Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/3VS0cFwPr0fer-ad6hGbGBOKTJY.roa
File: 3VS0cFwPr0fer-ad6hGbGBOKTJY.roa (raw, json)
Hash identifier: s8vLPCk1jBrrQCrZkW9oDtFnUAVMhndyr8FLik9itJ0=
Subject key identifier: DD:54:B4:70:5C:0F:AF:47:DE:AF:E6:9D:EA:11:9B:18:13:8A:4C:96
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0186EA5F1EB6A9FA9227A5251E740FFB47B9
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/3VS0cFwPr0fer-ad6hGbGBOKTJY.roa
Signing time: Thu 16 Mar 2023 12:22:27 +0000
ROA not before: Thu 16 Mar 2023 12:22:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 139660
IP address blocks: 45.148.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ea:5f:1e:b6:a9:fa:92:27:a5:25:1e:74:0f:fb:47:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Mar 16 12:22:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd54b4705c0faf47deafe69dea119b18138a4c96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:42:f9:a4:c4:0e:af:83:34:1b:60:6a:ef:f6:
49:eb:9f:6d:17:d4:1a:14:e7:c1:c5:ea:7e:a4:c9:
17:04:bd:5e:37:3a:bf:54:5e:68:42:f7:ae:7f:0f:
5d:dd:48:13:d7:4b:69:11:42:c7:9a:22:f9:dc:da:
9d:7f:33:3f:27:f1:b5:51:99:e4:11:51:67:30:25:
ac:5f:7d:70:f5:0a:9e:82:54:11:af:a7:4a:92:45:
b1:b1:be:cd:ff:0b:7b:cc:e2:93:e2:84:29:0f:7a:
c0:05:9e:da:fd:f4:dc:a9:2e:2b:3a:96:18:ba:c3:
9e:56:58:68:f3:99:df:d7:0e:88:e5:cb:15:70:41:
b3:15:75:7a:01:a7:aa:cc:6b:0f:81:d0:b2:cb:09:
8a:c9:35:4a:3f:15:70:6e:aa:c9:eb:db:da:b9:4d:
0f:38:df:f7:81:ae:8c:93:30:5a:b8:4d:c8:b2:e3:
bf:1c:ef:74:74:ae:15:2b:18:b6:6f:29:bb:36:54:
2a:7c:b7:b7:93:e8:f7:e9:a9:0f:68:73:20:63:21:
4f:ca:00:c2:ff:d7:4d:f9:5e:ce:c9:56:dc:0e:70:
3b:b3:f1:db:86:11:90:89:13:0b:2d:1c:cd:01:7c:
9c:7d:75:ac:2d:cf:e4:b7:0a:e3:ad:e5:76:f3:0c:
b2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:54:B4:70:5C:0F:AF:47:DE:AF:E6:9D:EA:11:9B:18:13:8A:4C:96
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/3VS0cFwPr0fer-ad6hGbGBOKTJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.255.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:1e:07:23:73:7c:20:ee:99:9f:c4:55:6c:54:4f:c3:59:69:
ac:83:d7:7e:42:d0:ca:ea:7b:28:d6:87:3c:0e:ef:11:2b:e5:
3b:07:8d:b8:bf:04:fa:fd:7c:c0:53:13:b8:86:d8:e6:cc:3a:
6b:7e:99:56:c0:ef:0e:f1:95:6b:82:65:83:ab:1e:3f:3d:42:
0a:bc:c2:94:22:7d:8f:56:bb:d9:c2:8e:79:72:f1:4e:6b:43:
89:e5:2c:29:19:e4:d4:33:10:36:19:65:6c:08:5c:84:86:16:
36:24:fb:ea:e1:9a:90:04:48:04:ec:94:2f:9d:a3:50:02:27:
bd:7e:9c:fc:33:77:6e:77:eb:39:7d:60:e5:ea:f1:db:77:76:
42:0d:7b:e3:2f:28:ac:39:19:91:67:c5:c9:df:dc:4d:d8:fb:
3d:96:a6:0a:4d:15:c2:de:a3:37:53:57:4e:4e:4a:f8:d9:bb:
b9:23:25:a5:3a:91:16:1c:81:98:bd:4f:3f:46:cc:06:ec:d6:
eb:26:a6:59:7b:81:f1:8a:09:66:05:45:b7:cc:23:07:cc:79:
e0:2b:6e:a6:00:84:ec:c4:81:2f:8d:77:25:30:4a:0d:19:28:
93:ad:d3:b4:db:f3:09:6a:1b:21:7c:49:96:00:1a:28:91:77:
91:a4:0b:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbqXx62qfqSJ6UlHnQP+0e5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMzE2MTIyMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDU0YjQ3MDVjMGZhZjQ3ZGVhZmU2OWRlYTExOWIxODEzOGE0Yzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUL5pMQOr4M0G2Bq7/ZJ659tF9Qa
FOfBxep+pMkXBL1eNzq/VF5oQveufw9d3UgT10tpEULHmiL53NqdfzM/J/G1UZnk
EVFnMCWsX31w9QqeglQRr6dKkkWxsb7N/wt7zOKT4oQpD3rABZ7a/fTcqS4rOpYY
usOeVlho85nf1w6I5csVcEGzFXV6AaeqzGsPgdCyywmKyTVKPxVwbqrJ69vauU0P
ON/3ga6MkzBauE3IsuO/HO90dK4VKxi2bym7NlQqfLe3k+j36akPaHMgYyFPygDC
/9dN+V7OyVbcDnA7s/HbhhGQiRMLLRzNAXycfXWsLc/ktwrjreV28wyyNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN1UtHBcD69H3q/mneoRmxgTikyWMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvM1ZTMGNGd1ByMGZlci1hZDZoR2JHQk9LVEpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZT/MA0G
CSqGSIb3DQEBCwUAA4IBAQC/Hgcjc3wg7pmfxFVsVE/DWWmsg9d+QtDK6nso1oc8
Du8RK+U7B424vwT6/XzAUxO4htjmzDprfplWwO8O8ZVrgmWDqx4/PUIKvMKUIn2P
VrvZwo55cvFOa0OJ5SwpGeTUMxA2GWVsCFyEhhY2JPvq4ZqQBEgE7JQvnaNQAie9
fpz8M3dud+s5fWDl6vHbd3ZCDXvjLyisORmRZ8XJ39xN2Ps9lqYKTRXC3qM3U1dO
Tkr42bu5IyWlOpEWHIGYvU8/RswG7NbrJqZZe4HxiglmBUW3zCMHzHngK26mAITs
xIEvjXclMEoNGSiTrdO02/MJahshfEmWABookXeRpAv0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:51 2024 by rpki-client on console-fra.rpki-client.org