Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/AquuzQKN3wJc5hcPSsgkhgJ6SmI.roa
File: AquuzQKN3wJc5hcPSsgkhgJ6SmI.roa (raw, json)
Hash identifier: LyNExUJ4Fv1zVvg/C/q+5Tkbn2ECT7JSTIuiKxZtrno=
Subject key identifier: 02:AB:AE:CD:02:8D:DF:02:5C:E6:17:0F:4A:C8:24:86:02:7A:4A:62
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 018572FA5A3A554D6C4DDB95FC36C6A24B5B
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/AquuzQKN3wJc5hcPSsgkhgJ6SmI.roa
Signing time: Mon 02 Jan 2023 14:54:47 +0000
ROA not before: Mon 02 Jan 2023 14:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31262
IP address blocks: 212.49.145.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:5a:3a:55:4d:6c:4d:db:95:fc:36:c6:a2:4b:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 2 14:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02abaecd028ddf025ce6170f4ac82486027a4a62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ff:f3:99:4c:c7:6d:40:4b:82:1a:39:f9:9d:
d8:8a:4a:48:4c:83:24:0c:39:0e:5e:6c:c6:07:14:
5e:d2:11:f5:5b:d1:07:b8:83:87:26:87:11:e3:a3:
8c:56:93:8f:1a:32:2d:ac:31:ec:99:cb:49:8e:8b:
1d:ed:d5:96:c1:25:73:b5:0c:c2:f4:ab:60:10:e8:
e1:e3:e9:51:f4:e4:66:be:0d:f1:41:d5:7d:11:47:
81:94:20:9d:44:00:a8:31:41:37:36:da:d1:ad:25:
a1:7b:44:65:08:ad:2c:d6:b7:5f:d2:50:ba:a5:62:
20:73:a2:e3:92:be:50:03:3e:4f:5d:a5:35:ed:72:
49:47:44:02:d7:91:ec:7c:d9:c6:a9:62:3c:15:6d:
81:9d:94:70:55:aa:e8:6d:67:2d:47:d5:3b:f3:a0:
78:9f:41:57:7d:7b:a7:d2:ec:42:a7:f4:da:77:fb:
8d:37:37:22:30:8f:e9:8f:85:53:6c:5d:84:e3:07:
ab:70:ca:de:c4:0c:23:27:87:8c:f4:2a:19:72:10:
dd:a5:b4:e9:8a:15:7f:18:77:e5:21:c6:ce:1e:33:
1a:3d:3f:e0:c0:4c:3b:50:d5:81:4a:57:8d:80:0f:
76:62:95:7f:55:88:e0:5b:30:44:bd:b0:72:d7:e4:
1b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:AB:AE:CD:02:8D:DF:02:5C:E6:17:0F:4A:C8:24:86:02:7A:4A:62
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/AquuzQKN3wJc5hcPSsgkhgJ6SmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.49.145.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:9a:b9:2d:84:31:6f:60:0e:45:56:b8:53:65:d2:f1:f0:07:
52:fb:91:aa:1c:f8:85:12:7e:45:8e:9d:f5:ea:68:c6:37:7b:
cb:d9:71:f2:5f:53:5a:b6:55:f0:95:48:e1:80:76:73:69:bb:
77:e1:fc:8c:39:28:73:e2:ab:2d:56:e8:0f:2f:7a:b0:c4:27:
3a:9d:36:b3:18:5c:c2:9e:1f:bc:21:e9:70:24:2a:1c:d3:74:
ca:c1:f2:27:cb:b7:4a:b2:b2:ec:ec:9c:35:2b:c5:25:c9:ad:
1b:df:ea:f3:df:a8:d1:90:31:cb:2d:d3:10:ce:88:b1:77:22:
da:f6:ac:e4:5d:a5:07:d5:c4:36:9e:10:31:ad:82:84:34:18:
88:e0:27:49:2e:f6:3d:d0:bd:c8:74:90:6c:f4:f5:03:fa:dc:
48:5f:aa:d5:97:17:8a:90:1d:1f:9f:44:5d:ab:2d:e3:5e:14:
f7:e7:1b:d9:a5:ab:3b:b4:fd:6b:a8:4b:0d:ee:c1:0b:73:5f:
f3:7b:00:fb:43:e3:b8:b6:d5:df:26:e8:7a:22:30:ee:c5:54:
71:fc:87:40:ed:d0:85:15:0c:39:be:75:7c:6b:36:03:bb:bf:
09:cc:16:51:30:c3:37:5f:b3:fe:dd:bf:93:cb:70:e7:18:38:
9c:05:46:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+lo6VU1sTduV/DbGoktbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjMwMTAyMTQ1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmFiYWVjZDAyOGRkZjAyNWNlNjE3MGY0YWM4MjQ4NjAyN2E0YTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtf/zmUzHbUBLgho5+Z3YikpITIMk
DDkOXmzGBxRe0hH1W9EHuIOHJocR46OMVpOPGjItrDHsmctJjosd7dWWwSVztQzC
9KtgEOjh4+lR9ORmvg3xQdV9EUeBlCCdRACoMUE3NtrRrSWhe0RlCK0s1rdf0lC6
pWIgc6Ljkr5QAz5PXaU17XJJR0QC15HsfNnGqWI8FW2BnZRwVarobWctR9U786B4
n0FXfXun0uxCp/Tad/uNNzciMI/pj4VTbF2E4wercMrexAwjJ4eM9CoZchDdpbTp
ihV/GHflIcbOHjMaPT/gwEw7UNWBSleNgA92YpV/VYjgWzBEvbBy1+Qb0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAKrrs0Cjd8CXOYXD0rIJIYCekpiMB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvQXF1dXpRS04zd0pjNWhjUFNzZ2toZ0o2U21JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEtYTg3MWVjYzIxMmE2
LzEvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1DGRMA0G
CSqGSIb3DQEBCwUAA4IBAQDUmrkthDFvYA5FVrhTZdLx8AdS+5GqHPiFEn5Fjp31
6mjGN3vL2XHyX1NatlXwlUjhgHZzabt34fyMOShz4qstVugPL3qwxCc6nTazGFzC
nh+8IelwJCoc03TKwfIny7dKsrLs7Jw1K8Ulya0b3+rz36jRkDHLLdMQzoixdyLa
9qzkXaUH1cQ2nhAxrYKENBiI4CdJLvY90L3IdJBs9PUD+txIX6rVlxeKkB0fn0Rd
qy3jXhT35xvZpas7tP1rqEsN7sELc1/zewD7Q+O4ttXfJuh6IjDuxVRx/IdA7dCF
FQw5vnV8azYDu78JzBZRMMM3X7P+3b+Ty3DnGDicBUbO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:19 2025 by rpki-client