Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/xzfPXpUqtHujyj9rI2SbG-xhTD8.roa
File: xzfPXpUqtHujyj9rI2SbG-xhTD8.roa (raw, json)
Hash identifier: faLeZbQDvI6U8wYI70QSrUb35Kx6j5li7M3Nwz5vtxo=
Subject key identifier: C7:37:CF:5E:95:2A:B4:7B:A3:CA:3F:6B:23:64:9B:1B:EC:61:4C:3F
Certificate issuer: /CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Certificate serial: 01846D9E046D723CA598CFDE7C00BE899E84
Authority key identifier: B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/xzfPXpUqtHujyj9rI2SbG-xhTD8.roa
Signing time: Sat 12 Nov 2022 20:53:03 +0000
ROA not before: Sat 12 Nov 2022 20:53:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 45.145.161.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:6d:9e:04:6d:72:3c:a5:98:cf:de:7c:00:be:89:9e:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f619ef200840dfa8fd43567c7a978c15312d7f
Validity
Not Before: Nov 12 20:53:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c737cf5e952ab47ba3ca3f6b23649b1bec614c3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:35:1a:8d:c1:61:5e:c9:42:47:c1:d8:ec:8f:
70:94:61:16:72:45:93:fa:26:20:0d:11:4f:da:15:
55:a5:d4:98:e5:78:ee:dd:13:8d:1f:77:78:9e:d5:
69:bd:40:1f:d3:eb:7e:f3:9c:64:f5:ee:9b:8a:52:
0f:f5:c1:67:c8:c5:32:fe:6a:84:56:98:c2:b0:56:
3f:29:d0:ea:db:d6:bd:77:57:8a:62:47:d4:2d:53:
3b:07:f9:73:6c:7c:79:da:ad:80:bf:84:69:7f:90:
64:13:4f:0b:38:85:c2:cf:8f:23:5f:ca:02:17:a8:
ff:65:db:99:8e:3f:97:02:da:6c:aa:9c:5b:8d:90:
58:5c:7d:15:7f:db:d8:58:4f:71:cf:28:99:14:83:
e3:b9:97:f0:25:16:92:2e:1d:62:29:fe:3e:47:d3:
dd:bf:81:6d:48:90:e6:c8:7f:d6:76:b4:12:56:49:
7c:1a:4b:8f:85:10:1b:5c:93:25:27:5f:e2:8b:e1:
12:dc:54:d7:ff:ec:da:df:92:d9:9a:46:45:fe:be:
fd:8a:d6:47:f8:76:eb:83:eb:13:97:3e:18:74:6a:
f1:d9:57:f5:f8:f2:61:62:ea:3b:9b:9c:ab:3d:0a:
ee:71:2b:82:1c:1e:fa:67:ae:5d:9a:a2:5d:44:6d:
35:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:37:CF:5E:95:2A:B4:7B:A3:CA:3F:6B:23:64:9B:1B:EC:61:4C:3F
X509v3 Authority Key Identifier:
keyid:B0:F6:19:EF:20:08:40:DF:A8:FD:43:56:7C:7A:97:8C:15:31:2D:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/xzfPXpUqtHujyj9rI2SbG-xhTD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0e18d2-d80b-4aa0-aaef-069661675106/1/sPYZ7yAIQN-o_UNWfHqXjBUxLX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.161.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:4f:bc:8f:56:5e:04:51:24:ae:49:24:5f:98:e0:6e:77:f0:
9f:72:61:7e:54:7b:e3:c7:38:8a:88:bc:8b:23:c7:95:43:19:
e1:37:8e:31:db:e0:9a:b7:45:c6:85:2d:0d:93:f2:11:3c:9f:
5b:ab:18:22:fd:67:c6:64:19:73:27:bd:4b:42:8a:b6:bc:67:
57:b6:f9:c8:3d:3e:cc:e8:a0:f3:cd:de:f1:9b:12:c9:a6:0b:
17:11:a3:a6:51:c9:fe:03:cf:6a:08:fe:0f:d8:ee:37:d1:97:
f8:6a:66:b2:96:d4:42:8a:96:dd:1e:4f:33:74:34:0b:37:44:
62:e6:18:44:c6:35:f3:75:52:37:0e:94:3e:25:3f:79:8b:3c:
87:a8:0a:51:a3:9a:5a:0c:c9:7f:da:1d:bb:31:a7:f2:70:2b:
69:ab:e9:e9:06:21:f4:b8:b8:fe:f9:f3:a9:08:76:84:e2:eb:
d0:01:1b:9c:10:d4:3e:df:66:cc:90:19:89:54:5b:19:b6:c7:
91:14:f2:99:c0:06:ce:af:f6:eb:45:39:f6:5d:e9:bf:50:82:
c6:ae:1e:f6:54:3b:3c:9f:71:71:04:e9:de:f9:af:5e:af:a4:
0d:68:ed:b3:e3:a9:76:0f:c7:fb:fd:6f:86:89:cb:c3:ea:1d:
65:44:11:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRtngRtcjylmM/efAC+iZ6EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjYxOWVmMjAwODQwZGZhOGZkNDM1NjdjN2E5NzhjMTUz
MTJkN2YwHhcNMjIxMTEyMjA1MzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzM3Y2Y1ZTk1MmFiNDdiYTNjYTNmNmIyMzY0OWIxYmVjNjE0YzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDUajcFhXslCR8HY7I9wlGEWckWT
+iYgDRFP2hVVpdSY5Xju3RONH3d4ntVpvUAf0+t+85xk9e6bilIP9cFnyMUy/mqE
VpjCsFY/KdDq29a9d1eKYkfULVM7B/lzbHx52q2Av4Rpf5BkE08LOIXCz48jX8oC
F6j/ZduZjj+XAtpsqpxbjZBYXH0Vf9vYWE9xzyiZFIPjuZfwJRaSLh1iKf4+R9Pd
v4FtSJDmyH/WdrQSVkl8GkuPhRAbXJMlJ1/ii+ES3FTX/+za35LZmkZF/r79itZH
+Hbrg+sTlz4YdGrx2Vf1+PJhYuo7m5yrPQrucSuCHB76Z65dmqJdRG01bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMc3z16VKrR7o8o/ayNkmxvsYUw/MB8GA1UdIwQY
MBaAFLD2Ge8gCEDfqP1DVnx6l4wVMS1/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYt
MDY5NjYxNjc1MTA2LzEveHpmUFhwVXF0SHVqeWo5ckkyU2JHLXhoVEQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wZTE4ZDItZDgwYi00YWEwLWFhZWYtMDY5NjYxNjc1MTA2
LzEvc1BZWjd5QUlRTi1vX1VOV2ZIcVhqQlV4TFg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZGhMA0G
CSqGSIb3DQEBCwUAA4IBAQCOT7yPVl4EUSSuSSRfmOBud/CfcmF+VHvjxziKiLyL
I8eVQxnhN44x2+Cat0XGhS0Nk/IRPJ9bqxgi/WfGZBlzJ71LQoq2vGdXtvnIPT7M
6KDzzd7xmxLJpgsXEaOmUcn+A89qCP4P2O430Zf4amayltRCipbdHk8zdDQLN0Ri
5hhExjXzdVI3DpQ+JT95izyHqApRo5paDMl/2h27MafycCtpq+npBiH0uLj++fOp
CHaE4uvQARucENQ+32bMkBmJVFsZtseRFPKZwAbOr/brRTn2Xem/UILGrh72VDs8
n3FxBOne+a9er6QNaO2z46l2D8f7/W+GicvD6h1lRBGd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org