Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/lZHtpesurCDw6OHbO7WJZxuV9Ok.roa
File: lZHtpesurCDw6OHbO7WJZxuV9Ok.roa (raw, json)
Hash identifier: VyhUx0bqe/SzCaAiCR4+piGRcRM5e1rIJ1Mz//+8EbM=
Subject key identifier: 95:91:ED:A5:EB:2E:AC:20:F0:E8:E1:DB:3B:B5:89:67:1B:95:F4:E9
Certificate issuer: /CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Certificate serial: 01856CE62CC130D19A3484F2DED7E2E516C4
Authority key identifier: A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/lZHtpesurCDw6OHbO7WJZxuV9Ok.roa
Signing time: Sun 01 Jan 2023 10:35:02 +0000
ROA not before: Sun 01 Jan 2023 10:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212344
IP address blocks: 45.85.186.0/24 maxlen: 24
45.85.186.0/23 maxlen: 23
45.85.187.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:2c:c1:30:d1:9a:34:84:f2:de:d7:e2:e5:16:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Validity
Not Before: Jan 1 10:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9591eda5eb2eac20f0e8e1db3bb589671b95f4e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:89:ba:90:7c:2e:68:dc:ad:c0:04:7e:6d:33:
8c:14:56:f9:1f:e8:9b:0c:1e:a1:f0:5a:7d:75:83:
e6:81:76:23:c2:53:b4:b8:21:7a:21:ca:39:e6:ce:
39:8e:05:3c:c0:99:5d:13:e0:50:c0:dd:3d:82:4c:
10:5b:1b:2a:f5:38:3d:52:ea:a4:0c:b7:78:55:6b:
50:dd:3b:0a:06:ed:49:e7:7a:97:29:2e:83:15:2f:
be:be:f8:26:cd:13:02:1a:9b:6a:11:de:9f:f5:47:
a2:02:2c:5a:ab:96:bd:4c:13:de:c8:94:6b:a0:ca:
58:12:2e:9a:ac:1a:ff:23:4c:a9:82:da:17:ee:87:
b8:d9:bf:75:cf:c7:c1:e3:3d:23:44:aa:86:6f:16:
ef:b2:59:48:06:2c:92:82:79:09:ae:4f:e2:8f:d5:
06:23:44:69:12:57:1e:68:b6:aa:8f:8f:55:40:1f:
f5:cc:43:29:fe:b1:98:9e:58:81:a6:ae:d6:e9:40:
23:84:e4:30:21:54:a5:0f:df:c8:9a:dd:f5:9d:a9:
e7:0b:e4:90:ab:57:3f:ed:00:37:9f:ce:6f:16:c6:
4a:8d:ed:37:2a:fc:3c:c4:11:41:dc:ad:bb:aa:8f:
43:f0:79:c2:df:a6:e9:2c:23:4f:d8:b8:d6:0b:74:
38:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:91:ED:A5:EB:2E:AC:20:F0:E8:E1:DB:3B:B5:89:67:1B:95:F4:E9
X509v3 Authority Key Identifier:
keyid:A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/lZHtpesurCDw6OHbO7WJZxuV9Ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.186.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:80:26:33:db:f5:f2:8a:c3:bc:7b:2c:d8:f5:ec:94:9a:ff:
ef:97:b8:27:12:b1:ab:77:4f:0f:c8:6e:43:4b:21:53:5a:b1:
59:1a:61:a4:80:2f:91:02:90:b2:44:57:02:b0:5e:ba:b8:f6:
e9:d6:6f:9b:02:40:09:19:e8:f3:87:4a:7d:fe:f5:37:07:79:
e6:7b:04:e8:0e:1a:60:7c:08:a4:d1:87:69:29:84:84:59:15:
e6:9d:7d:a3:55:43:53:03:2b:07:ed:41:a5:16:f1:23:b5:1c:
b2:d9:ee:76:83:16:41:c1:08:9f:48:6f:39:8c:89:6c:2e:18:
36:53:52:81:bf:a6:7c:b1:db:d0:3f:8b:68:be:12:32:29:72:
fa:58:24:df:e0:1e:eb:ab:69:08:3b:0d:1f:53:f6:24:cc:83:
af:3b:b5:96:76:18:c3:14:32:5a:b9:a4:0d:4d:99:4b:13:b0:
93:18:eb:3c:76:d7:95:a9:b3:6d:71:b6:a6:5f:f2:e5:9a:68:
24:d8:20:0c:3d:44:e2:9e:61:84:7d:d2:ed:56:c1:a5:d8:ca:
c5:68:49:c6:a2:ef:84:31:26:e2:1e:6b:16:92:a0:ab:57:37:
2c:95:5c:80:d4:ee:8d:7e:05:4f:52:88:f5:68:5e:5e:76:f7:
0f:6c:e5:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5izBMNGaNITy3tfi5RbEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MTFhMmM5ZmM4ZGU5Njc5YmIxNTg1ODFiMTBjZWFlZTkx
ZmY3OTEwHhcNMjMwMTAxMTAzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTkxZWRhNWViMmVhYzIwZjBlOGUxZGIzYmI1ODk2NzFiOTVmNGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYm6kHwuaNytwAR+bTOMFFb5H+ib
DB6h8Fp9dYPmgXYjwlO0uCF6Ico55s45jgU8wJldE+BQwN09gkwQWxsq9Tg9Uuqk
DLd4VWtQ3TsKBu1J53qXKS6DFS++vvgmzRMCGptqEd6f9UeiAixaq5a9TBPeyJRr
oMpYEi6arBr/I0ypgtoX7oe42b91z8fB4z0jRKqGbxbvsllIBiySgnkJrk/ij9UG
I0RpElceaLaqj49VQB/1zEMp/rGYnliBpq7W6UAjhOQwIVSlD9/Imt31nannC+SQ
q1c/7QA3n85vFsZKje03Kvw8xBFB3K27qo9D8HnC36bpLCNP2LjWC3Q4/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWR7aXrLqwg8Ojh2zu1iWcblfTpMB8GA1UdIwQY
MBaAFKgRosn8jelnm7FYWBsQzq7pH/eRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYt
MGNjNGMwMDAwODU4LzEvbFpIdHBlc3VyQ0R3Nk9IYk83V0paeHVWOU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYtMGNjNGMwMDAwODU4
LzEvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVW6MA0G
CSqGSIb3DQEBCwUAA4IBAQB9gCYz2/XyisO8eyzY9eyUmv/vl7gnErGrd08PyG5D
SyFTWrFZGmGkgC+RApCyRFcCsF66uPbp1m+bAkAJGejzh0p9/vU3B3nmewToDhpg
fAik0YdpKYSEWRXmnX2jVUNTAysH7UGlFvEjtRyy2e52gxZBwQifSG85jIlsLhg2
U1KBv6Z8sdvQP4tovhIyKXL6WCTf4B7rq2kIOw0fU/YkzIOvO7WWdhjDFDJauaQN
TZlLE7CTGOs8dteVqbNtcbamX/Llmmgk2CAMPUTinmGEfdLtVsGl2MrFaEnGou+E
MSbiHmsWkqCrVzcslVyA1O6NfgVPUoj1aF5edvcPbOUm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:59 2024 by rpki-client on console-fra.rpki-client.org