Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/l7oQ0uRlREywghZLnzZeE25v9is.roa
File: l7oQ0uRlREywghZLnzZeE25v9is.roa (raw, json)
Hash identifier: ngtsH+4NPvFf7rYoh8ix6mdCu9kILow8i+cL9O2WhJY=
Subject key identifier: 97:BA:10:D2:E4:65:44:4C:B0:82:16:4B:9F:36:5E:13:6E:6F:F6:2B
Certificate issuer: /CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Certificate serial: 0186E9AE012B4030F84916B65F286D4A84B5
Authority key identifier: A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/l7oQ0uRlREywghZLnzZeE25v9is.roa
Signing time: Thu 16 Mar 2023 09:09:00 +0000
ROA not before: Thu 16 Mar 2023 09:09:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49761
IP address blocks: 45.131.34.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e9:ae:01:2b:40:30:f8:49:16:b6:5f:28:6d:4a:84:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Validity
Not Before: Mar 16 09:09:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97ba10d2e465444cb082164b9f365e136e6ff62b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a6:ae:b1:18:ad:94:53:21:fa:93:18:60:23:
58:02:6b:63:9e:a5:ca:8c:38:08:97:7a:bd:ff:c6:
eb:dd:f9:90:f7:e8:cc:b3:81:c9:fc:d9:ba:20:08:
78:5a:52:79:45:25:12:cd:c9:a8:bb:52:2f:a5:99:
b0:60:23:73:2d:bf:57:a8:27:9a:7a:5b:58:89:75:
9a:c8:90:e9:33:f5:01:ae:b9:16:6d:98:e7:3d:1f:
84:42:35:f6:a8:d4:e0:d2:2a:5d:f4:84:fc:ed:05:
31:6c:81:5f:a1:17:1d:2a:3e:9d:a8:61:8e:e0:ef:
e3:5e:47:69:f3:89:57:7c:d7:bf:22:0a:36:fb:d6:
2d:45:be:5e:ae:6c:68:c8:d7:1c:01:fa:5e:ee:24:
dc:82:c5:b1:44:5b:bc:d9:f0:f7:19:4f:96:52:f8:
7e:9e:75:7b:8d:54:ac:b6:fb:97:ac:49:c7:64:df:
87:a7:96:89:9f:78:e7:30:06:6a:6e:38:c4:7d:81:
aa:95:52:d9:b2:af:86:ce:3c:93:40:d2:4e:e2:07:
0b:2e:f0:84:87:78:67:64:b0:dd:a1:bc:1c:6a:04:
cd:96:31:4b:db:8b:17:07:25:2e:e3:a9:d2:63:c8:
81:5f:32:5d:1f:17:1f:cf:5f:fb:e6:b1:b5:e3:86:
c7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:BA:10:D2:E4:65:44:4C:B0:82:16:4B:9F:36:5E:13:6E:6F:F6:2B
X509v3 Authority Key Identifier:
keyid:A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/l7oQ0uRlREywghZLnzZeE25v9is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.34.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:2a:e3:ae:e0:a9:34:fb:de:98:5a:26:f5:c8:bb:26:a6:e4:
4f:b9:06:df:b7:0c:2e:73:17:15:01:ff:93:80:f6:79:c9:e1:
35:53:dc:c2:32:f0:67:62:6f:27:a5:4f:d8:4d:40:f8:bf:47:
12:d2:1a:f9:0e:df:13:49:39:fe:6b:6b:ee:42:69:c1:fa:5d:
59:2d:ac:67:0f:4c:98:87:8e:47:b8:cf:c7:2f:c7:9b:0b:02:
99:1b:78:9f:00:c1:d1:00:a7:1c:de:d7:6e:8f:c0:54:54:d4:
ff:ed:48:cf:a3:ea:01:ac:c1:b3:0e:49:19:c6:ae:b2:91:8e:
df:4c:61:4b:70:34:f6:3e:47:82:fe:4d:e6:e6:cb:68:6c:95:
8c:85:36:75:84:ec:8b:5a:45:49:9b:02:41:d5:ad:49:2a:18:
fa:72:77:dc:c5:df:05:fd:38:84:af:df:3a:a4:0a:c5:f9:e4:
30:01:29:05:e7:cf:f7:2d:4d:57:47:78:71:47:e9:cb:4b:2e:
df:f8:5f:59:70:93:9d:04:39:31:47:50:bc:ba:62:76:5c:93:
d7:81:ae:2a:1c:f3:1d:ef:29:26:3f:66:73:a7:3b:76:4c:73:
2f:74:9d:0d:c8:dc:7b:ce:e0:07:14:ce:55:46:84:45:3f:ac:
04:8f:9a:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbprgErQDD4SRa2XyhtSoS1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MTFhMmM5ZmM4ZGU5Njc5YmIxNTg1ODFiMTBjZWFlZTkx
ZmY3OTEwHhcNMjMwMzE2MDkwOTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2JhMTBkMmU0NjU0NDRjYjA4MjE2NGI5ZjM2NWUxMzZlNmZmNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6ausRitlFMh+pMYYCNYAmtjnqXK
jDgIl3q9/8br3fmQ9+jMs4HJ/Nm6IAh4WlJ5RSUSzcmou1IvpZmwYCNzLb9XqCea
eltYiXWayJDpM/UBrrkWbZjnPR+EQjX2qNTg0ipd9IT87QUxbIFfoRcdKj6dqGGO
4O/jXkdp84lXfNe/Igo2+9YtRb5ermxoyNccAfpe7iTcgsWxRFu82fD3GU+WUvh+
nnV7jVSstvuXrEnHZN+Hp5aJn3jnMAZqbjjEfYGqlVLZsq+GzjyTQNJO4gcLLvCE
h3hnZLDdobwcagTNljFL24sXByUu46nSY8iBXzJdHxcfz1/75rG144bH1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJe6ENLkZURMsIIWS582XhNub/YrMB8GA1UdIwQY
MBaAFKgRosn8jelnm7FYWBsQzq7pH/eRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYt
MGNjNGMwMDAwODU4LzEvbDdvUTB1UmxSRXl3Z2haTG56WmVFMjV2OWlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYtMGNjNGMwMDAwODU4
LzEvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYMiMA0G
CSqGSIb3DQEBCwUAA4IBAQB9KuOu4Kk0+96YWib1yLsmpuRPuQbftwwucxcVAf+T
gPZ5yeE1U9zCMvBnYm8npU/YTUD4v0cS0hr5Dt8TSTn+a2vuQmnB+l1ZLaxnD0yY
h45HuM/HL8ebCwKZG3ifAMHRAKcc3tduj8BUVNT/7UjPo+oBrMGzDkkZxq6ykY7f
TGFLcDT2PkeC/k3m5stobJWMhTZ1hOyLWkVJmwJB1a1JKhj6cnfcxd8F/TiEr986
pArF+eQwASkF58/3LU1XR3hxR+nLSy7f+F9ZcJOdBDkxR1C8umJ2XJPXga4qHPMd
7ykmP2Zzpzt2THMvdJ0NyNx7zuAHFM5VRoRFP6wEj5oO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:59 2024 by rpki-client on console-fra.rpki-client.org