Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/E236U_nhM5o3dlCYTQYP6Jka8iU.roa
File: E236U_nhM5o3dlCYTQYP6Jka8iU.roa (raw, json)
Hash identifier: eUoDUP8Z2XpHWXjTQkGbSQP1nvRki6LwoV2Z1aArlF8=
Subject key identifier: 13:6D:FA:53:F9:E1:33:9A:37:76:50:98:4D:06:0F:E8:99:1A:F2:25
Certificate issuer: /CN=304e59a223f4bcb823492fb1096c3a82310c03da
Certificate serial: 09B92443
Authority key identifier: 30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/E236U_nhM5o3dlCYTQYP6Jka8iU.roa
Signing time: Sun 17 Apr 2022 12:43:36 +0000
ROA not before: Sun 17 Apr 2022 12:43:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59414
IP address blocks: 45.151.213.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163128387 (0x9b92443)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=304e59a223f4bcb823492fb1096c3a82310c03da
Validity
Not Before: Apr 17 12:43:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=136dfa53f9e1339a377650984d060fe8991af225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:eb:9c:d2:3f:97:e1:0b:28:8c:2b:1d:e5:f3:
3b:39:81:ed:71:9f:b2:cc:62:2e:b4:7e:02:09:ca:
89:e0:cc:6f:61:e9:13:bf:5e:4a:6e:f9:8e:04:ec:
4e:49:97:53:ba:73:40:12:ac:fe:6e:ae:4d:61:c1:
e0:66:d7:f4:c3:8e:53:f4:c3:2b:e9:70:40:80:6d:
73:c2:ef:ab:00:0b:98:22:cd:87:5b:3e:98:be:10:
59:ee:06:d7:dd:f2:e0:5a:94:63:2d:e3:ec:39:95:
c2:84:26:d1:2a:91:ae:9a:98:69:cc:5b:60:65:f8:
2b:64:46:ba:06:d0:d5:d9:b0:29:48:09:31:2f:c0:
b8:94:bf:c5:65:4f:70:d2:4f:84:bc:37:18:54:34:
8c:09:41:de:ed:b1:17:33:f9:d4:1f:5c:f8:3d:7a:
69:2d:95:83:72:95:22:1e:13:e1:f9:47:c4:0f:81:
29:b4:0d:75:c2:64:2c:45:c1:fb:6b:e5:58:04:8f:
23:13:ff:a3:7a:72:11:3c:28:93:d2:26:52:6d:50:
1f:c3:ac:34:f7:08:3c:70:36:1c:ad:dc:70:ee:3f:
91:fe:3f:aa:14:f3:5f:cc:4e:7b:51:9e:aa:01:82:
30:62:fd:d2:f4:4a:a3:fc:ce:68:48:a9:c3:f6:9a:
70:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:6D:FA:53:F9:E1:33:9A:37:76:50:98:4D:06:0F:E8:99:1A:F2:25
X509v3 Authority Key Identifier:
keyid:30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/E236U_nhM5o3dlCYTQYP6Jka8iU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.213.0/24
Signature Algorithm: sha256WithRSAEncryption
08:09:e6:68:46:9d:fc:c8:1b:a2:e5:fb:1c:ef:8c:f6:4a:62:
60:4e:3b:dc:45:88:ac:57:57:46:a8:00:aa:fe:45:f8:95:8a:
d1:3c:a0:8b:47:a8:c0:d6:a0:31:db:ee:49:5c:e1:52:62:55:
66:8f:58:cb:a1:bf:f7:eb:6b:52:b2:31:72:64:08:c7:af:ea:
ea:c8:5e:f2:95:cc:93:32:c9:a2:46:c9:36:ea:9b:a0:f2:97:
d7:c7:4f:f6:e6:97:58:70:c3:41:3a:17:25:3f:c9:e6:68:3a:
90:7a:66:eb:b9:b1:b1:25:7e:7d:22:ec:e0:46:b4:ab:0d:60:
50:20:4f:c3:2e:11:88:7e:6e:46:7d:62:bb:94:6e:29:57:ac:
68:51:45:c7:71:c7:5d:d1:6c:a9:51:47:2f:b1:22:01:35:90:
06:5d:17:d3:c6:8a:88:67:a1:5e:42:85:5a:a1:24:53:95:a7:
44:8e:ed:69:05:f2:e1:ab:00:43:be:9f:50:11:f2:a6:58:66:
3c:ce:60:d1:79:42:c6:5e:20:39:f4:26:15:d5:d1:2f:83:3d:
45:dd:1b:ab:01:b8:50:50:8e:36:fb:4e:31:93:a4:96:2c:ef:
71:3c:d9:37:1d:0d:75:63:60:de:c9:cf:87:fe:d0:b6:d0:83:
b9:0c:0d:60
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECbkkQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDRlNTlhMjIzZjRiY2I4MjM0OTJmYjEwOTZjM2E4MjMxMGMwM2RhMB4XDTIyMDQx
NzEyNDMzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTM2ZGZhNTNmOWUx
MzM5YTM3NzY1MDk4NGQwNjBmZTg5OTFhZjIyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMnrnNI/l+ELKIwrHeXzOzmB7XGfssxiLrR+AgnKieDMb2Hp
E79eSm75jgTsTkmXU7pzQBKs/m6uTWHB4GbX9MOOU/TDK+lwQIBtc8LvqwALmCLN
h1s+mL4QWe4G193y4FqUYy3j7DmVwoQm0SqRrpqYacxbYGX4K2RGugbQ1dmwKUgJ
MS/AuJS/xWVPcNJPhLw3GFQ0jAlB3u2xFzP51B9c+D16aS2Vg3KVIh4T4flHxA+B
KbQNdcJkLEXB+2vlWASPIxP/o3pyETwok9ImUm1QH8OsNPcIPHA2HK3ccO4/kf4/
qhTzX8xOe1GeqgGCMGL90vRKo/zOaEipw/aacAcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQTbfpT+eEzmjd2UJhNBg/omRryJTAfBgNVHSMEGDAWgBQwTlmiI/S8uCNJ
L7EJbDqCMQwD2jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01FNVpvaVAwdkxnalNTLXhDV3c2Z2pFTUE5by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvZjUzNmNkLTk0M2YtNDU1NC05ZjE3LTM0NGNjNTAyZjFiZC8x
L0UyMzZVX25oTTVvM2RsQ1lUUVlQNkprYThpVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
ZjUzNmNkLTk0M2YtNDU1NC05ZjE3LTM0NGNjNTAyZjFiZC8xL01FNVpvaVAwdkxn
alNTLXhDV3c2Z2pFTUE5by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2X1TANBgkqhkiG9w0BAQsFAAOC
AQEACAnmaEad/MgbouX7HO+M9kpiYE473EWIrFdXRqgAqv5F+JWK0Tygi0eowNag
MdvuSVzhUmJVZo9Yy6G/9+trUrIxcmQIx6/q6she8pXMkzLJokbJNuqboPKX18dP
9uaXWHDDQToXJT/J5mg6kHpm67mxsSV+fSLs4Ea0qw1gUCBPwy4RiH5uRn1iu5Ru
KVesaFFFx3HHXdFsqVFHL7EiATWQBl0X08aKiGehXkKFWqEkU5WnRI7taQXy4asA
Q76fUBHyplhmPM5g0XlCxl4gOfQmFdXRL4M9Rd0bqwG4UFCONvtOMZOklizvcTzZ
Nx0NdWNg3snPh/7QttCDuQwNYA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:12 2023 by rpki-client on console-fra.rpki-client.org