Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/WCwliMVseoOF1tdQu6NRNaU1090.roa
File: WCwliMVseoOF1tdQu6NRNaU1090.roa (raw, json)
Hash identifier: s/xUZgXGGDVNkEbmEfFU71Kq+RrnSMt7kus91yBbjAI=
Subject key identifier: 58:2C:25:88:C5:6C:7A:83:85:D6:D7:50:BB:A3:51:35:A5:35:D3:DD
Certificate issuer: /CN=39019f9c0ab29b42e0db12e9ac87b327bfc55af9
Certificate serial: 09148F5C
Authority key identifier: 39:01:9F:9C:0A:B2:9B:42:E0:DB:12:E9:AC:87:B3:27:BF:C5:5A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/WCwliMVseoOF1tdQu6NRNaU1090.roa
Signing time: Thu 12 May 2022 10:47:37 +0000
ROA not before: Thu 12 May 2022 10:47:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208722
IP address blocks: 45.87.132.0/22 maxlen: 24
2a0e:fd80::/29 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152342364 (0x9148f5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39019f9c0ab29b42e0db12e9ac87b327bfc55af9
Validity
Not Before: May 12 10:47:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=582c2588c56c7a8385d6d750bba35135a535d3dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3e:52:ac:cd:bc:15:62:d7:65:57:c0:7b:b2:
28:92:9a:63:f1:e0:a0:af:22:92:57:77:40:e4:87:
18:02:95:b2:ee:00:bb:a4:1c:52:3d:a2:64:37:e9:
20:a1:9f:53:ef:38:5f:a8:3d:44:60:31:21:ab:3d:
a8:92:79:c8:2a:59:09:73:d2:4b:81:47:64:8e:d9:
9a:06:c7:fe:a1:7f:8d:e2:44:a2:86:eb:a3:91:37:
88:17:32:f2:1a:7c:64:bf:91:c1:d2:44:7e:ba:8d:
47:e8:8a:5f:bd:66:be:8f:80:8c:ef:68:6e:d5:eb:
94:95:00:b1:bd:b2:11:42:27:78:e3:4e:28:f6:45:
0a:ea:df:5f:91:89:20:0a:30:90:1b:16:87:a2:e0:
e3:98:a0:d1:09:4b:4a:6b:ec:8d:c8:18:1e:7d:b3:
2b:46:18:db:20:94:3f:92:83:71:c2:c0:12:88:d0:
a7:96:40:9b:e8:c7:93:3a:81:e9:92:59:16:49:e2:
6f:ed:26:cc:3d:c9:a7:3d:85:34:96:54:aa:79:43:
69:8b:72:1f:19:f7:03:18:24:a1:e3:30:9d:d5:93:
d5:60:71:8e:d5:60:f4:20:ee:a0:45:df:0c:e9:72:
4b:8b:44:c1:da:6d:53:f9:28:33:3f:a4:ff:39:63:
0c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:2C:25:88:C5:6C:7A:83:85:D6:D7:50:BB:A3:51:35:A5:35:D3:DD
X509v3 Authority Key Identifier:
keyid:39:01:9F:9C:0A:B2:9B:42:E0:DB:12:E9:AC:87:B3:27:BF:C5:5A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/WCwliMVseoOF1tdQu6NRNaU1090.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.132.0/22
IPv6:
2a0e:fd80::/29
Signature Algorithm: sha256WithRSAEncryption
0f:e6:ca:2d:c8:38:25:55:40:02:b3:64:40:89:e3:10:52:80:
6c:4b:36:8e:d1:1c:db:4c:d0:4c:9d:ac:46:df:59:9b:cb:46:
0e:e5:8b:27:2d:42:81:db:f1:a7:01:5e:c4:8f:b6:22:5b:26:
3a:11:7b:4f:5f:0b:98:7c:cf:c9:4a:d4:7a:75:ed:8e:41:d8:
5e:57:42:b7:94:b0:70:9d:11:83:80:5d:3a:b0:37:2a:2a:ad:
ec:7c:c1:21:71:65:c5:3b:b7:19:91:8b:49:51:8e:44:49:6a:
25:c7:19:2f:d6:97:6b:ea:4e:44:b5:92:a5:47:eb:4d:48:80:
e5:5e:3a:b5:b6:e0:10:bd:49:78:b8:d0:f2:8c:7d:85:8f:b4:
0b:dc:68:43:c5:29:c3:65:be:86:ce:af:35:f3:e5:02:df:3a:
b9:b5:86:3e:a2:9c:b5:eb:da:84:5a:7c:44:cc:ee:15:f4:fc:
0c:33:7a:5f:56:eb:e8:09:e1:4d:fd:0f:0b:53:d9:82:f3:d4:
97:e9:52:2b:d9:c8:7b:a3:b6:43:94:ed:a7:c6:0a:30:c1:0d:
0b:3a:e3:01:af:f4:07:52:37:ee:42:56:ae:55:00:f2:fb:9b:
cf:90:48:27:f0:48:71:cd:a6:81:86:38:60:58:c8:55:bc:20:
35:c8:f6:82
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECRSPXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OTAxOWY5YzBhYjI5YjQyZTBkYjEyZTlhYzg3YjMyN2JmYzU1YWY5MB4XDTIyMDUx
MjEwNDczN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTgyYzI1ODhjNTZj
N2E4Mzg1ZDZkNzUwYmJhMzUxMzVhNTM1ZDNkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMI+UqzNvBVi12VXwHuyKJKaY/HgoK8ikld3QOSHGAKVsu4A
u6QcUj2iZDfpIKGfU+84X6g9RGAxIas9qJJ5yCpZCXPSS4FHZI7ZmgbH/qF/jeJE
oobro5E3iBcy8hp8ZL+RwdJEfrqNR+iKX71mvo+AjO9obtXrlJUAsb2yEUIneONO
KPZFCurfX5GJIAowkBsWh6Lg45ig0QlLSmvsjcgYHn2zK0YY2yCUP5KDccLAEojQ
p5ZAm+jHkzqB6ZJZFknib+0mzD3Jpz2FNJZUqnlDaYtyHxn3AxgkoeMwndWT1WBx
jtVg9CDuoEXfDOlyS4tEwdptU/koMz+k/zljDOMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRYLCWIxWx6g4XW11C7o1E1pTXT3TAfBgNVHSMEGDAWgBQ5AZ+cCrKbQuDb
Eumsh7Mnv8Va+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09RR2ZuQXF5bTBMZzJ4THBySWV6SjdfRld2ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvNDMwYzgxLWVlNGItNGU4OC1hMzZmLTc4OGY1YTU4MDQ0Zi8x
L1dDd2xpTVZzZW9PRjF0ZFF1Nk5STmFVMTA5MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
NDMwYzgxLWVlNGItNGU4OC1hMzZmLTc4OGY1YTU4MDQ0Zi8xL09RR2ZuQXF5bTBM
ZzJ4THBySWV6SjdfRld2ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi1XhDANBAIAAjAHAwUDKg79gDAN
BgkqhkiG9w0BAQsFAAOCAQEAD+bKLcg4JVVAArNkQInjEFKAbEs2jtEc20zQTJ2s
Rt9Zm8tGDuWLJy1CgdvxpwFexI+2IlsmOhF7T18LmHzPyUrUenXtjkHYXldCt5Sw
cJ0Rg4BdOrA3Kiqt7HzBIXFlxTu3GZGLSVGORElqJccZL9aXa+pORLWSpUfrTUiA
5V46tbbgEL1JeLjQ8ox9hY+0C9xoQ8Upw2W+hs6vNfPlAt86ubWGPqKctevahFp8
RMzuFfT8DDN6X1br6AnhTf0PC1PZgvPUl+lSK9nIe6O2Q5Ttp8YKMMENCzrjAa/0
B1I37kJWrlUA8vubz5BIJ/BIcc2mgYY4YFjIVbwgNcj2gg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:22 2024 by rpki-client on console-fra.rpki-client.org