Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/WXPYuGHKjj5qJX4G6sIh0GWfefc.roa
File: WXPYuGHKjj5qJX4G6sIh0GWfefc.roa (raw, json)
Hash identifier: TgE2H0qOrsNBuORmEanveizTEZsKdVDzKXMAPmyOVCM=
Subject key identifier: 59:73:D8:B8:61:CA:8E:3E:6A:25:7E:06:EA:C2:21:D0:65:9F:79:F7
Certificate issuer: /CN=47312b28074cb8dfad155178ca254bdb4f5e711a
Certificate serial: 0185DF5FD430487CDD494331246428102800
Authority key identifier: 47:31:2B:28:07:4C:B8:DF:AD:15:51:78:CA:25:4B:DB:4F:5E:71:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RzErKAdMuN-tFVF4yiVL209ecRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/WXPYuGHKjj5qJX4G6sIh0GWfefc.roa
Signing time: Mon 23 Jan 2023 16:04:37 +0000
ROA not before: Mon 23 Jan 2023 16:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 45.153.64.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:df:5f:d4:30:48:7c:dd:49:43:31:24:64:28:10:28:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47312b28074cb8dfad155178ca254bdb4f5e711a
Validity
Not Before: Jan 23 16:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5973d8b861ca8e3e6a257e06eac221d0659f79f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f6:c6:0d:6b:58:65:c1:18:80:6d:07:65:47:
3d:23:9d:e6:c1:a3:14:37:e4:bd:65:23:72:d1:cc:
be:b1:a2:44:f5:37:8f:86:c8:45:eb:34:b6:07:f0:
ac:9f:36:03:f8:a1:27:23:a3:ec:6d:3b:ef:b7:61:
05:8c:a3:d0:fb:39:21:27:a7:27:42:e5:12:d2:44:
73:84:3e:9d:bc:bb:c9:c7:47:4f:c2:4f:76:11:37:
9f:2d:18:11:e3:95:58:95:4f:96:9b:bd:bd:b9:42:
85:2e:36:f9:f8:2c:67:b5:9a:27:8d:12:92:b3:69:
a2:18:8e:df:a3:27:91:55:25:86:1c:37:79:db:8e:
6a:b5:a8:83:97:be:be:7c:6a:44:71:0a:90:a1:a8:
ab:9a:ff:31:78:89:a3:76:13:ce:8b:7c:b0:63:c8:
30:6d:f8:7f:05:45:d8:38:24:dd:bf:7f:1f:ba:c9:
fe:ba:df:b4:5a:09:d2:64:ba:08:15:c2:ad:d2:23:
fe:a0:26:8a:df:52:88:99:7a:38:c3:25:1c:50:db:
9f:b2:0b:8d:2b:b3:15:a1:98:da:5c:85:95:67:12:
d0:70:d3:48:08:c7:eb:9e:ae:b1:3b:fe:51:3e:09:
40:16:71:a6:39:28:5c:ef:7e:e3:0b:60:64:92:a5:
0e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:73:D8:B8:61:CA:8E:3E:6A:25:7E:06:EA:C2:21:D0:65:9F:79:F7
X509v3 Authority Key Identifier:
keyid:47:31:2B:28:07:4C:B8:DF:AD:15:51:78:CA:25:4B:DB:4F:5E:71:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzErKAdMuN-tFVF4yiVL209ecRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/WXPYuGHKjj5qJX4G6sIh0GWfefc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/RzErKAdMuN-tFVF4yiVL209ecRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.64.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:e1:b8:6d:8c:73:8e:38:b9:63:4d:53:30:d0:b6:ee:1a:ec:
33:e8:22:54:d3:7c:c3:38:88:31:f9:cb:60:77:7d:f5:6e:1a:
8c:b8:b7:3d:01:73:4a:df:0d:12:22:fa:a5:ad:49:eb:c6:85:
de:d3:51:37:73:3c:80:7f:5d:4b:f6:ff:3f:28:d6:b9:5c:84:
fc:c7:73:a1:85:4e:87:a7:7b:e7:4c:14:1c:2d:ff:19:42:46:
d4:0f:93:b4:51:9f:31:dd:e3:36:2d:ff:f0:66:2a:7f:ad:2a:
50:6b:9d:8f:ca:eb:0e:74:28:fa:74:9a:ce:b5:8c:bb:db:4a:
72:0d:e3:ca:8d:5d:d7:6a:6d:34:d9:1e:cc:3f:f0:6c:20:e5:
7f:d4:d5:11:12:aa:fe:bc:a7:f4:28:14:9c:b0:9a:ab:15:6f:
44:cb:f2:79:be:8e:83:20:ba:77:86:ea:2f:3a:da:d1:44:47:
65:47:99:14:34:a4:6f:c4:32:80:e7:82:3f:7c:ff:2c:67:11:
ae:5a:3a:3f:49:fb:a7:5d:20:34:b5:41:3c:d4:af:d2:04:a8:
8c:83:29:01:25:32:95:f5:e7:85:40:a1:06:71:36:71:2c:96:
59:f0:44:22:2e:e0:07:b3:f7:b5:81:7b:65:77:23:7d:52:ef:
fb:49:5d:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXfX9QwSHzdSUMxJGQoECgAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MzEyYjI4MDc0Y2I4ZGZhZDE1NTE3OGNhMjU0YmRiNGY1
ZTcxMWEwHhcNMjMwMTIzMTYwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTczZDhiODYxY2E4ZTNlNmEyNTdlMDZlYWMyMjFkMDY1OWY3OWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/bGDWtYZcEYgG0HZUc9I53mwaMU
N+S9ZSNy0cy+saJE9TePhshF6zS2B/CsnzYD+KEnI6PsbTvvt2EFjKPQ+zkhJ6cn
QuUS0kRzhD6dvLvJx0dPwk92ETefLRgR45VYlU+Wm729uUKFLjb5+CxntZonjRKS
s2miGI7foyeRVSWGHDd5245qtaiDl76+fGpEcQqQoairmv8xeImjdhPOi3ywY8gw
bfh/BUXYOCTdv38fusn+ut+0WgnSZLoIFcKt0iP+oCaK31KImXo4wyUcUNufsguN
K7MVoZjaXIWVZxLQcNNICMfrnq6xO/5RPglAFnGmOShc737jC2BkkqUORwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFlz2Lhhyo4+aiV+BurCIdBln3n3MB8GA1UdIwQY
MBaAFEcxKygHTLjfrRVReMolS9tPXnEaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpFcktBZE11Ti10RlZGNHlpVkwyMDllY1JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84MjdkY2QtNTY5NS00MWU2LWJiZmIt
ODhlMTVmYjE5Zjc0LzEvV1hQWXVHSEtqajVxSlg0RzZzSWgwR1dmZWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi84MjdkY2QtNTY5NS00MWU2LWJiZmItODhlMTVmYjE5Zjc0
LzEvUnpFcktBZE11Ti10RlZGNHlpVkwyMDllY1JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZlAMA0G
CSqGSIb3DQEBCwUAA4IBAQCi4bhtjHOOOLljTVMw0LbuGuwz6CJU03zDOIgx+ctg
d331bhqMuLc9AXNK3w0SIvqlrUnrxoXe01E3czyAf11L9v8/KNa5XIT8x3OhhU6H
p3vnTBQcLf8ZQkbUD5O0UZ8x3eM2Lf/wZip/rSpQa52PyusOdCj6dJrOtYy720py
DePKjV3Xam002R7MP/BsIOV/1NUREqr+vKf0KBScsJqrFW9Ey/J5vo6DILp3huov
OtrRREdlR5kUNKRvxDKA54I/fP8sZxGuWjo/SfunXSA0tUE81K/SBKiMgykBJTKV
9eeFQKEGcTZxLJZZ8EQiLuAHs/e1gXtldyN9Uu/7SV38
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:51 2024 by rpki-client on console-ams.rpki-client.org