Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/34352e36362e3135312e302f32342d3234203d3e20323131303631.roa
File: 34352e36362e3135312e302f32342d3234203d3e20323131303631.roa (raw, json)
Hash identifier: R78Uql38suoDiMSh9d3FlVVpVSkWz+fCj4pnUBeaUaU=
Subject key identifier: BA:D5:2A:41:93:70:07:AB:11:BF:9B:58:57:5C:9F:CB:5B:78:18:36
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 20A71F831CF0FCFA9885913F75D4CF4CBE394F68
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/34352e36362e3135312e302f32342d3234203d3e20323131303631.roa
Signing time: Fri 04 Aug 2023 13:47:35 +0000
ROA not before: Fri 04 Aug 2023 13:42:35 +0000
ROA not after: Fri 02 Aug 2024 13:47:35 +0000
asID: 211061
IP address blocks: 45.66.151.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:a7:1f:83:1c:f0:fc:fa:98:85:91:3f:75:d4:cf:4c:be:39:4f:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Aug 4 13:42:35 2023 GMT
Not After : Aug 2 13:47:35 2024 GMT
Subject: CN=BAD52A41937007AB11BF9B58575C9FCB5B781836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:46:f1:b6:88:48:5b:64:07:3c:54:6f:e8:84:
a6:8f:45:8d:5d:19:24:37:c7:e9:af:27:09:4e:03:
44:b3:75:30:74:1d:ef:91:9b:0f:7b:74:43:70:95:
7c:81:d3:81:44:87:67:93:ce:96:3b:4b:b2:e8:9d:
88:68:06:b4:9d:66:8a:aa:fe:6a:00:3e:16:28:41:
d3:78:99:b1:cb:fe:b4:40:1a:9f:2f:cb:d9:1b:e3:
05:dd:66:fb:8b:55:2d:9d:de:85:47:35:00:ce:66:
27:35:3a:7b:3a:18:a6:99:d2:37:b8:d8:83:4c:77:
30:47:06:ec:0f:fe:c7:9d:96:1a:86:7a:7a:81:3c:
89:62:6a:78:68:6f:e5:b4:ae:b4:02:09:e6:1b:51:
6a:89:a2:e3:c4:aa:86:0b:dd:41:a4:2d:72:4e:23:
7e:25:11:d6:d3:63:1c:c5:04:c0:91:bc:05:db:c9:
20:c2:eb:90:5e:57:1b:5d:c5:c5:b9:18:5a:5c:52:
ce:e6:ab:08:23:3a:cf:c5:f9:3a:0e:e3:b7:cd:df:
72:28:ad:71:a0:77:b5:21:dc:16:0a:e5:37:d1:c5:
b3:33:7f:47:b5:ab:54:26:c6:b2:5b:f2:64:99:34:
cd:7f:5e:da:41:36:1d:09:40:93:7c:28:80:b0:f5:
94:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:D5:2A:41:93:70:07:AB:11:BF:9B:58:57:5C:9F:CB:5B:78:18:36
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/34352e36362e3135312e302f32342d3234203d3e20323131303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.151.0/24
Signature Algorithm: sha256WithRSAEncryption
47:b7:69:22:06:cc:96:cb:11:c5:c2:6c:2b:52:d5:76:7c:e1:
d1:e4:6f:e8:aa:56:1f:ae:44:86:3a:08:c7:20:39:bc:59:94:
ff:7e:5b:1c:49:49:a8:cd:ea:ca:a4:ab:6e:87:f1:cc:c4:8e:
ac:29:52:a9:1a:4b:25:51:35:d5:dc:09:a1:bf:0e:63:8b:5e:
75:be:e7:0a:a4:1c:98:e1:5c:b2:62:c3:62:33:66:c3:02:dc:
31:ff:2d:60:f5:d3:6f:04:e5:3b:59:d1:fa:d2:29:a0:5e:61:
dc:45:ad:1d:c1:8a:3e:81:9f:30:c9:79:ec:62:ec:fd:8f:b1:
31:f2:85:07:0e:09:ed:9d:08:bc:96:92:3c:54:97:da:0a:fb:
d1:41:a7:91:1a:74:c7:62:40:de:53:e5:61:35:d0:08:ab:90:
64:00:52:4a:c4:5d:3c:17:f2:56:f1:56:c5:63:f9:59:cd:18:
ec:ec:5d:c5:68:5e:71:6e:3f:5c:33:c4:cc:e3:91:17:30:46:
21:f0:58:ff:f6:60:1b:6e:49:46:b9:6e:68:cd:58:bb:6b:c4:
82:eb:a8:5f:a2:c9:78:05:c5:75:6e:1e:a4:80:76:09:ee:9e:
4b:a5:b7:b6:c9:42:1f:b5:37:3f:5b:60:a3:34:8c:39:6e:81:
f0:e2:98:3e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIKcfgxzw/PqYhZE/ddTPTL45T2gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yMzA4MDQxMzQyMzVaFw0yNDA4MDIxMzQ3MzVaMDMxMTAvBgNV
BAMTKEJBRDUyQTQxOTM3MDA3QUIxMUJGOUI1ODU3NUM5RkNCNUI3ODE4MzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVRvG2iEhbZAc8VG/ohKaPRY1d
GSQ3x+mvJwlOA0SzdTB0He+Rmw97dENwlXyB04FEh2eTzpY7S7LonYhoBrSdZoqq
/moAPhYoQdN4mbHL/rRAGp8vy9kb4wXdZvuLVS2d3oVHNQDOZic1Ons6GKaZ0je4
2INMdzBHBuwP/sedlhqGenqBPIlianhob+W0rrQCCeYbUWqJouPEqoYL3UGkLXJO
I34lEdbTYxzFBMCRvAXbySDC65BeVxtdxcW5GFpcUs7mqwgjOs/F+ToO47fN33Io
rXGgd7Uh3BYK5TfRxbMzf0e1q1QmxrJb8mSZNM1/XtpBNh0JQJN8KICw9ZQ3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUutUqQZNwB6sRv5tYV1yfy1t4GDYwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzQzNTJlMzYzNjJlMzEzNTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMxMzAzNjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LUKXMA0GCSqGSIb3DQEBCwUAA4IBAQBHt2kiBsyWyxHFwmwrUtV2fOHR5G/oqlYf
rkSGOgjHIDm8WZT/flscSUmozerKpKtuh/HMxI6sKVKpGkslUTXV3Amhvw5ji151
vucKpByY4VyyYsNiM2bDAtwx/y1g9dNvBOU7WdH60imgXmHcRa0dwYo+gZ8wyXns
Yuz9j7Ex8oUHDgntnQi8lpI8VJfaCvvRQaeRGnTHYkDeU+VhNdAIq5BkAFJKxF08
F/JW8VbFY/lZzRjs7F3FaF5xbj9cM8TM45EXMEYh8Fj/9mAbbklGuW5ozVi7a8SC
66hfosl4BcV1bh6kgHYJ7p5Lpbe2yUIftTc/W2CjNIw5boHw4pg+
-----END CERTIFICATE-----
Generated at Thu Jun 6 12:41:07 2024 by rpki-client on console-fra.rpki-client.org