Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/vfAbOci-ubQWaj9cHSfM78fFs14.roa
File: vfAbOci-ubQWaj9cHSfM78fFs14.roa (raw, json)
Hash identifier: IGn7Wk5pOFsQA9I9QTw9LmYVxfkIwivByD/c2imD8k4=
Subject key identifier: BD:F0:1B:39:C8:BE:B9:B4:16:6A:3F:5C:1D:27:CC:EF:C7:C5:B3:5E
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 0189B0D6812014CD02B652E3E1D5AF458037
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/vfAbOci-ubQWaj9cHSfM78fFs14.roa
Signing time: Tue 01 Aug 2023 11:23:15 +0000
ROA not before: Tue 01 Aug 2023 11:23:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 395092
IP address blocks: 45.139.54.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b0:d6:81:20:14:cd:02:b6:52:e3:e1:d5:af:45:80:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Aug 1 11:23:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdf01b39c8beb9b4166a3f5c1d27ccefc7c5b35e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:99:ff:42:09:2a:5d:25:36:b0:11:95:27:7f:
b9:b8:7d:a1:76:bf:bb:55:0b:8a:57:23:06:f6:a9:
96:cf:c8:6e:99:ef:3f:53:b5:2e:51:af:54:f6:80:
bd:6d:d6:85:4e:04:a2:91:a9:61:6d:94:ba:99:a9:
42:7e:f5:69:ed:5e:a4:17:82:1f:d5:dd:09:32:9f:
38:de:b8:80:61:0e:4c:97:19:ba:12:78:6d:9c:66:
fc:04:bf:22:65:91:0d:a7:6f:fe:c3:c8:c2:3d:3b:
dc:e6:cd:72:8d:58:52:03:ed:d7:dc:71:eb:f7:ab:
33:66:3c:00:58:ac:1b:b7:3c:da:05:2a:50:69:fa:
76:a9:d3:b3:4e:c4:ca:fc:39:61:76:00:93:ad:09:
97:16:71:f0:9d:bb:99:00:0a:f2:ae:f3:ea:8b:e0:
2f:64:10:28:1f:13:43:22:c0:40:46:2a:66:ff:75:
9d:bb:54:80:c8:8a:24:84:46:ee:5f:8c:4f:af:c5:
e3:aa:1e:cc:c9:02:7c:4f:08:f0:1f:db:ee:88:94:
5c:2f:e1:fd:b4:db:54:aa:4b:3b:36:dc:04:37:b3:
d9:24:ed:c6:40:61:b3:d7:a8:bd:f5:c4:5b:24:15:
72:3e:db:86:2c:01:fa:91:0f:45:90:a3:18:73:54:
4f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:F0:1B:39:C8:BE:B9:B4:16:6A:3F:5C:1D:27:CC:EF:C7:C5:B3:5E
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/vfAbOci-ubQWaj9cHSfM78fFs14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.54.0/24
Signature Algorithm: sha256WithRSAEncryption
17:ff:a1:10:ea:3d:1c:0e:f6:1e:16:c1:9a:f1:63:5b:1c:eb:
82:6f:ee:13:af:d2:3d:a1:6f:97:99:76:48:25:35:bf:a5:dc:
e1:c7:fb:c4:66:ae:50:01:c2:3e:10:c7:16:86:be:87:4d:2d:
27:91:02:45:e2:6f:05:d7:0f:83:54:89:ba:06:99:fb:b6:d6:
7f:b4:27:3d:95:df:62:f6:d2:c4:3e:3e:3c:98:f4:12:4f:d5:
47:95:f1:ba:40:44:7f:7d:aa:34:a5:ee:86:03:66:cf:d0:61:
c8:27:1d:ee:29:72:c0:cf:7d:73:2a:a0:66:31:9c:7f:66:40:
42:a3:07:cd:f1:81:6e:a0:db:d8:5c:89:de:9a:72:cb:e8:55:
f7:4f:fc:88:ed:03:ce:b1:9d:21:6d:5d:54:28:77:f3:e1:1d:
5a:58:40:6a:c4:93:d1:ea:aa:92:b7:09:cb:a5:a7:3d:f2:fc:
50:15:e2:d9:b7:4e:b4:45:ee:cc:ae:44:54:b3:09:a7:4d:b5:
f4:a1:de:34:52:dc:53:54:25:d0:34:61:c5:a7:a7:9c:16:f0:
c5:98:7e:e3:1f:e2:79:1e:95:3a:b2:01:e7:52:47:10:ba:15:
a0:5c:0f:c8:1c:f6:83:3e:42:7a:bf:ee:87:8f:f3:40:11:23:
e5:c7:21:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmw1oEgFM0CtlLj4dWvRYA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwODAxMTEyMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGYwMWIzOWM4YmViOWI0MTY2YTNmNWMxZDI3Y2NlZmM3YzViMzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5n/QgkqXSU2sBGVJ3+5uH2hdr+7
VQuKVyMG9qmWz8hume8/U7UuUa9U9oC9bdaFTgSikalhbZS6malCfvVp7V6kF4If
1d0JMp843riAYQ5Mlxm6EnhtnGb8BL8iZZENp2/+w8jCPTvc5s1yjVhSA+3X3HHr
96szZjwAWKwbtzzaBSpQafp2qdOzTsTK/DlhdgCTrQmXFnHwnbuZAAryrvPqi+Av
ZBAoHxNDIsBARipm/3Wdu1SAyIokhEbuX4xPr8Xjqh7MyQJ8TwjwH9vuiJRcL+H9
tNtUqks7NtwEN7PZJO3GQGGz16i99cRbJBVyPtuGLAH6kQ9FkKMYc1RPrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL3wGznIvrm0Fmo/XB0nzO/HxbNeMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvdmZBYk9jaS11YlFXYWo5Y0hTZk03OGZGczE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYs2MA0G
CSqGSIb3DQEBCwUAA4IBAQAX/6EQ6j0cDvYeFsGa8WNbHOuCb+4Tr9I9oW+XmXZI
JTW/pdzhx/vEZq5QAcI+EMcWhr6HTS0nkQJF4m8F1w+DVIm6Bpn7ttZ/tCc9ld9i
9tLEPj48mPQST9VHlfG6QER/fao0pe6GA2bP0GHIJx3uKXLAz31zKqBmMZx/ZkBC
owfN8YFuoNvYXInemnLL6FX3T/yI7QPOsZ0hbV1UKHfz4R1aWEBqxJPR6qqStwnL
pac98vxQFeLZt060Re7MrkRUswmnTbX0od40UtxTVCXQNGHFp6ecFvDFmH7jH+J5
HpU6sgHnUkcQuhWgXA/IHPaDPkJ6v+6Hj/NAESPlxyHJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org