Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/E9xYWQU18duHwR3jwqISf531XU0.roa
File: E9xYWQU18duHwR3jwqISf531XU0.roa (raw, json)
Hash identifier: Hb/FMMbTp6R5G+B4d+Dl8wZwDqqaovvrOtT31KssluM=
Subject key identifier: 13:DC:58:59:05:35:F1:DB:87:C1:1D:E3:C2:A2:12:7F:9D:F5:5D:4D
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 018225A2335C96A8292651BE85FCCC08C4FF
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/E9xYWQU18duHwR3jwqISf531XU0.roa
Signing time: Fri 22 Jul 2022 11:19:23 +0000
ROA not before: Fri 22 Jul 2022 11:19:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51804
IP address blocks: 45.146.43.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:25:a2:33:5c:96:a8:29:26:51:be:85:fc:cc:08:c4:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jul 22 11:19:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=13dc58590535f1db87c11de3c2a2127f9df55d4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:58:10:42:74:c1:8e:91:d8:bc:f9:06:b7:3f:
b9:5c:22:25:6f:85:8c:2e:66:db:65:7c:c7:09:58:
61:33:e6:5b:74:3f:05:96:90:31:af:8a:bd:2d:6e:
d0:ad:da:fb:f2:be:35:08:2c:7e:ab:6f:72:17:cc:
a6:47:49:55:1a:66:81:ad:81:a7:fa:46:90:50:2b:
4f:cc:ee:1a:3e:b8:a1:be:1d:a9:f6:82:ef:b4:b5:
a7:39:e5:ff:6b:1f:06:4b:40:f4:7c:ec:67:ca:3f:
06:43:f2:43:bd:86:4f:de:aa:5f:85:8a:d4:21:c3:
fe:28:0f:24:92:30:e0:2d:bb:4c:45:6e:b9:d3:33:
42:54:fb:91:d3:b9:4f:23:74:14:a6:c0:94:21:62:
03:cc:2a:74:19:8c:64:71:9d:fb:2c:09:60:18:ca:
bf:0e:ef:f7:53:d2:b9:52:91:fa:88:2c:3a:cd:4a:
c8:88:16:65:b4:aa:af:60:c0:88:90:17:48:08:0e:
dd:15:93:1e:d9:2e:1e:5f:56:ad:e3:b4:6e:ac:42:
07:10:a5:2f:f0:f4:84:86:57:fc:f9:39:a9:9c:49:
0b:bc:09:30:89:63:b5:2a:8e:f7:34:7a:60:7c:0f:
c6:80:93:90:b0:34:13:01:ba:a4:87:9b:20:9e:d5:
33:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:DC:58:59:05:35:F1:DB:87:C1:1D:E3:C2:A2:12:7F:9D:F5:5D:4D
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/E9xYWQU18duHwR3jwqISf531XU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.43.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:07:6a:20:d1:2f:f5:c0:6d:33:34:d3:2a:a9:ef:aa:9f:00:
83:13:06:ca:5c:28:06:e8:18:02:bb:18:51:ac:ac:dc:0a:b4:
ac:b6:b3:e1:49:50:34:34:d5:f6:81:d4:c9:b4:8c:56:3e:85:
37:cf:30:50:ef:94:5e:4b:09:6f:39:6b:04:eb:cc:43:ea:e2:
89:0a:c8:d5:bb:44:7d:db:2d:b0:00:08:7c:0e:53:4b:4e:53:
9b:fc:26:e4:a0:f5:2a:80:c3:bd:f9:31:2c:eb:c9:58:dc:93:
bf:da:4d:a6:45:6d:95:a1:70:57:19:05:4c:ea:9e:eb:10:87:
22:b2:f6:6f:dc:0d:a2:95:2c:d4:b8:29:5d:5d:51:08:f2:0b:
06:d1:cb:3c:5c:e9:23:c3:d7:98:dd:5d:4b:b9:0a:60:0a:19:
83:4e:87:47:20:23:76:aa:bc:5b:f7:c4:be:ec:13:54:0e:59:
68:50:7a:e6:18:5a:8e:f8:43:36:67:83:83:70:31:47:aa:14:
40:96:a2:e4:df:a0:7d:ad:38:07:d7:bf:d1:e6:ed:82:06:77:
9c:b4:db:6c:6b:6f:68:20:6f:db:71:0b:ff:ca:1e:3c:44:36:
10:23:9a:4b:3b:0f:ff:03:9e:9b:08:3f:e6:28:74:02:57:59:
65:e8:6d:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIlojNclqgpJlG+hfzMCMT/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjIwNzIyMTExOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2RjNTg1OTA1MzVmMWRiODdjMTFkZTNjMmEyMTI3ZjlkZjU1ZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklgQQnTBjpHYvPkGtz+5XCIlb4WM
LmbbZXzHCVhhM+ZbdD8FlpAxr4q9LW7Qrdr78r41CCx+q29yF8ymR0lVGmaBrYGn
+kaQUCtPzO4aPrihvh2p9oLvtLWnOeX/ax8GS0D0fOxnyj8GQ/JDvYZP3qpfhYrU
IcP+KA8kkjDgLbtMRW650zNCVPuR07lPI3QUpsCUIWIDzCp0GYxkcZ37LAlgGMq/
Du/3U9K5UpH6iCw6zUrIiBZltKqvYMCIkBdICA7dFZMe2S4eX1at47RurEIHEKUv
8PSEhlf8+TmpnEkLvAkwiWO1Ko73NHpgfA/GgJOQsDQTAbqkh5sgntUzYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBPcWFkFNfHbh8Ed48KiEn+d9V1NMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvRTl4WVdRVTE4ZHVId1IzandxSVNmNTMxWFUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZIrMA0G
CSqGSIb3DQEBCwUAA4IBAQB/B2og0S/1wG0zNNMqqe+qnwCDEwbKXCgG6BgCuxhR
rKzcCrSstrPhSVA0NNX2gdTJtIxWPoU3zzBQ75ReSwlvOWsE68xD6uKJCsjVu0R9
2y2wAAh8DlNLTlOb/CbkoPUqgMO9+TEs68lY3JO/2k2mRW2VoXBXGQVM6p7rEIci
svZv3A2ilSzUuCldXVEI8gsG0cs8XOkjw9eY3V1LuQpgChmDTodHICN2qrxb98S+
7BNUDlloUHrmGFqO+EM2Z4ODcDFHqhRAlqLk36B9rTgH17/R5u2CBnectNtsa29o
IG/bcQv/yh48RDYQI5pLOw//A56bCD/mKHQCV1ll6G3e
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org