Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/34352e36362e3135312e302f32342d3234203d3e203134343435.roa
File: 34352e36362e3135312e302f32342d3234203d3e203134343435.roa (raw, json)
Hash identifier: sbQZAarDOPBDEu2y/4s1HWuu0GLNFowkYXPZj8B/IPk=
Subject key identifier: 0A:A1:7A:BC:8C:92:E5:27:4A:62:C2:63:4D:24:D2:BF:93:C0:01:DC
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 3952B316C6A2C60117229581D4C9F6824B79014C
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/34352e36362e3135312e302f32342d3234203d3e203134343435.roa
Signing time: Thu 28 Mar 2024 11:10:23 +0000
ROA not before: Thu 28 Mar 2024 11:05:23 +0000
ROA not after: Thu 27 Mar 2025 11:10:23 +0000
asID: 14445
IP address blocks: 45.66.151.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:52:b3:16:c6:a2:c6:01:17:22:95:81:d4:c9:f6:82:4b:79:01:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Mar 28 11:05:23 2024 GMT
Not After : Mar 27 11:10:23 2025 GMT
Subject: CN=0AA17ABC8C92E5274A62C2634D24D2BF93C001DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6e:2d:e8:36:58:e2:f4:33:12:ec:bd:70:68:
bc:ad:6a:34:81:ea:d6:5a:1b:e4:ba:af:8d:1c:f8:
f5:12:85:99:aa:d8:67:ab:2d:72:58:1a:4a:f2:e9:
7d:13:b9:96:a0:48:84:f3:c7:f7:dc:ae:3e:88:8b:
64:83:db:5a:fc:c6:4f:11:b6:d3:7d:9f:d8:a5:1b:
e1:e9:bc:09:6b:18:4b:1c:e0:0c:b6:50:f5:84:df:
b6:12:d9:b6:59:89:ab:f6:58:d1:fd:1b:b2:c2:8a:
92:c5:07:55:85:01:4f:16:44:e4:bc:8f:92:e0:b4:
76:64:c3:7e:0b:bc:da:b2:92:a8:45:c0:0a:02:f7:
f3:1a:6f:ee:f4:9e:65:c8:1a:52:94:af:64:fc:cf:
71:5b:7f:d0:ee:fa:06:65:f5:1d:a6:59:27:10:3e:
b7:41:ca:a9:67:82:12:01:0a:52:5b:dd:7d:42:39:
e8:62:b8:68:ed:ba:34:0b:98:75:91:b6:24:9e:0c:
dc:6d:89:48:d5:d9:90:cd:d9:97:75:fc:e2:af:4a:
13:01:27:4a:a1:6f:af:b4:1c:9a:06:04:9b:60:a0:
e4:f1:53:04:0a:e7:8c:db:3d:ba:d1:93:24:67:77:
89:e3:14:9b:bd:fc:01:58:b4:d5:3c:63:56:9c:9d:
a2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A1:7A:BC:8C:92:E5:27:4A:62:C2:63:4D:24:D2:BF:93:C0:01:DC
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/34352e36362e3135312e302f32342d3234203d3e203134343435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.151.0/24
Signature Algorithm: sha256WithRSAEncryption
65:c9:c2:29:ce:4b:8d:32:80:06:6e:bb:c6:fa:88:fc:11:c1:
8a:01:dd:bf:c3:3b:ad:99:1c:71:a7:04:50:60:5a:b5:30:70:
dc:e3:db:16:37:df:22:58:90:b8:be:83:05:9a:f1:2d:37:05:
70:66:3b:08:3f:63:3d:5d:c6:31:9b:0b:a7:48:dd:a5:7b:b4:
c7:ca:a3:fe:e5:8a:6d:df:20:0b:5e:e2:78:b2:03:07:5e:1d:
39:98:15:c1:f8:c1:9d:4b:32:48:c9:e4:04:15:a3:08:52:4c:
7d:ef:38:15:11:a1:c7:52:8b:20:35:9d:3e:1a:7b:2d:0e:05:
80:b8:6d:8a:b6:b8:0b:7a:72:31:01:41:47:5b:d6:a1:9f:f3:
bc:d8:db:e9:39:98:e2:39:b9:09:5e:74:7a:bb:59:e0:38:06:
a7:6b:73:2f:41:52:ab:74:4d:96:38:63:e8:b1:b8:d5:36:35:
83:ad:31:50:40:9c:6e:2b:8a:5e:78:57:38:04:52:ae:80:a9:
1b:bd:54:79:6f:80:d4:da:c5:7a:11:85:34:bb:1a:ed:36:de:
e9:78:41:2a:b2:36:6f:79:f7:55:40:47:2a:bc:e4:94:ab:6b:
c3:3a:ac:f1:9f:c6:35:dd:c7:c1:7c:00:05:14:85:23:12:df:
77:dc:5a:c4
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUOVKzFsaixgEXIpWB1Mn2gkt5AUwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNDAzMjgxMTA1MjNaFw0yNTAzMjcxMTEwMjNaMDMxMTAvBgNV
BAMTKDBBQTE3QUJDOEM5MkU1Mjc0QTYyQzI2MzREMjREMkJGOTNDMDAxREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVbi3oNlji9DMS7L1waLytajSB
6tZaG+S6r40c+PUShZmq2GerLXJYGkry6X0TuZagSITzx/fcrj6Ii2SD21r8xk8R
ttN9n9ilG+HpvAlrGEsc4Ay2UPWE37YS2bZZiav2WNH9G7LCipLFB1WFAU8WROS8
j5LgtHZkw34LvNqykqhFwAoC9/Mab+70nmXIGlKUr2T8z3Fbf9Du+gZl9R2mWScQ
PrdByqlnghIBClJb3X1COehiuGjtujQLmHWRtiSeDNxtiUjV2ZDN2Zd1/OKvShMB
J0qhb6+0HJoGBJtgoOTxUwQK54zbPbrRkyRnd4njFJu9/AFYtNU8Y1acnaJ9AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUCqF6vIyS5SdKYsJjTSTSv5PAAdwwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzQzNTJlMzYzNjJlMzEzNTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDM0MzQzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1C
lzANBgkqhkiG9w0BAQsFAAOCAQEAZcnCKc5LjTKABm67xvqI/BHBigHdv8M7rZkc
cacEUGBatTBw3OPbFjffIliQuL6DBZrxLTcFcGY7CD9jPV3GMZsLp0jdpXu0x8qj
/uWKbd8gC17ieLIDB14dOZgVwfjBnUsySMnkBBWjCFJMfe84FRGhx1KLIDWdPhp7
LQ4FgLhtira4C3pyMQFBR1vWoZ/zvNjb6TmY4jm5CV50ertZ4DgGp2tzL0FSq3RN
ljhj6LG41TY1g60xUECcbiuKXnhXOARSroCpG71UeW+A1NrFehGFNLsa7Tbe6XhB
KrI2b3n3VUBHKrzklKtrwzqs8Z/GNd3HwXwABRSFIxLfd9xaxA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 12:41:07 2024 by rpki-client on console-fra.rpki-client.org