Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/o11GxIAQ2JfZ89sV3GArCScO4XM.roa
File: o11GxIAQ2JfZ89sV3GArCScO4XM.roa (raw, json)
Hash identifier: hE24+iHdiHrsGuSs3d09tpx9Hm+NdPYA3LkH5BnXLlo=
Subject key identifier: A3:5D:46:C4:80:10:D8:97:D9:F3:DB:15:DC:60:2B:09:27:0E:E1:73
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 018572A7E8543964C482DAB6D59CEAA355BF
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/o11GxIAQ2JfZ89sV3GArCScO4XM.roa
Signing time: Mon 02 Jan 2023 13:24:44 +0000
ROA not before: Mon 02 Jan 2023 13:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 45.141.196.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a7:e8:54:39:64:c4:82:da:b6:d5:9c:ea:a3:55:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Jan 2 13:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a35d46c48010d897d9f3db15dc602b09270ee173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0a:ad:e7:92:3d:7a:82:fe:f1:df:aa:3b:61:
6b:09:4f:d9:6a:23:36:5d:98:24:65:36:ca:70:04:
7c:ce:50:7a:4a:f2:32:86:f3:c3:5a:1d:5c:9d:4d:
9f:db:56:e8:bd:70:b7:32:ca:41:26:99:64:8b:d4:
b3:c6:1b:82:79:f4:a9:de:d4:e7:bd:57:c4:0d:6b:
5e:f3:25:c4:71:15:b3:fa:6c:44:c1:17:72:26:d4:
8f:8e:12:5e:84:c9:8f:4e:63:a9:39:03:19:4c:4e:
d3:4c:40:8f:52:d5:e3:4e:c6:88:8d:06:3e:a6:72:
4c:3e:cc:c3:ef:84:5b:4e:53:a4:5d:fc:42:04:f4:
af:c2:e6:63:a3:36:43:b4:a1:19:dd:a6:53:f6:0f:
ca:59:15:04:a7:cc:06:62:d3:30:12:97:db:d0:af:
3b:b2:ec:e9:e8:71:7e:da:a6:2c:db:6c:fb:30:e3:
eb:9f:e6:42:f9:5c:f5:73:18:4b:32:0a:9a:80:d1:
7c:68:88:79:7f:1d:6b:4f:01:c6:df:aa:d7:1e:40:
0e:72:1a:34:6f:f7:29:04:b9:ad:2a:29:e8:ea:ad:
90:4a:b0:43:ff:14:02:f0:13:10:b2:76:f0:5b:3c:
76:7e:05:f7:61:7d:9e:6a:c7:39:0c:91:74:14:8a:
15:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:5D:46:C4:80:10:D8:97:D9:F3:DB:15:DC:60:2B:09:27:0E:E1:73
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/o11GxIAQ2JfZ89sV3GArCScO4XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.196.0/24
Signature Algorithm: sha256WithRSAEncryption
38:23:4e:54:ea:77:00:1b:77:33:c1:ec:34:64:1d:84:c6:68:
f4:57:df:25:29:10:41:94:3b:1d:50:32:23:29:ee:04:96:53:
b0:f5:99:73:67:ad:50:c5:08:73:f8:c0:b8:7f:96:40:4c:bc:
b0:08:21:fb:48:51:d7:33:4e:00:02:2b:e4:aa:de:b9:1c:ac:
c6:3d:b1:31:11:18:f5:16:1c:5f:ea:9e:c9:47:79:68:f1:6d:
cd:68:a2:50:1f:30:9e:fd:e1:78:ba:a4:2c:6f:f4:0f:65:cc:
6c:b0:e3:61:66:02:1d:12:5a:c7:7d:0e:9a:72:32:b5:83:34:
19:5a:5f:8e:1c:80:4e:2e:e0:8e:f5:fa:89:3d:0a:65:30:c7:
56:5c:76:75:0d:f9:fe:a1:df:4c:ba:73:ab:2e:29:5c:55:72:
c0:0e:aa:52:e8:42:d0:39:6a:44:e4:6e:87:5c:f5:e9:9a:1b:
48:97:b2:c3:9e:47:94:33:c3:a8:29:31:78:18:15:ad:59:7c:
64:c1:20:d2:9d:59:14:2b:57:03:b4:ed:7a:56:a2:27:d5:3a:
1d:96:fb:5e:80:89:e1:41:8b:96:fc:30:f7:8b:80:e6:77:25:
e3:38:88:08:8a:8f:6c:4b:9e:d2:1c:c6:8e:5b:08:7e:6a:77:
86:bf:96:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyp+hUOWTEgtq21Zzqo1W/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjMwMTAyMTMyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzVkNDZjNDgwMTBkODk3ZDlmM2RiMTVkYzYwMmIwOTI3MGVlMTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAqt55I9eoL+8d+qO2FrCU/ZaiM2
XZgkZTbKcAR8zlB6SvIyhvPDWh1cnU2f21bovXC3MspBJplki9SzxhuCefSp3tTn
vVfEDWte8yXEcRWz+mxEwRdyJtSPjhJehMmPTmOpOQMZTE7TTECPUtXjTsaIjQY+
pnJMPszD74RbTlOkXfxCBPSvwuZjozZDtKEZ3aZT9g/KWRUEp8wGYtMwEpfb0K87
suzp6HF+2qYs22z7MOPrn+ZC+Vz1cxhLMgqagNF8aIh5fx1rTwHG36rXHkAOcho0
b/cpBLmtKino6q2QSrBD/xQC8BMQsnbwWzx2fgX3YX2easc5DJF0FIoVWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKNdRsSAENiX2fPbFdxgKwknDuFzMB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvbzExR3hJQVEySmZaODlzVjNHQXJDU2NPNFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY3EMA0G
CSqGSIb3DQEBCwUAA4IBAQA4I05U6ncAG3czwew0ZB2Exmj0V98lKRBBlDsdUDIj
Ke4EllOw9ZlzZ61QxQhz+MC4f5ZATLywCCH7SFHXM04AAivkqt65HKzGPbExERj1
Fhxf6p7JR3lo8W3NaKJQHzCe/eF4uqQsb/QPZcxssONhZgIdElrHfQ6acjK1gzQZ
Wl+OHIBOLuCO9fqJPQplMMdWXHZ1Dfn+od9MunOrLilcVXLADqpS6ELQOWpE5G6H
XPXpmhtIl7LDnkeUM8OoKTF4GBWtWXxkwSDSnVkUK1cDtO16VqIn1TodlvtegInh
QYuW/DD3i4DmdyXjOIgIio9sS57SHMaOWwh+aneGv5b3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:50 2024 by rpki-client on console-fra.rpki-client.org