Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/JOfHwgw5GQuU9qCf6JOt32bf5Vc.roa
File: JOfHwgw5GQuU9qCf6JOt32bf5Vc.roa (raw, json)
Hash identifier: JkZGkYOgTVo71ZaloHQD+lv2xi7u3k9/5LPHd2PD11Y=
Subject key identifier: 24:E7:C7:C2:0C:39:19:0B:94:F6:A0:9F:E8:93:AD:DF:66:DF:E5:57
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 19C86D56
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/JOfHwgw5GQuU9qCf6JOt32bf5Vc.roa
Signing time: Sat 01 Jan 2022 15:56:35 +0000
ROA not before: Sat 01 Jan 2022 15:56:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 45.149.72.0/22 maxlen: 22
45.148.252.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 432565590 (0x19c86d56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 15:56:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24e7c7c20c39190b94f6a09fe893addf66dfe557
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:8e:c7:f6:46:a4:7b:98:38:90:1f:93:8e:0b:
16:e0:2d:b8:fc:44:13:ed:99:ca:40:24:c7:3a:ec:
36:31:1c:1e:4d:04:31:96:e6:35:6e:31:30:9e:4b:
bb:52:54:61:b2:95:85:39:8d:62:95:19:01:f4:7e:
a8:be:08:56:d4:98:4e:84:a7:48:25:e2:da:70:fc:
72:f1:6b:58:df:86:de:4d:90:39:f5:ec:17:6d:29:
ea:46:6e:81:33:23:ae:9d:03:ba:33:82:f2:d9:85:
1b:93:b0:af:ba:f0:5a:3d:74:b1:1c:a0:ab:ae:75:
e5:3a:20:a8:03:a8:4a:05:7a:04:a2:fa:9e:f6:16:
c8:f6:ab:72:92:d3:3e:42:71:44:b2:3d:9d:15:b5:
78:8b:6c:dc:4e:05:87:f5:8a:7e:68:bc:f1:8d:7c:
f8:41:b2:0f:4c:24:b7:b6:b3:6c:24:2a:a5:8f:9f:
7d:f0:f8:48:e7:eb:ea:9e:1e:ea:86:c2:7a:3e:88:
89:56:f1:04:89:f2:c9:67:b7:b5:b8:47:95:c0:e3:
dc:29:9f:d4:3a:99:20:8f:be:c1:85:a9:bf:28:a1:
ef:84:98:80:09:cf:3c:4e:58:4f:86:fd:66:53:7b:
28:d2:b3:5b:9a:ea:17:bc:83:d9:6f:a8:b4:1e:ae:
7a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E7:C7:C2:0C:39:19:0B:94:F6:A0:9F:E8:93:AD:DF:66:DF:E5:57
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/JOfHwgw5GQuU9qCf6JOt32bf5Vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.252.0/22
45.149.72.0/22
Signature Algorithm: sha256WithRSAEncryption
15:fa:63:94:47:c6:8f:b7:0b:8d:1f:51:09:42:0a:16:14:8f:
64:64:4d:da:d1:87:7d:49:ad:33:12:ce:07:95:0c:ba:b5:0f:
90:ef:7e:44:a3:59:0b:72:95:0c:86:bb:b3:71:fb:da:c9:17:
ba:78:b1:cd:0f:95:c8:70:b5:3a:af:b4:3d:ab:7c:56:67:e4:
e4:ef:6d:38:60:32:83:4a:e1:4b:8d:c4:54:0d:bf:f9:23:62:
a6:64:6e:c3:f8:ad:b1:4e:ae:45:68:05:e3:13:2d:9e:7a:52:
95:c8:06:ec:f4:0c:e1:68:22:62:6d:9e:c4:80:57:a7:3d:50:
65:c9:93:e6:26:d8:dd:bd:6d:fe:56:88:66:a7:d0:68:b8:24:
08:68:e7:b3:30:de:a5:31:18:2e:cb:fb:86:86:4b:2b:a9:9b:
24:16:93:bf:a6:cd:8b:52:ed:45:f4:51:a1:aa:53:29:0d:a5:
c4:53:52:f2:32:99:01:2d:c5:f9:e0:71:c6:09:04:6e:2d:cd:
df:22:6e:56:8d:6f:23:47:b6:2a:d2:7f:f4:96:52:68:0f:47:
b0:5f:f0:e7:ac:e4:ee:69:af:7b:12:c2:f9:e8:28:e6:ec:a0:
a3:72:c2:4b:9b:3d:8d:7d:14:19:72:0f:aa:05:ec:52:57:99:
0b:2f:82:05
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGchtVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTU1MDA5YzNkZTQyMWNjNGU2N2I5YTlhZTQyM2JiMzVkZTBiOTI2MB4XDTIyMDEw
MTE1NTYzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjRlN2M3YzIwYzM5
MTkwYjk0ZjZhMDlmZTg5M2FkZGY2NmRmZTU1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANuOx/ZGpHuYOJAfk44LFuAtuPxEE+2ZykAkxzrsNjEcHk0E
MZbmNW4xMJ5Lu1JUYbKVhTmNYpUZAfR+qL4IVtSYToSnSCXi2nD8cvFrWN+G3k2Q
OfXsF20p6kZugTMjrp0DujOC8tmFG5Owr7rwWj10sRygq6515TogqAOoSgV6BKL6
nvYWyParcpLTPkJxRLI9nRW1eIts3E4Fh/WKfmi88Y18+EGyD0wkt7azbCQqpY+f
ffD4SOfr6p4e6obCej6IiVbxBInyyWe3tbhHlcDj3Cmf1DqZII++wYWpvyih74SY
gAnPPE5YT4b9ZlN7KNKzW5rqF7yD2W+otB6ueukCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQk58fCDDkZC5T2oJ/ok63fZt/lVzAfBgNVHSMEGDAWgBSxVQCcPeQhzE5n
uamuQjuzXeC5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NWVUFuRDNrSWN4T1o3bXBya0k3czEzZ3VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8x
L0pPZkh3Z3c1R1F1VTlxQ2Y2Sk90MzJiZjVWYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8xL3NWVUFuRDNrSWN4
T1o3bXBya0k3czEzZ3VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2U/AMEAi2VSDANBgkqhkiG9w0B
AQsFAAOCAQEAFfpjlEfGj7cLjR9RCUIKFhSPZGRN2tGHfUmtMxLOB5UMurUPkO9+
RKNZC3KVDIa7s3H72skXunixzQ+VyHC1Oq+0Pat8Vmfk5O9tOGAyg0rhS43EVA2/
+SNipmRuw/itsU6uRWgF4xMtnnpSlcgG7PQM4WgiYm2exIBXpz1QZcmT5ibY3b1t
/laIZqfQaLgkCGjnszDepTEYLsv7hoZLK6mbJBaTv6bNi1LtRfRRoapTKQ2lxFNS
8jKZAS3F+eBxxgkEbi3N3yJuVo1vI0e2KtJ/9JZSaA9HsF/w56zk7mmvexLC+ego
5uygo3LCS5s9jX0UGXIPqgXsUleZCy+CBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org