Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/lNSDoQRmLycOHbo9qr57o07b7eE.roa
File: lNSDoQRmLycOHbo9qr57o07b7eE.roa (raw, json)
Hash identifier: TaPoZgk7BqK58jEr9uezXen5jrD7krWcCefGG1sY7dc=
Subject key identifier: 94:D4:83:A1:04:66:2F:27:0E:1D:BA:3D:AA:BE:7B:A3:4E:DB:ED:E1
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 018572A7EB7C6DF3AF68622417E5906725DC
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/lNSDoQRmLycOHbo9qr57o07b7eE.roa
Signing time: Mon 02 Jan 2023 13:24:45 +0000
ROA not before: Mon 02 Jan 2023 13:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 45.145.161.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a7:eb:7c:6d:f3:af:68:62:24:17:e5:90:67:25:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Jan 2 13:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94d483a104662f270e1dba3daabe7ba34edbede1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:14:b5:48:a1:23:4e:b1:75:bb:88:da:8c:55:
4c:06:82:eb:2f:3f:55:61:9f:a7:36:dd:6a:72:e5:
71:71:f1:67:38:da:2e:6f:5c:e7:58:0f:55:5b:69:
81:fd:18:07:70:cd:5a:15:10:0b:df:e1:f6:af:cc:
f3:6a:79:98:14:71:41:bf:cc:c0:e7:1f:dd:92:6b:
11:cc:04:bf:63:79:c8:3c:91:69:23:06:fa:81:5f:
72:7e:04:ad:bb:29:0e:09:1a:d9:63:50:f8:54:b9:
86:f8:ff:f6:55:a8:06:48:5f:e1:2c:e2:61:e2:4b:
1e:e4:6c:8e:6f:29:a0:cc:2d:ba:e0:04:5e:84:cc:
02:5d:1c:5f:93:13:22:6a:da:27:dc:57:41:fe:69:
e7:c3:6f:e0:d3:39:bc:a4:4f:e6:28:7a:67:33:e0:
5a:dd:3f:1b:25:fc:98:27:85:31:44:cb:be:d8:7c:
f2:a5:f4:30:08:82:07:19:d1:f7:1e:88:65:ce:a8:
47:9d:b0:0b:f7:de:ea:74:a7:ed:66:e6:af:75:2a:
d2:33:16:30:00:78:4a:53:7a:cf:d8:50:fa:60:a9:
b3:b0:21:de:ea:30:d8:16:4a:6e:5a:56:a1:3e:6c:
58:eb:87:9c:fe:b1:9d:bd:23:d4:0a:3b:da:57:b1:
9e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:D4:83:A1:04:66:2F:27:0E:1D:BA:3D:AA:BE:7B:A3:4E:DB:ED:E1
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/lNSDoQRmLycOHbo9qr57o07b7eE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.161.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:ad:21:f7:30:d2:2b:11:8c:1d:dd:eb:df:42:f1:94:66:65:
b4:4e:b9:69:53:2b:54:b7:20:71:39:7a:b3:8d:54:24:80:ed:
cd:46:ad:b3:53:87:df:15:48:05:da:3a:90:e6:41:b8:4b:44:
ae:bd:31:ec:d0:d2:71:4e:70:92:b5:49:5c:38:61:10:a3:c6:
b1:89:0b:e4:0d:6a:01:0b:21:f9:95:bc:23:a1:57:5e:86:d4:
06:07:3f:17:8f:61:c9:1d:7e:67:cf:a4:ef:93:81:06:d6:00:
1d:9f:1d:09:12:a1:a9:da:c3:70:e4:64:3c:b4:9c:ee:46:2b:
72:74:70:f1:81:7e:0a:0e:98:ad:de:59:55:bf:d8:a7:78:da:
9c:17:8b:73:17:06:fc:86:9b:45:90:e1:d9:05:a8:5c:3b:f1:
35:09:fd:a2:ae:7e:7d:25:5d:90:33:5b:88:06:73:2b:e2:68:
4b:60:da:c6:5f:d7:49:3c:87:c7:7d:cd:5a:82:97:a7:a9:c2:
91:56:d9:10:24:f5:a4:42:cb:f2:3c:2e:ea:67:ea:30:38:98:
40:1c:66:9a:e6:7b:8f:16:a3:68:e1:9f:c3:66:a2:ab:d6:64:
42:b0:96:ea:44:e5:c7:c8:04:6c:40:24:c1:1e:ae:b8:30:a8:
87:1e:cc:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyp+t8bfOvaGIkF+WQZyXcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjMwMTAyMTMyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGQ0ODNhMTA0NjYyZjI3MGUxZGJhM2RhYWJlN2JhMzRlZGJlZGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxS1SKEjTrF1u4jajFVMBoLrLz9V
YZ+nNt1qcuVxcfFnONoub1znWA9VW2mB/RgHcM1aFRAL3+H2r8zzanmYFHFBv8zA
5x/dkmsRzAS/Y3nIPJFpIwb6gV9yfgStuykOCRrZY1D4VLmG+P/2VagGSF/hLOJh
4kse5GyObymgzC264ARehMwCXRxfkxMiaton3FdB/mnnw2/g0zm8pE/mKHpnM+Ba
3T8bJfyYJ4UxRMu+2HzypfQwCIIHGdH3HohlzqhHnbAL997qdKftZuavdSrSMxYw
AHhKU3rP2FD6YKmzsCHe6jDYFkpuWlahPmxY64ec/rGdvSPUCjvaV7Ge3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJTUg6EEZi8nDh26Paq+e6NO2+3hMB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvbE5TRG9RUm1MeWNPSGJvOXFyNTdvMDdiN2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZGhMA0G
CSqGSIb3DQEBCwUAA4IBAQBMrSH3MNIrEYwd3evfQvGUZmW0TrlpUytUtyBxOXqz
jVQkgO3NRq2zU4ffFUgF2jqQ5kG4S0SuvTHs0NJxTnCStUlcOGEQo8axiQvkDWoB
CyH5lbwjoVdehtQGBz8Xj2HJHX5nz6Tvk4EG1gAdnx0JEqGp2sNw5GQ8tJzuRity
dHDxgX4KDpit3llVv9ineNqcF4tzFwb8hptFkOHZBahcO/E1Cf2irn59JV2QM1uI
BnMr4mhLYNrGX9dJPIfHfc1agpenqcKRVtkQJPWkQsvyPC7qZ+owOJhAHGaa5nuP
FqNo4Z/DZqKr1mRCsJbqROXHyARsQCTBHq64MKiHHsx4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:50 2024 by rpki-client on console-fra.rpki-client.org