Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/b4JUVir3qwKWHLxVC9bOnIhX1ok.roa
File: b4JUVir3qwKWHLxVC9bOnIhX1ok.roa (raw, json)
Hash identifier: FGh8/j3s7lm3KrY8E1bFucEQFUrRbMRpvT8fBjq60kg=
Subject key identifier: 6F:82:54:56:2A:F7:AB:02:96:1C:BC:55:0B:D6:CE:9C:88:57:D6:89
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DB91A9CDC8D7C821F81088F6AF58B
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/b4JUVir3qwKWHLxVC9bOnIhX1ok.roa
Signing time: Sun 01 Jan 2023 20:54:56 +0000
ROA not before: Sun 01 Jan 2023 20:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 27176
IP address blocks: 45.134.28.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:b9:1a:9c:dc:8d:7c:82:1f:81:08:8f:6a:f5:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f8254562af7ab02961cbc550bd6ce9c8857d689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:1d:d9:94:53:cc:d7:af:2f:84:b2:e8:49:0d:
b4:e9:c5:ee:77:ac:e9:b0:a2:de:da:e5:67:5f:36:
f5:50:64:0e:2e:c7:48:88:4b:aa:a7:c9:2a:ce:1b:
06:c7:ee:f7:96:a9:00:8b:19:9d:a6:63:4b:e8:c8:
45:5b:43:7f:4b:67:63:4c:dd:dc:fb:97:5e:80:db:
6a:a2:ad:f3:e6:bc:51:ec:c4:7d:8a:bf:c7:a0:0b:
78:09:ff:42:9a:74:3f:f8:b8:1f:35:67:d0:f6:97:
91:60:37:f5:f3:e4:19:dd:9e:e6:90:0b:f4:2c:ff:
82:48:7b:31:71:6e:b9:b5:58:f7:ca:b3:03:03:4a:
87:5c:cb:fb:97:11:cb:ac:2d:2d:ba:2b:cc:5a:93:
7d:63:d5:e8:ba:2f:b6:43:10:a7:df:6b:ff:fd:e2:
8c:86:85:ca:3c:bd:e0:ce:c5:50:f8:1b:44:bf:1a:
b3:8f:a2:bc:35:28:d4:84:53:4d:e8:6f:9b:2b:f5:
d4:2a:c5:bc:0e:f2:5d:27:91:0f:07:c8:97:6a:30:
cb:67:ed:26:89:37:d9:51:f1:45:21:e4:71:96:59:
58:7b:5c:34:f4:ea:7a:fc:96:25:9a:71:97:10:2b:
22:82:52:85:18:2a:f9:d6:8b:1f:49:00:10:b9:8e:
ee:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:82:54:56:2A:F7:AB:02:96:1C:BC:55:0B:D6:CE:9C:88:57:D6:89
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/b4JUVir3qwKWHLxVC9bOnIhX1ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.28.0/22
Signature Algorithm: sha256WithRSAEncryption
05:84:ba:bd:63:e3:e4:b7:53:45:e7:12:b9:fe:32:45:bf:9a:
0c:0d:d7:b0:aa:6c:27:a7:4d:8a:47:64:64:3c:22:8b:9d:40:
a6:f6:e8:d4:0d:02:de:e9:57:45:41:9f:04:81:04:76:fe:6f:
e8:91:20:79:c9:76:d0:9b:9d:e2:65:8d:00:33:3f:e7:a6:0c:
e8:f9:ba:2b:bc:41:9a:98:df:a9:41:40:e2:36:e3:77:8c:92:
de:b0:13:3d:38:43:58:69:fe:c3:b2:17:18:67:f5:fc:3c:ff:
3f:e5:37:02:15:ac:ed:81:df:5e:38:08:ac:0f:97:58:a8:55:
ae:bb:6d:7e:4b:9e:e6:a0:65:97:ee:92:f8:d0:5b:29:75:78:
86:bd:d4:96:2b:25:39:f4:d7:2b:51:93:4e:cf:cd:84:8a:d2:
2d:0b:a7:3d:e8:84:07:5a:2b:28:3d:66:98:4a:37:4f:03:24:
f1:2e:ba:e6:d0:7f:04:42:55:ab:a4:8a:c8:12:2e:fb:34:ff:
18:86:64:40:ea:21:70:9c:5b:1c:17:14:fb:b1:31:19:b6:47:
01:69:d9:6f:98:f7:64:57:35:ce:b5:31:7c:3c:a5:9d:7a:b0:
2b:1f:3f:2b:e0:92:2e:1f:71:a3:87:7b:68:0e:46:ff:0a:73:
2f:c0:e7:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHbkanNyNfIIfgQiPavWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjgyNTQ1NjJhZjdhYjAyOTYxY2JjNTUwYmQ2Y2U5Yzg4NTdkNjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgx3ZlFPM168vhLLoSQ206cXud6zp
sKLe2uVnXzb1UGQOLsdIiEuqp8kqzhsGx+73lqkAixmdpmNL6MhFW0N/S2djTN3c
+5degNtqoq3z5rxR7MR9ir/HoAt4Cf9CmnQ/+LgfNWfQ9peRYDf18+QZ3Z7mkAv0
LP+CSHsxcW65tVj3yrMDA0qHXMv7lxHLrC0tuivMWpN9Y9Xoui+2QxCn32v//eKM
hoXKPL3gzsVQ+BtEvxqzj6K8NSjUhFNN6G+bK/XUKsW8DvJdJ5EPB8iXajDLZ+0m
iTfZUfFFIeRxlllYe1w09Op6/JYlmnGXECsiglKFGCr51osfSQAQuY7u0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG+CVFYq96sClhy8VQvWzpyIV9aJMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvYjRKVVZpcjNxd0tXSEx4VkM5Yk9uSWhYMW9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYYcMA0G
CSqGSIb3DQEBCwUAA4IBAQAFhLq9Y+Pkt1NF5xK5/jJFv5oMDdewqmwnp02KR2Rk
PCKLnUCm9ujUDQLe6VdFQZ8EgQR2/m/okSB5yXbQm53iZY0AMz/npgzo+borvEGa
mN+pQUDiNuN3jJLesBM9OENYaf7DshcYZ/X8PP8/5TcCFaztgd9eOAisD5dYqFWu
u21+S57moGWX7pL40FspdXiGvdSWKyU59NcrUZNOz82EitItC6c96IQHWisoPWaY
SjdPAyTxLrrm0H8EQlWrpIrIEi77NP8YhmRA6iFwnFscFxT7sTEZtkcBadlvmPdk
VzXOtTF8PKWderArHz8r4JIuH3Gjh3toDkb/CnMvwOcF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org