Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/34352e382e3137322e302f32342d3234203d3e20323030343135.roa
File: 34352e382e3137322e302f32342d3234203d3e20323030343135.roa (raw, json)
Hash identifier: KfGm8oKCcj7dPsD1fNqk4qOilkoWdq266OnknCVNfLk=
Subject key identifier: 74:ED:20:51:68:10:2B:3D:09:DE:F7:E6:FB:61:0C:9E:87:32:D1:2F
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 7EFB280DB57593800A7E4A092C72269EE9CFC97A
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/34352e382e3137322e302f32342d3234203d3e20323030343135.roa
Signing time: Thu 22 Feb 2024 17:05:13 +0000
ROA not before: Thu 22 Feb 2024 17:00:13 +0000
ROA not after: Thu 20 Feb 2025 17:05:13 +0000
asID: 200415
IP address blocks: 45.8.172.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:fb:28:0d:b5:75:93:80:0a:7e:4a:09:2c:72:26:9e:e9:cf:c9:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Feb 22 17:00:13 2024 GMT
Not After : Feb 20 17:05:13 2025 GMT
Subject: CN=74ED205168102B3D09DEF7E6FB610C9E8732D12F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:10:be:f0:0b:60:4d:d0:d0:d6:08:83:69:89:
66:e4:3d:56:e5:d6:69:7e:43:6b:4e:30:2b:aa:c3:
c4:e3:db:bb:86:84:14:36:42:ae:24:76:6a:56:5b:
f3:8f:11:30:d1:e8:9a:53:5a:65:7c:b7:0d:94:9c:
d5:cd:87:e8:ac:6b:12:e5:65:9a:0b:a7:2c:4b:b2:
5c:f7:94:ce:b5:c3:62:3c:0e:1e:39:67:29:07:98:
f7:46:c8:c4:b6:eb:be:7c:3e:20:a3:aa:f0:73:2e:
a0:96:04:58:ba:e2:a2:7d:81:fa:4a:c2:40:6b:ee:
58:e4:85:78:8d:9e:c5:c3:7b:b9:87:1f:56:45:c9:
a4:2e:21:de:f9:02:a7:17:d1:7f:a0:1f:cb:45:33:
0b:e4:bd:41:df:f6:df:78:f1:d5:a4:94:e5:e7:df:
bc:8d:a7:13:2e:9e:a2:b9:59:f8:3c:91:83:86:d5:
b0:d6:fb:fe:a4:12:59:d9:54:e8:82:3f:e7:97:4e:
9c:99:1b:d5:ba:98:8d:c9:74:59:8a:37:08:bc:16:
0c:1d:87:da:05:84:2f:51:80:a4:6e:f9:42:eb:b8:
2f:af:d0:29:cd:ed:83:60:45:b2:c2:ea:a1:03:15:
7c:d3:df:13:71:9f:1c:2e:28:94:72:34:c7:97:bf:
b8:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:ED:20:51:68:10:2B:3D:09:DE:F7:E6:FB:61:0C:9E:87:32:D1:2F
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/34352e382e3137322e302f32342d3234203d3e20323030343135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.172.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:7a:42:cb:68:55:c0:22:15:70:a8:d0:ed:04:c7:0b:39:75:
52:2f:0c:ad:a8:0e:1a:c2:4e:d9:b5:57:77:bd:cb:59:e4:60:
6d:53:1f:4d:3e:7c:3c:5e:75:f9:c5:dd:88:b6:d2:ea:9c:00:
26:cc:95:c5:aa:b1:0e:e1:7b:a6:f2:bd:90:e3:44:df:80:c1:
3d:8f:dc:27:b7:6b:ee:b0:66:6a:ca:05:58:9f:a1:4e:a8:fb:
4b:2a:5d:1a:f5:e8:e4:17:4f:18:96:f7:c0:cf:75:f0:6b:55:
8f:e2:12:46:10:69:9c:fd:e6:2c:e3:90:e1:e8:e2:e0:c2:f0:
bc:5d:f3:bb:c1:49:1d:24:2c:b8:e1:6b:ac:84:ee:30:02:74:
4d:c8:b3:c1:a5:d7:62:e3:cd:21:a3:72:ac:1b:00:03:60:b6:
8d:57:67:03:12:18:22:32:ae:28:25:2e:ec:06:b1:11:38:45:
f1:05:fe:e8:a5:dc:78:d0:2b:ff:9a:93:3b:d9:48:ec:a3:af:
4e:25:ae:4b:39:be:54:37:4d:3a:42:3a:45:0d:d0:b1:37:01:
98:fe:cc:da:44:20:99:b3:84:e5:2e:db:93:39:f9:57:73:e1:
17:27:53:17:26:a4:98:c0:5c:d0:c4:98:36:bf:46:a1:04:d2:
34:53:15:b5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUfvsoDbV1k4AKfkoJLHImnunPyXowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNDAyMjIxNzAwMTNaFw0yNTAyMjAxNzA1MTNaMDMxMTAvBgNV
BAMTKDc0RUQyMDUxNjgxMDJCM0QwOURFRjdFNkZCNjEwQzlFODczMkQxMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuEL7wC2BN0NDWCINpiWbkPVbl
1ml+Q2tOMCuqw8Tj27uGhBQ2Qq4kdmpWW/OPETDR6JpTWmV8tw2UnNXNh+isaxLl
ZZoLpyxLslz3lM61w2I8Dh45ZykHmPdGyMS26758PiCjqvBzLqCWBFi64qJ9gfpK
wkBr7ljkhXiNnsXDe7mHH1ZFyaQuId75AqcX0X+gH8tFMwvkvUHf9t948dWklOXn
37yNpxMunqK5Wfg8kYOG1bDW+/6kElnZVOiCP+eXTpyZG9W6mI3JdFmKNwi8Fgwd
h9oFhC9RgKRu+ULruC+v0CnN7YNgRbLC6qEDFXzT3xNxnxwuKJRyNMeXv7hLAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUdO0gUWgQKz0J3vfm+2EMnocy0S8wHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzQzNTJlMzgyZTMxMzczMjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMDM0MzEzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0I
rDANBgkqhkiG9w0BAQsFAAOCAQEAenpCy2hVwCIVcKjQ7QTHCzl1Ui8MragOGsJO
2bVXd73LWeRgbVMfTT58PF51+cXdiLbS6pwAJsyVxaqxDuF7pvK9kONE34DBPY/c
J7dr7rBmasoFWJ+hTqj7SypdGvXo5BdPGJb3wM918GtVj+ISRhBpnP3mLOOQ4eji
4MLwvF3zu8FJHSQsuOFrrITuMAJ0TcizwaXXYuPNIaNyrBsAA2C2jVdnAxIYIjKu
KCUu7AaxEThF8QX+6KXceNAr/5qTO9lI7KOvTiWuSzm+VDdNOkI6RQ3QsTcBmP7M
2kQgmbOE5S7bkzn5V3PhFydTFyakmMBc0MSYNr9GoQTSNFMVtQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 12:41:07 2024 by rpki-client on console-fra.rpki-client.org