Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/GEU35nTKVWE_qrrkC7pfXucg3wU.roa
File: GEU35nTKVWE_qrrkC7pfXucg3wU.roa (raw, json)
Hash identifier: ga7VMI2c80AukCbIwZ8xfr0I1z/hCvBXQ2z/NRkLIU4=
Subject key identifier: 18:45:37:E6:74:CA:55:61:3F:AA:BA:E4:0B:BA:5F:5E:E7:20:DF:05
Certificate issuer: /CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Certificate serial: 01846D9E05A01F1C07644469ACE1BE433659
Authority key identifier: 31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/GEU35nTKVWE_qrrkC7pfXucg3wU.roa
Signing time: Sat 12 Nov 2022 20:53:03 +0000
ROA not before: Sat 12 Nov 2022 20:53:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 45.138.145.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:6d:9e:05:a0:1f:1c:07:64:44:69:ac:e1:be:43:36:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Validity
Not Before: Nov 12 20:53:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=184537e674ca55613faabae40bba5f5ee720df05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:14:2f:8c:64:92:2d:2b:29:07:3f:2d:56:ca:
21:f8:16:d7:6c:ca:64:7f:dd:fb:1f:1a:6a:fc:0d:
4f:1d:d6:0a:39:5a:ab:b2:6b:d7:75:78:f6:c1:34:
9f:35:4b:c1:90:7e:bd:1c:6a:b8:40:cc:28:81:98:
07:bb:2c:a6:4e:82:ae:43:31:32:57:4d:b6:61:a2:
ff:e9:dd:00:97:bc:a2:57:a8:68:3e:0b:78:84:34:
1f:46:d7:ef:b8:b3:d8:3d:ae:d3:a7:bf:c9:8c:23:
9a:c6:57:02:78:61:55:34:e6:86:4d:b0:62:b3:34:
59:77:49:de:4d:e0:8f:a5:e8:d7:8e:79:6d:c5:4a:
92:7d:aa:77:aa:ad:92:bb:f8:1f:d5:4c:76:0d:87:
50:fe:43:49:66:92:de:e2:71:aa:94:6b:84:4e:c9:
92:1b:aa:a2:c6:ab:cf:54:ea:28:49:78:2f:db:f9:
f5:13:57:3a:71:52:3b:26:21:7a:dd:64:be:c3:da:
ae:a8:0f:36:65:58:23:bb:08:d4:06:16:8f:d5:f4:
6d:0f:1c:50:2f:85:c7:f5:44:4f:fe:ee:7e:43:e6:
bf:0b:02:4f:0d:d4:db:84:3d:6f:92:de:7d:3c:9f:
30:ad:bc:1e:b7:d6:c0:eb:d5:8a:a2:8b:97:8b:3a:
92:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:45:37:E6:74:CA:55:61:3F:AA:BA:E4:0B:BA:5F:5E:E7:20:DF:05
X509v3 Authority Key Identifier:
keyid:31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/GEU35nTKVWE_qrrkC7pfXucg3wU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MQsFJRN4mUz6gIjSO27u1Onmqwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.145.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:bc:72:c9:a4:4a:ee:0a:73:89:88:52:eb:55:1e:0a:1a:c8:
7c:46:cc:78:8f:48:e1:79:b6:6a:9e:94:8f:90:df:56:98:4b:
3b:06:ef:df:fd:67:d9:31:1c:4d:3e:5a:a6:6f:76:e8:ab:f9:
a5:dd:95:55:b4:87:f7:7a:11:03:67:87:c2:a1:e7:24:2e:cc:
3a:af:e0:18:fb:01:ae:cf:c0:50:f1:8b:94:db:3a:e2:6c:57:
65:74:09:9e:a1:d2:1a:9a:4e:17:d8:7a:b8:bb:9c:91:34:45:
73:68:75:0b:60:1f:65:f9:fc:8b:be:b4:b8:f2:c0:44:4a:43:
36:35:d5:9e:5b:4e:14:5a:6e:59:f4:80:f0:f8:23:f7:05:f3:
75:97:df:03:54:70:2a:96:9c:b1:c9:05:fa:8c:7b:09:ad:18:
05:30:71:14:4a:3b:56:84:fa:a8:b1:1c:40:bc:39:c8:0f:6f:
b8:b2:9d:09:f0:71:fe:27:70:40:79:c2:19:3e:cd:23:f7:93:
14:51:b3:c6:26:dc:be:d4:ae:07:b8:ee:28:fe:cd:6d:d3:4e:
98:b0:05:35:b3:4d:4a:2a:bb:37:dd:e0:e3:a3:2c:d7:55:79:
08:64:15:25:f4:95:76:a2:ba:e6:17:32:7d:41:27:94:6e:23:
78:3a:c8:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRtngWgHxwHZERprOG+QzZZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMGIwNTI1MTM3ODk5NGNmYTgwODhkMjNiNmVlZWQ0ZTll
NmFiMDgwHhcNMjIxMTEyMjA1MzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODQ1MzdlNjc0Y2E1NTYxM2ZhYWJhZTQwYmJhNWY1ZWU3MjBkZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhQvjGSSLSspBz8tVsoh+BbXbMpk
f937Hxpq/A1PHdYKOVqrsmvXdXj2wTSfNUvBkH69HGq4QMwogZgHuyymToKuQzEy
V022YaL/6d0Al7yiV6hoPgt4hDQfRtfvuLPYPa7Tp7/JjCOaxlcCeGFVNOaGTbBi
szRZd0neTeCPpejXjnltxUqSfap3qq2Su/gf1Ux2DYdQ/kNJZpLe4nGqlGuETsmS
G6qixqvPVOooSXgv2/n1E1c6cVI7JiF63WS+w9quqA82ZVgjuwjUBhaP1fRtDxxQ
L4XH9URP/u5+Q+a/CwJPDdTbhD1vkt59PJ8wrbwet9bA69WKoouXizqSLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBhFN+Z0ylVhP6q65Au6X17nIN8FMB8GA1UdIwQY
MBaAFDELBSUTeJlM+oCI0jtu7tTp5qsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEt
N2NmZGYyZGY2NjMyLzEvR0VVMzVuVEtWV0VfcXJya0M3cGZYdWNnM3dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEtN2NmZGYyZGY2NjMy
LzEvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYqRMA0G
CSqGSIb3DQEBCwUAA4IBAQCjvHLJpEruCnOJiFLrVR4KGsh8Rsx4j0jhebZqnpSP
kN9WmEs7Bu/f/WfZMRxNPlqmb3boq/ml3ZVVtIf3ehEDZ4fCoeckLsw6r+AY+wGu
z8BQ8YuU2zribFdldAmeodIamk4X2Hq4u5yRNEVzaHULYB9l+fyLvrS48sBESkM2
NdWeW04UWm5Z9IDw+CP3BfN1l98DVHAqlpyxyQX6jHsJrRgFMHEUSjtWhPqosRxA
vDnID2+4sp0J8HH+J3BAecIZPs0j95MUUbPGJty+1K4HuO4o/s1t006YsAU1s01K
Krs33eDjoyzXVXkIZBUl9JV2orrmFzJ9QSeUbiN4Osgo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:48 2024 by rpki-client on console-fra.rpki-client.org