Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/PyO_p9yvInGeksqvHLzUrrlHSJ0.roa
File: PyO_p9yvInGeksqvHLzUrrlHSJ0.roa (raw, json)
Hash identifier: Fh3GZ/tI0U8+5PI3qAD7hknYKQ7u6iBenTs4BqXB2LE=
Subject key identifier: 3F:23:BF:A7:DC:AF:22:71:9E:92:CA:AF:1C:BC:D4:AE:B9:47:48:9D
Certificate issuer: /CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Certificate serial: 01856CE62D96DE3E86973981DDB74AAC296B
Authority key identifier: A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/PyO_p9yvInGeksqvHLzUrrlHSJ0.roa
Signing time: Sun 01 Jan 2023 10:35:02 +0000
ROA not before: Sun 01 Jan 2023 10:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212657
IP address blocks: 45.131.33.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:2d:96:de:3e:86:97:39:81:dd:b7:4a:ac:29:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Validity
Not Before: Jan 1 10:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f23bfa7dcaf22719e92caaf1cbcd4aeb947489d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:dd:86:4a:8c:9f:ce:f0:bf:c3:88:09:ef:ab:
48:b7:52:9f:3c:6a:f2:4a:59:d3:81:68:e3:6b:3e:
a8:1b:35:7a:25:f1:c7:49:c5:56:70:78:21:71:74:
fb:48:72:22:e1:ab:79:94:c1:db:d6:f5:a1:81:51:
f3:bb:32:03:61:d7:cc:e3:b4:d3:a0:c6:d5:2e:41:
71:5f:79:72:da:d6:e7:be:ec:56:60:e7:d2:f4:86:
cc:73:7a:75:89:95:88:50:90:c2:72:eb:98:7d:53:
9e:79:20:34:17:b7:aa:0b:6c:57:b4:86:e0:bc:6c:
cd:40:13:20:9f:16:91:31:93:9e:4a:e7:ba:54:6f:
ca:f4:8e:6c:8a:c8:11:00:5d:8a:b4:7d:5d:65:9a:
1b:e9:44:12:3c:4a:61:3f:2b:b8:ee:98:41:8f:a9:
b7:ce:3d:45:60:c9:58:9d:6c:05:c4:b6:2c:ed:0a:
b7:50:b0:3f:1e:b7:77:c7:fe:98:bf:4b:12:f9:4a:
82:c6:bc:d2:8f:86:98:f0:0d:68:d0:a5:28:30:07:
71:06:2b:ad:ae:18:0a:a3:ce:07:6e:b0:af:8e:6e:
a7:a5:a7:b1:78:89:25:37:21:e8:9b:40:c1:4d:75:
f0:67:1b:6e:0e:0b:bf:e8:5b:4e:99:ed:b0:be:a4:
db:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:23:BF:A7:DC:AF:22:71:9E:92:CA:AF:1C:BC:D4:AE:B9:47:48:9D
X509v3 Authority Key Identifier:
keyid:A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/PyO_p9yvInGeksqvHLzUrrlHSJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.33.0/24
Signature Algorithm: sha256WithRSAEncryption
37:21:11:14:96:9c:a9:46:5a:5c:30:b9:24:4a:f1:b0:88:a0:
2a:c8:38:1a:44:0d:36:e8:d0:c4:8a:7e:0d:39:c5:94:be:05:
56:8b:4e:ca:06:4d:e9:2d:c4:e6:f3:93:b7:72:a0:06:63:cf:
d0:62:cd:d1:d2:87:c3:7f:a1:dc:ac:ab:09:2e:61:30:69:93:
ef:94:4e:d4:7e:45:61:aa:1e:3e:85:70:46:3d:2a:ae:7b:15:
e3:2e:d9:02:74:98:95:1e:7d:36:74:ce:e6:86:b0:e6:cd:ed:
c9:20:8c:b5:f4:6b:6e:59:e0:c1:cf:29:02:89:2d:13:74:ae:
7f:ad:ba:7b:9b:ce:4c:9a:b5:48:40:1b:28:ac:78:45:6b:c7:
2c:d0:05:cc:ec:af:4b:e3:0b:16:6e:6d:8b:7c:7e:7d:1b:bd:
aa:31:aa:b3:24:76:ee:05:8b:2d:52:66:3b:f1:ea:15:af:7d:
99:ca:da:58:2a:7c:53:0f:4b:91:da:b7:d7:bd:c3:46:e7:80:
84:ff:f2:6a:75:8d:92:11:cd:59:26:b3:7d:d2:a8:18:b9:7b:
e6:21:85:34:d8:b0:44:0e:6f:a0:d2:a5:38:61:c1:7a:60:77:
91:85:bb:4d:83:f0:ad:9e:b1:56:f0:ab:2f:ca:56:50:9b:c1:
b6:42:8a:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5i2W3j6GlzmB3bdKrClrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MTFhMmM5ZmM4ZGU5Njc5YmIxNTg1ODFiMTBjZWFlZTkx
ZmY3OTEwHhcNMjMwMTAxMTAzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjIzYmZhN2RjYWYyMjcxOWU5MmNhYWYxY2JjZDRhZWI5NDc0ODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsd2GSoyfzvC/w4gJ76tIt1KfPGry
SlnTgWjjaz6oGzV6JfHHScVWcHghcXT7SHIi4at5lMHb1vWhgVHzuzIDYdfM47TT
oMbVLkFxX3ly2tbnvuxWYOfS9IbMc3p1iZWIUJDCcuuYfVOeeSA0F7eqC2xXtIbg
vGzNQBMgnxaRMZOeSue6VG/K9I5sisgRAF2KtH1dZZob6UQSPEphPyu47phBj6m3
zj1FYMlYnWwFxLYs7Qq3ULA/Hrd3x/6Yv0sS+UqCxrzSj4aY8A1o0KUoMAdxBiut
rhgKo84HbrCvjm6npaexeIklNyHom0DBTXXwZxtuDgu/6FtOme2wvqTbbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD8jv6fcryJxnpLKrxy81K65R0idMB8GA1UdIwQY
MBaAFKgRosn8jelnm7FYWBsQzq7pH/eRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYt
MGNjNGMwMDAwODU4LzEvUHlPX3A5eXZJbkdla3NxdkhMelVycmxIU0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYtMGNjNGMwMDAwODU4
LzEvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYMhMA0G
CSqGSIb3DQEBCwUAA4IBAQA3IREUlpypRlpcMLkkSvGwiKAqyDgaRA026NDEin4N
OcWUvgVWi07KBk3pLcTm85O3cqAGY8/QYs3R0ofDf6HcrKsJLmEwaZPvlE7UfkVh
qh4+hXBGPSquexXjLtkCdJiVHn02dM7mhrDmze3JIIy19GtuWeDBzykCiS0TdK5/
rbp7m85MmrVIQBsorHhFa8cs0AXM7K9L4wsWbm2LfH59G72qMaqzJHbuBYstUmY7
8eoVr32ZytpYKnxTD0uR2rfXvcNG54CE//JqdY2SEc1ZJrN90qgYuXvmIYU02LBE
Dm+g0qU4YcF6YHeRhbtNg/CtnrFW8KsvylZQm8G2QorU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:59 2024 by rpki-client on console-ams.rpki-client.org