Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/3X5oZKsMjDmicqwRLzBYdKampYE.roa
File: 3X5oZKsMjDmicqwRLzBYdKampYE.roa (raw, json)
Hash identifier: 9MkT5bP2PyepUbhIAb8BVfRrXtvPy5cAhObthG0N62g=
Subject key identifier: DD:7E:68:64:AB:0C:8C:39:A2:72:AC:11:2F:30:58:74:A6:A6:A5:81
Certificate issuer: /CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Certificate serial: 01856CE625BF1E1FF3E35157EDE65C6D0F79
Authority key identifier: A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/3X5oZKsMjDmicqwRLzBYdKampYE.roa
Signing time: Sun 01 Jan 2023 10:35:00 +0000
ROA not before: Sun 01 Jan 2023 10:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49761
IP address blocks: 45.131.34.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:25:bf:1e:1f:f3:e3:51:57:ed:e6:5c:6d:0f:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Validity
Not Before: Jan 1 10:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd7e6864ab0c8c39a272ac112f305874a6a6a581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:eb:a6:3a:b6:06:e5:43:a2:3d:57:94:a0:29:
62:8f:ee:de:93:15:08:4b:9a:29:e3:27:59:93:8a:
b0:cc:10:5a:5e:f2:ff:4e:53:12:3d:9e:89:db:b8:
66:09:db:96:5b:cf:48:69:a2:40:4b:af:af:df:b6:
6b:6c:01:f2:f5:8d:62:96:ac:06:67:a9:ff:c2:05:
71:fe:04:bc:e3:ee:fd:fc:85:8d:5b:fc:20:cc:e5:
48:93:14:1c:f7:f1:72:cf:d7:00:0d:6f:77:70:c2:
cc:a9:96:47:cd:45:53:48:bd:b1:3d:74:41:d4:f6:
a7:38:69:4a:01:ea:e4:44:bb:9c:00:d6:2b:e4:22:
14:14:44:c3:95:ae:3b:a1:51:b5:2f:c3:db:cf:25:
9e:45:f5:94:df:cd:a3:64:ed:1d:ea:ec:88:f2:62:
2e:96:47:c6:fa:5d:29:73:d4:85:e5:31:0e:eb:0d:
39:f4:78:b5:c8:49:97:95:e5:02:6b:89:c8:cb:09:
c7:35:46:ea:fe:46:5e:e2:98:ff:3b:52:92:a6:d1:
31:ef:6e:1d:e7:97:05:46:ff:1b:c4:6e:0c:8f:5c:
a9:df:55:e0:9a:98:25:c1:8f:e9:4e:28:e9:79:44:
34:a6:41:b0:58:46:4c:a5:05:e2:fd:1a:dd:cc:0d:
6f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:7E:68:64:AB:0C:8C:39:A2:72:AC:11:2F:30:58:74:A6:A6:A5:81
X509v3 Authority Key Identifier:
keyid:A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/3X5oZKsMjDmicqwRLzBYdKampYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.34.0/24
Signature Algorithm: sha256WithRSAEncryption
25:ec:4c:90:d4:b0:78:98:37:9a:c7:a7:f4:6e:d4:11:01:2e:
51:be:fc:70:ab:1a:1c:0f:a8:87:cc:dd:22:8f:00:43:9c:29:
71:37:59:18:8f:a6:c8:df:f3:18:83:8b:da:08:00:7b:a9:17:
ca:9e:1e:b4:cd:93:15:a7:3e:f9:bd:55:e2:de:eb:c0:0c:87:
42:f6:26:49:b7:27:1d:eb:a7:53:3b:3e:9f:12:2b:3f:c8:72:
43:fb:a9:cc:23:ff:0a:1b:4b:ac:bd:7c:b9:d7:ac:08:43:e6:
d8:d2:23:45:c0:15:5f:ea:b9:83:78:51:2a:ea:0e:e9:da:eb:
c4:1f:c0:78:7d:15:bb:b9:44:7d:b2:e3:34:6e:2c:63:71:99:
bc:74:45:d7:a0:c6:6a:b0:49:9a:de:f0:1a:39:6c:93:27:e8:
6c:09:2b:7a:b7:ce:b4:79:96:df:9f:af:f2:3e:66:aa:c2:48:
b2:4c:6f:0d:26:9b:99:b4:8b:4d:86:a9:12:53:03:90:9f:ea:
99:96:42:8f:b7:71:ad:de:74:6d:22:aa:5c:12:92:a2:d1:3c:
48:f8:38:1f:3c:10:50:79:61:32:d8:7a:65:6c:bf:36:25:25:
17:37:80:f4:60:3d:8c:5e:7d:47:62:49:21:41:43:02:99:20:
42:90:61:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5iW/Hh/z41FX7eZcbQ95MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MTFhMmM5ZmM4ZGU5Njc5YmIxNTg1ODFiMTBjZWFlZTkx
ZmY3OTEwHhcNMjMwMTAxMTAzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDdlNjg2NGFiMGM4YzM5YTI3MmFjMTEyZjMwNTg3NGE2YTZhNTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOumOrYG5UOiPVeUoClij+7ekxUI
S5op4ydZk4qwzBBaXvL/TlMSPZ6J27hmCduWW89IaaJAS6+v37ZrbAHy9Y1ilqwG
Z6n/wgVx/gS84+79/IWNW/wgzOVIkxQc9/Fyz9cADW93cMLMqZZHzUVTSL2xPXRB
1PanOGlKAerkRLucANYr5CIUFETDla47oVG1L8PbzyWeRfWU382jZO0d6uyI8mIu
lkfG+l0pc9SF5TEO6w059Hi1yEmXleUCa4nIywnHNUbq/kZe4pj/O1KSptEx724d
55cFRv8bxG4Mj1yp31XgmpglwY/pTijpeUQ0pkGwWEZMpQXi/RrdzA1vyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1+aGSrDIw5onKsES8wWHSmpqWBMB8GA1UdIwQY
MBaAFKgRosn8jelnm7FYWBsQzq7pH/eRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYt
MGNjNGMwMDAwODU4LzEvM1g1b1pLc01qRG1pY3F3Ukx6QllkS2FtcFlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYtMGNjNGMwMDAwODU4
LzEvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYMiMA0G
CSqGSIb3DQEBCwUAA4IBAQAl7EyQ1LB4mDeax6f0btQRAS5RvvxwqxocD6iHzN0i
jwBDnClxN1kYj6bI3/MYg4vaCAB7qRfKnh60zZMVpz75vVXi3uvADIdC9iZJtycd
66dTOz6fEis/yHJD+6nMI/8KG0usvXy516wIQ+bY0iNFwBVf6rmDeFEq6g7p2uvE
H8B4fRW7uUR9suM0bixjcZm8dEXXoMZqsEma3vAaOWyTJ+hsCSt6t860eZbfn6/y
PmaqwkiyTG8NJpuZtItNhqkSUwOQn+qZlkKPt3Gt3nRtIqpcEpKi0TxI+DgfPBBQ
eWEy2HplbL82JSUXN4D0YD2MXn1HYkkhQUMCmSBCkGEk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:59 2024 by rpki-client on console-ams.rpki-client.org