Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/5PUm64yyRZEdn2nudmUwg4XPZvE.roa
File: 5PUm64yyRZEdn2nudmUwg4XPZvE.roa (raw, json)
Hash identifier: YOsXWPA8ge6H7iGIXllVBac8+7nJFBXfqqZi4jsSPaI=
Subject key identifier: E4:F5:26:EB:8C:B2:45:91:1D:9F:69:EE:76:65:30:83:85:CF:66:F1
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DC2D2AD04B113C94139C56F17DF63
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/5PUm64yyRZEdn2nudmUwg4XPZvE.roa
Signing time: Sun 01 Jan 2023 20:54:59 +0000
ROA not before: Sun 01 Jan 2023 20:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51789
IP address blocks: 45.149.128.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c2:d2:ad:04:b1:13:c9:41:39:c5:6f:17:df:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4f526eb8cb245911d9f69ee7665308385cf66f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8c:94:16:bf:ce:b9:59:29:72:8a:e4:74:15:
8b:f4:54:c7:b8:d5:6c:00:3f:2c:b5:c4:cd:86:05:
d0:e1:e3:04:2c:4d:1d:d4:22:a6:50:ed:f2:79:ac:
65:fd:3b:95:0c:fe:0b:9e:bb:f7:54:b2:87:5f:5e:
97:35:78:71:dd:0e:81:ba:c4:42:94:6f:d1:60:eb:
e8:8d:b1:0b:62:be:b1:e8:26:f9:1a:1c:1e:9e:d2:
f3:2d:a2:76:06:ec:b9:98:fb:8f:91:26:a2:d5:8e:
cb:12:6f:e0:3a:21:a4:b3:fb:0a:d6:d5:b2:ac:ef:
50:a3:5f:f9:71:b0:92:af:8a:9f:d1:86:a2:7f:ff:
1c:65:59:9b:4b:a4:dc:77:fc:95:1b:7a:fb:98:53:
bf:0f:88:76:1b:17:d6:78:07:83:40:43:2e:f8:50:
da:a8:8c:eb:06:d6:34:c8:12:e9:24:13:d8:6d:4d:
21:2e:19:e4:4d:ea:c8:c3:eb:ee:1c:30:fb:19:96:
af:81:be:e1:b1:c1:26:15:79:9a:4b:19:0d:96:ba:
da:55:c5:b6:a6:24:f6:9b:aa:99:a9:4d:c7:44:9a:
29:39:32:16:b9:86:fe:59:18:ca:f6:f5:1f:fc:ae:
31:78:0c:e8:18:9e:37:a8:59:47:f4:52:7c:c3:d6:
14:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F5:26:EB:8C:B2:45:91:1D:9F:69:EE:76:65:30:83:85:CF:66:F1
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/5PUm64yyRZEdn2nudmUwg4XPZvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.128.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:34:13:27:40:e0:7b:b6:c4:3a:5e:73:a7:a1:c0:10:dc:05:
e4:af:20:63:ba:e9:b6:1c:6b:63:61:97:49:6e:c1:51:2c:88:
4c:af:13:78:36:c2:35:f9:d2:dd:4a:13:98:ba:fb:05:8d:f3:
06:9e:8a:5e:ad:da:7c:2d:1d:c9:29:4a:4a:dc:4f:46:db:13:
eb:c9:44:b4:9a:4e:f6:8d:ea:0d:f5:59:95:ea:89:82:11:32:
ba:29:2d:8a:14:4b:40:53:a4:dc:40:03:b3:c1:7c:40:ba:83:
e6:03:50:50:7e:10:97:0d:f7:f9:85:fe:6d:ef:60:ed:ac:93:
2a:e5:71:7d:61:60:8b:cd:74:28:71:5e:ba:f7:cf:8b:54:95:
ea:aa:e8:4a:c2:46:1a:4d:2c:c6:5f:ce:db:91:ce:7d:73:00:
9f:cb:55:b0:64:cb:12:02:26:c2:40:c8:de:fc:95:cd:b6:fc:
a4:60:c5:2e:82:f6:07:70:3a:ae:28:62:3f:b2:dc:6b:31:02:
d7:b5:38:26:79:f3:03:cf:71:39:2e:58:f0:0e:bf:12:63:12:
19:49:e4:da:3e:b5:26:10:8d:92:2c:5e:15:6d:5c:7d:e5:7c:
ae:1a:af:6a:ac:cc:ba:ce:dc:37:ff:e0:f7:98:70:f9:ac:aa:
eb:32:f6:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHcLSrQSxE8lBOcVvF99jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGY1MjZlYjhjYjI0NTkxMWQ5ZjY5ZWU3NjY1MzA4Mzg1Y2Y2NmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoyUFr/OuVkpcorkdBWL9FTHuNVs
AD8stcTNhgXQ4eMELE0d1CKmUO3yeaxl/TuVDP4Lnrv3VLKHX16XNXhx3Q6BusRC
lG/RYOvojbELYr6x6Cb5GhwentLzLaJ2Buy5mPuPkSai1Y7LEm/gOiGks/sK1tWy
rO9Qo1/5cbCSr4qf0Yaif/8cZVmbS6Tcd/yVG3r7mFO/D4h2GxfWeAeDQEMu+FDa
qIzrBtY0yBLpJBPYbU0hLhnkTerIw+vuHDD7GZavgb7hscEmFXmaSxkNlrraVcW2
piT2m6qZqU3HRJopOTIWuYb+WRjK9vUf/K4xeAzoGJ43qFlH9FJ8w9YUkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOT1JuuMskWRHZ9p7nZlMIOFz2bxMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvNVBVbTY0eXlSWkVkbjJudWRtVXdnNFhQWnZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZWAMA0G
CSqGSIb3DQEBCwUAA4IBAQCLNBMnQOB7tsQ6XnOnocAQ3AXkryBjuum2HGtjYZdJ
bsFRLIhMrxN4NsI1+dLdShOYuvsFjfMGnoperdp8LR3JKUpK3E9G2xPryUS0mk72
jeoN9VmV6omCETK6KS2KFEtAU6TcQAOzwXxAuoPmA1BQfhCXDff5hf5t72DtrJMq
5XF9YWCLzXQocV6698+LVJXqquhKwkYaTSzGX87bkc59cwCfy1WwZMsSAibCQMje
/JXNtvykYMUugvYHcDquKGI/stxrMQLXtTgmefMDz3E5LljwDr8SYxIZSeTaPrUm
EI2SLF4VbVx95XyuGq9qrMy6ztw3/+D3mHD5rKrrMvYP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org