7dBXz/pN4iphNJs
lX8TfzSjRa28GC81bdHPFC+M6OZA3q6m0LVYTRMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSoTSDXcPmWLxmukWxGQD0N0ULkkDAfBgNVHSMEGDAWgBQ4QB5YiQvyMNyu
XQMFEZ/ywrjUMzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09FQWVXSWtMOGpEY3JsMERCUkdmOHNLNDFETS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvNjdkM2I4LWM0M2QtNDRiNy1hZmE2LThiOWNkZGI3MzQwOC8x
L3FFMGcxM0Q1bGk4WnJwRnNSa0E5RGRGQzVKQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
NjdkM2I4LWM0M2QtNDRiNy1hZmE2LThiOWNkZGI3MzQwOC8xL09FQWVXSWtMOGpE
Y3JsMERCUkdmOHNLNDFETS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMCRYzAPBAIAAjAJAwcAKgligAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQAKowrNZmx15OYLpdFfwsL+/8PHAZ4u6l+q3Q79
Wl42C0zXE2269E0HZ5VtU80rH3f5sagpZwkKwtsFQwK8CT1/CmWO7O5BIojYm3AM
6gRDzoSb5sv5kg53B8ONFQsu5phYs3PSZKlXi322+/bb7sb0E2WCE1U3/JPF20HK
1C+qBRu3pGCPM9erOBb42SrOKKItgVug19/dQR7+9e397Qw7q1bD1AQklUJ73abu
oQ5W62Vi4Ns6EjWAMzC4px8QITfq8ZmGGbv7bo6GXFZAmiyz6Os8EJzJMbVqqkAz
VH7Sutj2auVFNexj+KdtiIQeXkqbSRQ77vtWJKgxHepsFrdP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:36 2024 by rpki-client on console-ams.rpki-client.org