Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/rCmN7Ra9dKrY6RdXNXOeyQ2vGhY.roa
File: rCmN7Ra9dKrY6RdXNXOeyQ2vGhY.roa (raw, json)
Hash identifier: nARXYf+RJdOkt/pk9cDhsCzIHJT4SngPLsZHcTbaj6I=
Subject key identifier: AC:29:8D:ED:16:BD:74:AA:D8:E9:17:57:35:73:9E:C9:0D:AF:1A:16
Certificate issuer: /CN=9cd0758825dd89cfee5fdecc7dcb651f0a5d1018
Certificate serial: 0185715536FDD9DA76719BD4A1079083A07A
Authority key identifier: 9C:D0:75:88:25:DD:89:CF:EE:5F:DE:CC:7D:CB:65:1F:0A:5D:10:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nNB1iCXdic_uX97MfctlHwpdEBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/rCmN7Ra9dKrY6RdXNXOeyQ2vGhY.roa
Signing time: Mon 02 Jan 2023 07:14:48 +0000
ROA not before: Mon 02 Jan 2023 07:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42724
IP address blocks: 45.11.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:36:fd:d9:da:76:71:9b:d4:a1:07:90:83:a0:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cd0758825dd89cfee5fdecc7dcb651f0a5d1018
Validity
Not Before: Jan 2 07:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac298ded16bd74aad8e9175735739ec90daf1a16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:45:c2:14:66:83:45:a2:2a:1d:30:71:60:1a:
99:b4:b5:20:ea:4b:89:12:38:7d:a3:2c:8f:9b:4a:
fc:fc:de:6b:86:8c:3b:7d:6b:a4:18:d3:b1:46:79:
0a:84:c9:37:12:31:b6:46:0f:93:6a:49:a0:86:92:
90:10:7b:5d:60:0b:2c:84:ff:71:b4:7e:22:b6:47:
29:43:e1:73:12:26:82:4a:fc:1f:2d:3b:12:55:b3:
12:7d:da:ce:15:a5:c5:da:60:0d:e9:42:71:8a:2a:
77:80:9a:bd:2e:ce:d2:4f:4b:85:41:0e:ff:c5:71:
b1:c6:19:56:1c:a7:77:a5:e3:c0:3a:1b:29:c9:c7:
02:95:dc:0f:fa:6c:3d:12:ca:ba:66:92:19:a8:88:
cf:cd:dc:44:58:fe:f1:96:0a:af:67:35:39:26:76:
4c:94:13:7e:3a:15:da:c4:65:1b:1a:8d:af:22:a7:
2e:4e:f9:a8:c0:c2:49:9c:bc:f8:9c:40:72:0a:e9:
1c:31:a3:08:0b:7a:4c:6e:5d:95:ab:80:68:b7:92:
03:17:29:03:da:0f:ff:79:e5:04:e0:4b:87:0c:86:
fb:b7:46:80:c6:0b:87:51:8c:bd:5a:bc:ad:7d:9e:
ac:a1:1a:b3:6c:04:a4:19:17:9f:4f:8b:81:78:d0:
43:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:29:8D:ED:16:BD:74:AA:D8:E9:17:57:35:73:9E:C9:0D:AF:1A:16
X509v3 Authority Key Identifier:
keyid:9C:D0:75:88:25:DD:89:CF:EE:5F:DE:CC:7D:CB:65:1F:0A:5D:10:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nNB1iCXdic_uX97MfctlHwpdEBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/rCmN7Ra9dKrY6RdXNXOeyQ2vGhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/nNB1iCXdic_uX97MfctlHwpdEBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.99.0/24
Signature Algorithm: sha256WithRSAEncryption
76:d2:da:ba:c6:00:f6:2a:45:89:56:fa:50:b2:2a:16:d5:6b:
39:43:de:17:62:ab:1d:bb:ce:f2:26:e8:47:d9:26:3d:2b:20:
0d:26:cc:54:5a:68:4d:c9:c5:6f:c8:20:8b:90:db:9f:17:22:
a2:af:5b:04:9a:eb:5a:37:4f:dd:23:5c:70:0a:da:e9:2a:71:
24:98:c4:53:3a:4c:ad:1d:fd:45:a1:70:05:b2:ae:90:fe:53:
b1:00:a6:aa:47:b1:cf:69:8f:43:39:fc:78:4b:8a:4f:0d:9a:
da:4b:5f:2e:d4:55:fb:cb:d6:cf:ee:82:fe:fc:a3:7d:75:f5:
20:5c:9f:f3:69:c0:6d:d8:b7:26:b4:60:46:b4:fb:5f:33:e0:
c9:a5:a0:20:87:80:fa:09:31:2e:78:de:a6:99:f7:eb:c0:75:
af:92:d7:8b:37:cd:8a:80:24:97:1b:c9:8a:f2:69:2b:80:05:
72:1e:33:7e:6d:42:f2:de:cd:8c:42:7a:82:fe:83:75:02:04:
12:8d:6f:16:86:3c:0f:1b:bb:ae:d8:c8:25:b0:40:8c:9f:44:
79:22:a8:4f:2c:83:fe:65:5d:37:9d:9b:8e:67:53:96:32:54:
20:c3:25:f1:07:37:32:fa:7c:cb:b5:cd:da:ca:62:e2:f9:59:
9f:04:cd:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxVTb92dp2cZvUoQeQg6B6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZDA3NTg4MjVkZDg5Y2ZlZTVmZGVjYzdkY2I2NTFmMGE1
ZDEwMTgwHhcNMjMwMTAyMDcxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzI5OGRlZDE2YmQ3NGFhZDhlOTE3NTczNTczOWVjOTBkYWYxYTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkXCFGaDRaIqHTBxYBqZtLUg6kuJ
Ejh9oyyPm0r8/N5rhow7fWukGNOxRnkKhMk3EjG2Rg+TakmghpKQEHtdYAsshP9x
tH4itkcpQ+FzEiaCSvwfLTsSVbMSfdrOFaXF2mAN6UJxiip3gJq9Ls7ST0uFQQ7/
xXGxxhlWHKd3pePAOhspyccCldwP+mw9Esq6ZpIZqIjPzdxEWP7xlgqvZzU5JnZM
lBN+OhXaxGUbGo2vIqcuTvmowMJJnLz4nEByCukcMaMIC3pMbl2Vq4Bot5IDFykD
2g//eeUE4EuHDIb7t0aAxguHUYy9WrytfZ6soRqzbASkGRefT4uBeNBDnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKwpje0WvXSq2OkXVzVznskNrxoWMB8GA1UdIwQY
MBaAFJzQdYgl3YnP7l/ezH3LZR8KXRAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk5CMWlDWGRpY191WDk3TWZjdGxId3BkRUJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wZTY1MWUtOTBjNy00YWNkLTk3Yjkt
YTU0ZjhlNDgxM2U3LzEvckNtTjdSYTlkS3JZNlJkWE5YT2V5UTJ2R2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wZTY1MWUtOTBjNy00YWNkLTk3YjktYTU0ZjhlNDgxM2U3
LzEvbk5CMWlDWGRpY191WDk3TWZjdGxId3BkRUJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQtjMA0G
CSqGSIb3DQEBCwUAA4IBAQB20tq6xgD2KkWJVvpQsioW1Ws5Q94XYqsdu87yJuhH
2SY9KyANJsxUWmhNycVvyCCLkNufFyKir1sEmutaN0/dI1xwCtrpKnEkmMRTOkyt
Hf1FoXAFsq6Q/lOxAKaqR7HPaY9DOfx4S4pPDZraS18u1FX7y9bP7oL+/KN9dfUg
XJ/zacBt2LcmtGBGtPtfM+DJpaAgh4D6CTEueN6mmffrwHWvkteLN82KgCSXG8mK
8mkrgAVyHjN+bULy3s2MQnqC/oN1AgQSjW8WhjwPG7uu2MglsECMn0R5IqhPLIP+
ZV03nZuOZ1OWMlQgwyXxBzcy+nzLtc3aymLi+VmfBM13
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:00 2023 by rpki-client on console-fra.rpki-client.org