Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/8u2Q0XJ0_I4JbxbQbCmARuCGK6c.roa
File: 8u2Q0XJ0_I4JbxbQbCmARuCGK6c.roa (raw, json)
Hash identifier: o7d9AuSVgBoakx6QLoKXcW/OemJcsXL9M8XNo9ITHXU=
Subject key identifier: F2:ED:90:D1:72:74:FC:8E:09:6F:16:D0:6C:29:80:46:E0:86:2B:A7
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 01856D4195E198FEF85FF752EFD9C0055BBA
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/8u2Q0XJ0_I4JbxbQbCmARuCGK6c.roa
Signing time: Sun 01 Jan 2023 12:14:52 +0000
ROA not before: Sun 01 Jan 2023 12:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44667
IP address blocks: 45.157.252.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:95:e1:98:fe:f8:5f:f7:52:ef:d9:c0:05:5b:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jan 1 12:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2ed90d17274fc8e096f16d06c298046e0862ba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:81:7b:2c:fa:c7:b7:11:30:cf:37:3b:0c:9f:
17:6c:38:c3:29:19:bd:15:99:55:f7:ac:6a:cf:e7:
d1:32:da:a4:6d:c2:e1:89:2c:f8:2e:8e:c2:43:1d:
43:1f:62:4b:75:6f:a9:82:bb:ac:3e:8f:8d:b8:96:
4a:80:f7:b9:b2:67:bd:d9:52:41:46:aa:75:7d:24:
80:bb:e2:de:92:71:a7:1b:83:0d:41:ce:fc:e2:15:
8b:f6:a9:dd:25:07:51:24:c2:4c:2a:54:c5:0c:12:
3c:3e:12:33:08:ca:d7:9c:65:66:e3:4d:3e:4a:14:
96:58:ce:f9:61:6f:6f:ab:bc:34:35:f4:af:f8:5f:
4a:89:19:78:64:47:59:30:2a:91:77:8b:f6:54:ef:
94:15:7a:4a:bb:0c:05:2f:21:4f:0c:8d:b0:34:02:
f1:c3:2e:b7:91:b5:d7:87:39:40:7e:1b:56:83:46:
54:0f:99:89:55:7b:71:87:c9:d7:78:21:a8:87:7a:
5d:50:c7:e8:d3:ef:13:4c:23:4a:d7:a4:85:8d:ca:
a7:db:3b:9f:13:6c:dc:8c:d0:a3:14:e9:17:88:cf:
77:cb:4f:1d:aa:87:e9:15:15:60:63:df:34:0f:bc:
ad:64:36:48:5a:0c:60:20:c6:cf:6f:d5:4e:75:71:
fd:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:ED:90:D1:72:74:FC:8E:09:6F:16:D0:6C:29:80:46:E0:86:2B:A7
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/8u2Q0XJ0_I4JbxbQbCmARuCGK6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.252.0/22
Signature Algorithm: sha256WithRSAEncryption
61:75:e1:55:04:37:b5:e6:38:4b:12:f1:50:2a:0e:4c:04:c6:
da:07:d3:66:e9:28:58:4d:cf:ff:4a:d1:4c:63:79:58:69:83:
65:26:c4:4b:f9:84:99:06:84:67:b7:2a:56:05:5a:65:33:b8:
23:22:62:5d:5d:01:fc:59:c3:e7:ed:7c:48:20:93:62:20:08:
04:37:4b:38:14:dc:d8:1f:fa:92:19:c5:10:5c:5d:ca:fd:af:
b1:29:2e:53:b1:28:8d:2d:75:75:82:c0:36:64:75:4c:52:97:
a2:a2:71:6c:1c:78:b1:93:da:52:48:fe:44:8d:65:cf:08:81:
4f:37:96:22:c6:ff:38:0a:10:d8:cf:ee:bc:ca:41:ff:2d:8c:
45:72:5d:b1:78:47:c9:88:8f:8e:6f:f1:cd:40:68:b7:10:83:
6d:2b:ae:e1:6a:31:fe:21:65:4e:38:0a:25:00:41:75:f9:07:
82:43:e7:1b:ce:c1:c6:b3:9f:43:e2:f0:77:85:03:23:79:ba:
e8:52:6e:cd:49:34:d8:99:6b:28:75:81:8c:b3:10:90:4b:95:
be:2f:17:4a:ef:81:06:45:35:cd:86:93:cf:db:f4:54:03:15:
c3:f5:e9:b7:1b:60:db:f6:e5:fd:2e:66:5b:87:01:f5:62:5c:
88:ee:bf:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtQZXhmP74X/dS79nABVu6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjMwMTAxMTIxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmVkOTBkMTcyNzRmYzhlMDk2ZjE2ZDA2YzI5ODA0NmUwODYyYmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYF7LPrHtxEwzzc7DJ8XbDjDKRm9
FZlV96xqz+fRMtqkbcLhiSz4Lo7CQx1DH2JLdW+pgrusPo+NuJZKgPe5sme92VJB
Rqp1fSSAu+LeknGnG4MNQc784hWL9qndJQdRJMJMKlTFDBI8PhIzCMrXnGVm400+
ShSWWM75YW9vq7w0NfSv+F9KiRl4ZEdZMCqRd4v2VO+UFXpKuwwFLyFPDI2wNALx
wy63kbXXhzlAfhtWg0ZUD5mJVXtxh8nXeCGoh3pdUMfo0+8TTCNK16SFjcqn2zuf
E2zcjNCjFOkXiM93y08dqofpFRVgY980D7ytZDZIWgxgIMbPb9VOdXH9xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPLtkNFydPyOCW8W0GwpgEbghiunMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvOHUyUTBYSjBfSTRKYnhiUWJDbUFSdUNHSzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ38MA0G
CSqGSIb3DQEBCwUAA4IBAQBhdeFVBDe15jhLEvFQKg5MBMbaB9Nm6ShYTc//StFM
Y3lYaYNlJsRL+YSZBoRntypWBVplM7gjImJdXQH8WcPn7XxIIJNiIAgEN0s4FNzY
H/qSGcUQXF3K/a+xKS5TsSiNLXV1gsA2ZHVMUpeionFsHHixk9pSSP5EjWXPCIFP
N5Yixv84ChDYz+68ykH/LYxFcl2xeEfJiI+Ob/HNQGi3EINtK67hajH+IWVOOAol
AEF1+QeCQ+cbzsHGs59D4vB3hQMjebroUm7NSTTYmWsodYGMsxCQS5W+LxdK74EG
RTXNhpPP2/RUAxXD9em3G2Db9uX9LmZbhwH1YlyI7r9O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:13 2024 by rpki-client on console-fra.rpki-client.org