Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/vW6xSwDVfrZvxNjwzcA0uBIVCOM.roa
File: vW6xSwDVfrZvxNjwzcA0uBIVCOM.roa (raw, json)
Hash identifier: kMJOgeph2epo0syPpp4ws8/BR7ne26mGDv79MFNAOG0=
Subject key identifier: BD:6E:B1:4B:00:D5:7E:B6:6F:C4:D8:F0:CD:C0:34:B8:12:15:08:E3
Certificate issuer: /CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Certificate serial: 0185A2386DF30A6CBF71CFD953AFE66A39FA
Authority key identifier: C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/vW6xSwDVfrZvxNjwzcA0uBIVCOM.roa
Signing time: Wed 11 Jan 2023 19:04:45 +0000
ROA not before: Wed 11 Jan 2023 19:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42375
IP address blocks: 45.147.2.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a2:38:6d:f3:0a:6c:bf:71:cf:d9:53:af:e6:6a:39:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Validity
Not Before: Jan 11 19:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd6eb14b00d57eb66fc4d8f0cdc034b8121508e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:41:be:60:8d:98:82:d9:c5:c4:63:27:f9:1e:
4f:28:c4:81:0c:30:79:e4:9a:45:58:cc:cd:03:f0:
a8:49:4f:08:63:8a:c7:85:f3:10:c7:95:24:ab:26:
81:49:27:a9:69:57:41:b4:49:93:7a:56:02:67:97:
d0:c8:93:d9:a9:fb:43:9b:e9:8b:69:20:6a:a4:63:
69:35:2b:cc:98:26:a1:71:69:ff:f0:04:c2:35:dc:
39:9c:41:33:43:cd:25:9b:9e:52:5e:d9:63:fa:e8:
09:5b:53:5f:74:d1:26:82:80:98:1f:e4:e6:ce:a9:
ad:0f:fb:4b:f0:a0:e1:e4:08:a3:49:c6:d9:df:1c:
3a:d1:ce:fa:4c:5d:e8:eb:31:0e:42:8a:32:8b:53:
d4:6f:d5:48:82:67:40:a1:bf:82:16:39:fa:0a:58:
cc:cd:34:a7:79:e0:2b:30:9b:d6:d3:a4:bc:10:95:
11:a6:75:30:1b:ce:c2:1b:b2:97:62:e1:22:19:91:
ba:5f:3d:ae:1b:ae:9d:ef:d9:8c:a5:f5:1a:e8:e3:
51:31:cf:09:82:a5:3d:d3:25:d2:5a:4a:5b:12:5c:
50:29:1b:f7:f7:8e:01:cc:06:65:d4:10:4a:bc:f3:
af:9d:74:a3:2d:b1:09:ed:d2:08:2a:40:18:92:92:
e5:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:6E:B1:4B:00:D5:7E:B6:6F:C4:D8:F0:CD:C0:34:B8:12:15:08:E3
X509v3 Authority Key Identifier:
keyid:C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/vW6xSwDVfrZvxNjwzcA0uBIVCOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/w6vcxJ99kDO1KQRnnzybeD2ME1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.2.0/23
Signature Algorithm: sha256WithRSAEncryption
15:f2:03:16:31:b2:d4:c7:0b:05:c4:b1:83:45:b0:cf:b5:6e:
74:02:e9:0d:07:bf:09:16:5b:cf:c6:90:46:47:95:e1:42:5d:
2d:c3:26:05:55:ef:71:95:6b:24:1c:24:fb:74:05:3b:bd:42:
63:84:3e:0a:d0:b7:82:ab:a4:23:d6:a3:d6:a1:53:de:4c:b9:
b9:bc:fc:ea:f9:b0:07:2a:30:d6:94:3c:2e:07:b7:db:6a:e5:
4c:d9:ef:98:25:11:c6:a7:6f:6b:f6:e0:4b:54:d6:13:ab:26:
65:36:c2:a8:c2:ef:b7:25:7f:79:4b:a1:ae:9e:54:f5:33:02:
68:b0:b9:3d:4b:66:6d:f1:86:83:46:c0:9c:42:5c:92:fd:af:
4a:30:1a:2c:64:ba:36:29:f8:6e:b9:9c:5f:80:76:0f:fd:77:
6d:ff:8c:7f:ce:8d:5d:ed:74:35:ad:52:87:2d:97:fe:26:e1:
e7:1f:67:f8:32:67:78:67:db:cd:aa:83:57:13:0a:20:d3:52:
2f:1f:04:17:6d:5b:0c:48:bf:66:d8:c1:99:ca:3b:b2:2c:c3:
1e:88:ae:e2:13:f9:40:41:ce:75:ae:5c:6c:f8:ef:77:39:21:
90:5b:a6:ac:c9:f6:cf:88:ff:3b:8b:d3:a4:46:76:b5:b1:d2:
8e:f8:85:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWiOG3zCmy/cc/ZU6/majn6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYWJkY2M0OWY3ZDkwMzNiNTI5MDQ2NzlmM2M5Yjc4M2Q4
YzEzNTgwHhcNMjMwMTExMTkwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDZlYjE0YjAwZDU3ZWI2NmZjNGQ4ZjBjZGMwMzRiODEyMTUwOGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkG+YI2YgtnFxGMn+R5PKMSBDDB5
5JpFWMzNA/CoSU8IY4rHhfMQx5UkqyaBSSepaVdBtEmTelYCZ5fQyJPZqftDm+mL
aSBqpGNpNSvMmCahcWn/8ATCNdw5nEEzQ80lm55SXtlj+ugJW1NfdNEmgoCYH+Tm
zqmtD/tL8KDh5AijScbZ3xw60c76TF3o6zEOQooyi1PUb9VIgmdAob+CFjn6CljM
zTSneeArMJvW06S8EJURpnUwG87CG7KXYuEiGZG6Xz2uG66d79mMpfUa6ONRMc8J
gqU90yXSWkpbElxQKRv3944BzAZl1BBKvPOvnXSjLbEJ7dIIKkAYkpLlZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL1usUsA1X62b8TY8M3ANLgSFQjjMB8GA1UdIwQY
MBaAFMOr3MSffZAztSkEZ588m3g9jBNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAt
NGQ5MTI3ZmJhM2FkLzEvdlc2eFN3RFZmclp2eE5qd3pjQTB1QklWQ09NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAtNGQ5MTI3ZmJhM2Fk
LzEvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZMCMA0G
CSqGSIb3DQEBCwUAA4IBAQAV8gMWMbLUxwsFxLGDRbDPtW50AukNB78JFlvPxpBG
R5XhQl0twyYFVe9xlWskHCT7dAU7vUJjhD4K0LeCq6Qj1qPWoVPeTLm5vPzq+bAH
KjDWlDwuB7fbauVM2e+YJRHGp29r9uBLVNYTqyZlNsKowu+3JX95S6GunlT1MwJo
sLk9S2Zt8YaDRsCcQlyS/a9KMBosZLo2KfhuuZxfgHYP/Xdt/4x/zo1d7XQ1rVKH
LZf+JuHnH2f4Mmd4Z9vNqoNXEwog01IvHwQXbVsMSL9m2MGZyjuyLMMeiK7iE/lA
Qc51rlxs+O93OSGQW6asyfbPiP87i9OkRna1sdKO+IVE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:27 2024 by rpki-client on console-fra.rpki-client.org