Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/fdHE7MhLXjzoo2K8vHJZMzJL9WQ.roa
File: fdHE7MhLXjzoo2K8vHJZMzJL9WQ.roa (raw, json)
Hash identifier: KwiYKy3Zi7RKFupXqBITrQTZxPRn/YqF4cnXbGg+XU8=
Subject key identifier: 7D:D1:C4:EC:C8:4B:5E:3C:E8:A3:62:BC:BC:72:59:33:32:4B:F5:64
Certificate issuer: /CN=9cd0758825dd89cfee5fdecc7dcb651f0a5d1018
Certificate serial: 0185715537D0389C4F9069CF7029467CAD2C
Authority key identifier: 9C:D0:75:88:25:DD:89:CF:EE:5F:DE:CC:7D:CB:65:1F:0A:5D:10:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nNB1iCXdic_uX97MfctlHwpdEBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/fdHE7MhLXjzoo2K8vHJZMzJL9WQ.roa
Signing time: Mon 02 Jan 2023 07:14:48 +0000
ROA not before: Mon 02 Jan 2023 07:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44547
IP address blocks: 45.11.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:37:d0:38:9c:4f:90:69:cf:70:29:46:7c:ad:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cd0758825dd89cfee5fdecc7dcb651f0a5d1018
Validity
Not Before: Jan 2 07:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7dd1c4ecc84b5e3ce8a362bcbc725933324bf564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c5:2a:2a:ad:ef:c0:05:7d:7c:d4:e3:cf:55:
d7:3d:a7:ad:d9:d4:c9:7a:37:47:1c:3a:71:4f:1a:
fb:a6:5a:4b:ba:9b:3c:52:57:1c:9d:6c:d8:1c:f6:
01:43:aa:06:93:d2:80:28:e5:98:44:ca:14:58:b7:
c1:7a:69:0c:01:8e:d1:3d:d3:75:92:5b:bf:b5:a2:
0f:45:9a:39:82:c6:a1:af:4a:e1:93:e9:35:9b:56:
ea:9f:5a:57:23:1b:91:5a:09:a1:5f:a3:a8:0b:34:
66:51:68:5b:1e:12:e8:da:8a:fb:e8:8d:36:fe:fc:
f4:11:b3:b9:79:de:dc:41:ac:ad:c3:a8:32:c9:b5:
c7:51:8d:64:9c:e6:7a:90:d5:ed:22:4b:8b:53:2b:
27:cd:8b:51:70:4f:d6:3d:5e:11:0e:e7:11:22:16:
5f:65:f5:67:ec:e4:8a:a8:1f:e8:1a:be:cc:da:02:
54:bb:a7:5a:47:61:92:d9:71:19:97:cb:77:32:22:
ae:52:85:c2:2e:57:0e:86:09:66:32:c9:c3:ab:43:
06:03:59:a7:81:5f:db:f2:ff:aa:ba:89:37:ba:e0:
b8:34:c4:5c:67:c3:ad:de:b9:d8:07:33:66:75:ed:
99:df:14:77:3e:72:27:04:f0:ce:1f:30:1f:aa:a7:
37:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D1:C4:EC:C8:4B:5E:3C:E8:A3:62:BC:BC:72:59:33:32:4B:F5:64
X509v3 Authority Key Identifier:
keyid:9C:D0:75:88:25:DD:89:CF:EE:5F:DE:CC:7D:CB:65:1F:0A:5D:10:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nNB1iCXdic_uX97MfctlHwpdEBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/fdHE7MhLXjzoo2K8vHJZMzJL9WQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/nNB1iCXdic_uX97MfctlHwpdEBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.99.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:38:c4:a0:23:55:39:9b:80:01:fd:6e:95:00:ff:53:eb:5a:
67:df:44:fa:a5:62:31:cb:f3:20:00:d0:f9:3d:de:9d:72:61:
ab:f0:11:16:61:ef:9a:ee:e7:08:d4:14:9b:3a:f0:1f:c7:09:
58:d8:79:53:91:88:ec:05:ce:8a:f8:6a:9a:b2:1a:2d:a4:f8:
c8:8b:57:04:83:9c:96:e2:33:94:5f:0c:5c:c9:1d:76:75:85:
28:68:a8:a3:1b:8f:9c:20:74:ed:f6:87:91:13:98:43:3f:3c:
7a:d4:c4:27:38:9b:09:42:b3:95:e5:33:3f:f4:58:44:6e:49:
90:4c:68:43:f6:8e:cc:a0:75:d8:10:5b:a3:a3:17:21:ce:0e:
98:06:22:84:86:4f:ad:4a:ab:7a:8d:6c:17:b8:53:fe:7f:b0:
1c:99:55:9c:d4:fe:ce:fa:91:b8:c2:ba:1d:5b:4c:41:d2:79:
d7:2c:c2:01:0c:6e:85:78:77:b2:3e:7b:2e:cb:8f:5c:2b:ec:
f6:16:1c:10:bc:1a:d2:8b:94:52:9a:d0:84:39:0b:d5:48:78:
9c:91:fc:9c:87:41:65:b9:bf:6a:c5:38:10:e1:44:8d:b4:21:
2a:e7:80:e5:d6:6c:f6:aa:fa:6b:8b:a6:36:e1:80:fd:a1:ef:
6c:bb:16:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxVTfQOJxPkGnPcClGfK0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZDA3NTg4MjVkZDg5Y2ZlZTVmZGVjYzdkY2I2NTFmMGE1
ZDEwMTgwHhcNMjMwMTAyMDcxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGQxYzRlY2M4NGI1ZTNjZThhMzYyYmNiYzcyNTkzMzMyNGJmNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsUqKq3vwAV9fNTjz1XXPaet2dTJ
ejdHHDpxTxr7plpLups8UlccnWzYHPYBQ6oGk9KAKOWYRMoUWLfBemkMAY7RPdN1
klu/taIPRZo5gsahr0rhk+k1m1bqn1pXIxuRWgmhX6OoCzRmUWhbHhLo2or76I02
/vz0EbO5ed7cQaytw6gyybXHUY1knOZ6kNXtIkuLUysnzYtRcE/WPV4RDucRIhZf
ZfVn7OSKqB/oGr7M2gJUu6daR2GS2XEZl8t3MiKuUoXCLlcOhglmMsnDq0MGA1mn
gV/b8v+quok3uuC4NMRcZ8Ot3rnYBzNmde2Z3xR3PnInBPDOHzAfqqc3owIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH3RxOzIS1486KNivLxyWTMyS/VkMB8GA1UdIwQY
MBaAFJzQdYgl3YnP7l/ezH3LZR8KXRAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk5CMWlDWGRpY191WDk3TWZjdGxId3BkRUJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wZTY1MWUtOTBjNy00YWNkLTk3Yjkt
YTU0ZjhlNDgxM2U3LzEvZmRIRTdNaExYanpvbzJLOHZISlpNekpMOVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wZTY1MWUtOTBjNy00YWNkLTk3YjktYTU0ZjhlNDgxM2U3
LzEvbk5CMWlDWGRpY191WDk3TWZjdGxId3BkRUJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQtjMA0G
CSqGSIb3DQEBCwUAA4IBAQBtOMSgI1U5m4AB/W6VAP9T61pn30T6pWIxy/MgAND5
Pd6dcmGr8BEWYe+a7ucI1BSbOvAfxwlY2HlTkYjsBc6K+GqashotpPjIi1cEg5yW
4jOUXwxcyR12dYUoaKijG4+cIHTt9oeRE5hDPzx61MQnOJsJQrOV5TM/9FhEbkmQ
TGhD9o7MoHXYEFujoxchzg6YBiKEhk+tSqt6jWwXuFP+f7AcmVWc1P7O+pG4wrod
W0xB0nnXLMIBDG6FeHeyPnsuy49cK+z2FhwQvBrSi5RSmtCEOQvVSHickfych0Fl
ub9qxTgQ4USNtCEq54Dl1mz2qvpri6Y24YD9oe9suxaD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:36 2024 by rpki-client on console-ams.rpki-client.org