Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/wVFiEyipB62IiwrRLX6wjz_il8g.roa
File: wVFiEyipB62IiwrRLX6wjz_il8g.roa (raw, json)
Hash identifier: Ss+YaEbS1DD0xUlZWySN9xJHpsRvy4c1D/ckqKXc7OI=
Subject key identifier: C1:51:62:13:28:A9:07:AD:88:8B:0A:D1:2D:7E:B0:8F:3F:E2:97:C8
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 0184F845E362D2F5B18440DDB05FB3310EDE
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/wVFiEyipB62IiwrRLX6wjz_il8g.roa
Signing time: Fri 09 Dec 2022 19:04:00 +0000
ROA not before: Fri 09 Dec 2022 19:04:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 45.141.196.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f8:45:e3:62:d2:f5:b1:84:40:dd:b0:5f:b3:31:0e:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Dec 9 19:04:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c151621328a907ad888b0ad12d7eb08f3fe297c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ca:20:3a:08:0e:38:f3:03:cf:a2:af:1a:78:
77:a6:99:f6:2e:c2:9c:dc:bd:a2:4a:1e:87:9d:cb:
69:0e:85:74:da:1a:e0:ec:7e:22:20:6b:6c:4a:b9:
07:be:01:9d:bd:64:76:f3:6d:21:fb:77:d1:59:7c:
11:14:a7:b4:46:cb:bf:a2:97:a6:52:5f:e7:72:35:
a7:13:c6:83:cd:98:03:15:41:ba:b4:f4:9f:cf:80:
a3:95:fc:c0:34:6a:3c:f6:f8:1f:71:44:55:c8:38:
fc:06:e5:58:a7:cd:77:da:27:17:6a:51:78:57:ee:
25:84:87:18:d2:98:91:5a:9a:0f:d3:3c:a6:50:7c:
42:ad:ba:fc:0f:cc:e4:ab:39:e7:ff:87:31:e5:a1:
d9:ec:8c:3e:04:3d:78:86:07:d7:9f:d3:78:1f:f4:
19:16:11:fe:4b:1c:ee:36:eb:e2:72:1f:f1:c2:85:
8b:e1:e7:8b:e0:1c:bc:aa:72:f9:4b:74:6b:40:7d:
c2:01:a9:38:d6:0d:7d:96:a3:31:8d:07:71:e1:de:
57:a1:11:34:88:56:e1:9e:ff:7d:57:4e:f5:a1:02:
de:a7:f2:32:69:6c:02:66:4b:96:51:3d:d8:f2:56:
99:3b:35:ed:43:55:09:dc:f7:60:3b:6b:f5:f6:b5:
c6:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:51:62:13:28:A9:07:AD:88:8B:0A:D1:2D:7E:B0:8F:3F:E2:97:C8
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/wVFiEyipB62IiwrRLX6wjz_il8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.196.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:e0:16:52:7f:29:0b:dc:ee:0d:c8:aa:20:ac:c4:43:d7:a8:
3e:71:5f:b2:ea:6a:ed:fc:e8:55:88:49:45:0d:1f:f9:ac:92:
52:15:06:fe:6f:8e:b0:bd:5d:46:2e:42:c3:9f:2c:db:16:6c:
18:08:6d:21:87:e2:15:b8:28:2a:e8:27:af:61:66:bc:05:32:
76:64:3b:9d:8a:74:a6:d8:06:17:7e:b6:cd:c2:f8:70:40:7a:
a2:15:71:d8:4f:f4:95:70:ed:b1:22:97:94:f7:bf:b1:8f:be:
02:a2:7e:6e:0e:1b:1e:aa:4d:de:cb:07:5e:09:42:dd:4b:0b:
42:04:6a:2c:8c:7b:c3:00:5f:a6:06:e5:88:c2:c9:b2:36:1e:
91:ef:03:0f:2a:9d:05:7a:e2:a0:a4:1c:28:32:09:ba:e1:36:
68:e9:09:0b:ed:da:d4:a1:9d:e6:e1:d9:8c:c9:88:db:fe:9a:
42:04:7a:14:b4:23:1c:9a:de:84:1f:ef:70:13:54:e1:2f:bd:
56:7b:2d:94:4b:25:38:1c:f3:b6:53:1d:4f:1e:0f:ed:94:82:
4e:71:61:31:8f:3d:fa:62:9e:65:ae:04:1d:26:49:92:0e:f6:
da:55:d7:52:41:12:e6:e5:76:fa:b9:83:75:fa:89:08:0d:71:
8a:ae:98:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYT4ReNi0vWxhEDdsF+zMQ7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjIxMjA5MTkwNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTUxNjIxMzI4YTkwN2FkODg4YjBhZDEyZDdlYjA4ZjNmZTI5N2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsogOggOOPMDz6KvGnh3ppn2LsKc
3L2iSh6HnctpDoV02hrg7H4iIGtsSrkHvgGdvWR2820h+3fRWXwRFKe0Rsu/opem
Ul/ncjWnE8aDzZgDFUG6tPSfz4CjlfzANGo89vgfcURVyDj8BuVYp8132icXalF4
V+4lhIcY0piRWpoP0zymUHxCrbr8D8zkqznn/4cx5aHZ7Iw+BD14hgfXn9N4H/QZ
FhH+SxzuNuvich/xwoWL4eeL4By8qnL5S3RrQH3CAak41g19lqMxjQdx4d5XoRE0
iFbhnv99V071oQLep/IyaWwCZkuWUT3Y8laZOzXtQ1UJ3PdgO2v19rXGYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMFRYhMoqQetiIsK0S1+sI8/4pfIMB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEvd1ZGaUV5aXBCNjJJaXdyUkxYNndqel9pbDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY3EMA0G
CSqGSIb3DQEBCwUAA4IBAQCa4BZSfykL3O4NyKogrMRD16g+cV+y6mrt/OhViElF
DR/5rJJSFQb+b46wvV1GLkLDnyzbFmwYCG0hh+IVuCgq6CevYWa8BTJ2ZDudinSm
2AYXfrbNwvhwQHqiFXHYT/SVcO2xIpeU97+xj74Con5uDhseqk3eywdeCULdSwtC
BGosjHvDAF+mBuWIwsmyNh6R7wMPKp0FeuKgpBwoMgm64TZo6QkL7drUoZ3m4dmM
yYjb/ppCBHoUtCMcmt6EH+9wE1ThL71Wey2USyU4HPO2Ux1PHg/tlIJOcWExjz36
Yp5lrgQdJkmSDvbaVddSQRLm5Xb6uYN1+okIDXGKrpgO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org