Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Wh2RfadcKUfyqin2CImglVf9oAk.roa
File: Wh2RfadcKUfyqin2CImglVf9oAk.roa (raw, json)
Hash identifier: XnGwrR0ucGzoA8RvNqJKnXg8sG81hvV3XdpwSk+o1LM=
Subject key identifier: 5A:1D:91:7D:A7:5C:29:47:F2:AA:29:F6:08:89:A0:95:57:FD:A0:09
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0187483C782D609BCD6543CCF6A41B0CCF1C
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Wh2RfadcKUfyqin2CImglVf9oAk.roa
Signing time: Mon 03 Apr 2023 17:48:55 +0000
ROA not before: Mon 03 Apr 2023 17:48:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.148.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:48:3c:78:2d:60:9b:cd:65:43:cc:f6:a4:1b:0c:cf:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Apr 3 17:48:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a1d917da75c2947f2aa29f60889a09557fda009
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5d:37:80:65:0c:bc:f8:a2:d0:be:f1:dc:89:
5d:8c:ce:02:eb:a6:8e:57:5b:9c:18:a3:1e:77:f0:
e6:4c:20:de:62:61:70:3f:ae:09:fa:e9:dc:2b:b8:
f7:c8:51:51:00:2b:8d:e5:51:b2:6c:96:f5:89:4a:
a6:31:b9:7b:13:d0:54:c9:a8:63:a8:a5:91:be:40:
10:38:ff:77:ce:0f:9c:fc:7c:57:ef:90:81:ab:a2:
46:15:a1:b1:c8:6e:9b:02:68:d6:8a:62:e4:32:aa:
9e:a4:ad:b2:44:ac:6c:01:d0:d7:7f:1f:3b:5c:c4:
fa:58:09:1d:07:67:37:13:78:20:a7:87:40:e1:ca:
56:6b:d6:09:11:f1:b0:24:ed:5a:5e:39:92:2b:b6:
41:c2:a4:54:36:2e:42:4d:66:ea:02:cc:57:dc:22:
fd:2e:53:2a:14:42:d5:f6:bb:7b:b3:78:21:20:5b:
6c:93:3a:45:55:dd:68:e1:68:62:f9:6b:43:f4:24:
25:17:76:f1:ec:d0:01:8e:8f:4f:36:fb:77:23:0b:
06:7a:0c:13:a1:e0:ba:dd:9b:19:5a:ce:37:55:0e:
10:71:eb:7f:e4:bd:c7:d7:99:6f:3f:e9:12:33:a5:
fe:12:02:29:77:df:9d:d5:36:79:7b:4f:a8:b3:a4:
37:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:1D:91:7D:A7:5C:29:47:F2:AA:29:F6:08:89:A0:95:57:FD:A0:09
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Wh2RfadcKUfyqin2CImglVf9oAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.255.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:e4:f9:ee:e2:d0:58:10:37:9c:d3:9c:d1:89:b7:de:f0:87:
43:50:4b:a7:b3:13:f8:fa:ef:af:7e:f9:d3:4f:9c:72:6e:1c:
8c:dd:d5:7c:54:ab:24:6c:9b:92:0d:72:45:5c:f4:84:4d:80:
86:34:30:7f:fc:8f:0f:38:61:cb:d2:68:d4:a7:1d:c8:1c:97:
be:57:4c:28:52:2e:a4:9a:bc:b1:f0:90:b7:07:34:d1:e6:5e:
cc:d5:d0:74:8f:01:b7:46:e9:f5:3a:de:fb:3a:ce:dc:33:46:
9b:5f:19:d6:49:30:1e:10:3b:34:a8:7b:10:84:6f:f7:22:73:
e4:64:e9:89:1a:44:70:26:2b:66:1a:f8:52:4a:0d:1a:16:66:
a7:e7:5b:18:e1:a5:be:20:cc:a2:e2:da:3f:78:68:e6:b0:86:
b5:64:f4:44:0a:d2:a2:e1:b8:0f:93:a2:2f:18:9a:36:33:b6:
c7:97:49:1c:90:49:eb:38:f0:42:09:96:fb:6e:46:66:ea:f1:
64:71:93:89:eb:2a:23:0e:21:b0:1e:35:4f:c5:58:4a:2f:eb:
d9:20:99:59:99:a1:96:fa:5a:58:38:fb:f1:3d:9b:10:05:3a:
77:11:2b:c0:99:b7:91:84:83:c5:08:09:8c:cb:f3:90:65:7f:
ca:fb:d3:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdIPHgtYJvNZUPM9qQbDM8cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwNDAzMTc0ODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTFkOTE3ZGE3NWMyOTQ3ZjJhYTI5ZjYwODg5YTA5NTU3ZmRhMDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiV03gGUMvPii0L7x3IldjM4C66aO
V1ucGKMed/DmTCDeYmFwP64J+uncK7j3yFFRACuN5VGybJb1iUqmMbl7E9BUyahj
qKWRvkAQOP93zg+c/HxX75CBq6JGFaGxyG6bAmjWimLkMqqepK2yRKxsAdDXfx87
XMT6WAkdB2c3E3ggp4dA4cpWa9YJEfGwJO1aXjmSK7ZBwqRUNi5CTWbqAsxX3CL9
LlMqFELV9rt7s3ghIFtskzpFVd1o4Whi+WtD9CQlF3bx7NABjo9PNvt3IwsGegwT
oeC63ZsZWs43VQ4Qcet/5L3H15lvP+kSM6X+EgIpd9+d1TZ5e0+os6Q3QwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFodkX2nXClH8qop9giJoJVX/aAJMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvV2gyUmZhZGNLVWZ5cWluMkNJbWdsVmY5b0FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZT/MA0G
CSqGSIb3DQEBCwUAA4IBAQAc5Pnu4tBYEDec05zRibfe8IdDUEunsxP4+u+vfvnT
T5xybhyM3dV8VKskbJuSDXJFXPSETYCGNDB//I8POGHL0mjUpx3IHJe+V0woUi6k
mryx8JC3BzTR5l7M1dB0jwG3Run1Ot77Os7cM0abXxnWSTAeEDs0qHsQhG/3InPk
ZOmJGkRwJitmGvhSSg0aFman51sY4aW+IMyi4to/eGjmsIa1ZPRECtKi4bgPk6Iv
GJo2M7bHl0kckEnrOPBCCZb7bkZm6vFkcZOJ6yojDiGwHjVPxVhKL+vZIJlZmaGW
+lpYOPvxPZsQBTp3ESvAmbeRhIPFCAmMy/OQZX/K+9Ok
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org