Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/ka-euHgKoQu1ncBQNnG07xvlLvA.roa
File: ka-euHgKoQu1ncBQNnG07xvlLvA.roa (raw, json)
Hash identifier: vzbJPOws+p4g+jUm8X7sm4o5bIeM/6HNT6RZhHByem4=
Subject key identifier: 91:AF:9E:B8:78:0A:A1:0B:B5:9D:C0:50:36:71:B4:EF:1B:E5:2E:F0
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 018E3243C6EDB1944357A618F6969603456A
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/ka-euHgKoQu1ncBQNnG07xvlLvA.roa
Signing time: Tue 12 Mar 2024 10:44:46 +0000
ROA not before: Tue 12 Mar 2024 10:44:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 45.151.29.0/24 maxlen: 24
176.116.15.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c6:ed:b1:94:43:57:a6:18:f6:96:96:03:45:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Mar 12 10:44:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91af9eb8780aa10bb59dc0503671b4ef1be52ef0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f2:5c:0a:9a:d5:8c:c7:cc:c4:d6:d1:93:78:
2d:8c:8d:19:98:f8:cb:dd:8d:0a:53:b9:99:f3:10:
52:02:a9:bc:cf:2e:a1:ca:d5:da:5e:e4:44:75:92:
03:07:a3:b6:a2:06:18:96:7e:c5:30:89:53:c7:de:
e5:08:ac:21:31:93:87:b0:89:68:b4:63:97:64:89:
c7:b9:ab:85:35:37:d8:f2:cf:64:94:3e:82:5a:80:
94:fd:3d:7a:72:e8:bd:9d:86:e6:02:16:c1:45:fc:
af:81:dd:40:e7:25:b8:3e:82:1a:dd:e2:2c:87:cf:
ec:04:24:2a:fb:c1:8b:34:0f:9f:85:d1:b0:66:08:
5b:4a:2c:42:b2:e4:ca:8f:58:06:f8:73:d6:ca:00:
06:5e:64:0e:b2:6a:1f:9b:a9:1e:a4:e8:2f:d8:fa:
ca:a8:f8:6b:97:ce:cd:6d:ee:66:b7:08:9e:c8:62:
5c:51:55:6f:64:02:09:21:5a:c6:e9:34:b8:66:cd:
44:89:7f:2d:bf:12:29:e5:4b:ee:83:3a:f7:f0:bf:
17:5f:f4:47:1b:b9:65:48:90:4e:91:2e:03:a3:f4:
b5:b5:fa:05:54:3b:38:cc:27:67:de:db:0c:72:f0:
27:6b:68:37:eb:58:b5:15:63:9f:71:96:97:7c:08:
7e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:AF:9E:B8:78:0A:A1:0B:B5:9D:C0:50:36:71:B4:EF:1B:E5:2E:F0
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/ka-euHgKoQu1ncBQNnG07xvlLvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.29.0/24
176.116.15.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:e8:87:3b:e5:41:0f:c1:73:fd:48:59:31:fd:e0:03:c6:cd:
ce:3f:ac:f9:09:3a:97:c3:2d:a8:00:88:98:9f:8e:ee:0b:78:
c8:11:93:b8:30:7d:32:65:77:fc:fe:2f:7d:81:16:97:70:81:
13:d6:5c:2c:e8:31:67:c3:cf:fd:87:28:cb:c9:03:d3:2f:48:
7c:39:c1:02:31:97:87:95:c0:f6:a8:19:ff:a2:3f:ff:fa:86:
e8:00:d4:c7:24:66:93:c8:fa:a8:d7:db:9f:ca:6b:4d:dc:0f:
e1:a1:33:d0:8d:84:5e:0a:81:c4:7d:0a:db:c0:d8:62:7a:a0:
94:92:0f:e9:49:76:f2:d4:a1:69:22:b4:27:6d:fe:9c:98:6e:
84:91:ed:88:06:84:2d:56:ed:d6:78:80:cd:18:a4:12:10:00:
b3:7d:c1:11:b1:14:58:ea:95:02:92:26:5b:90:f3:93:98:ff:
3e:7b:d6:21:e0:21:4e:d8:a3:9a:04:7c:74:54:c3:52:0c:7a:
9d:26:64:c7:30:11:d4:d3:46:41:30:4f:2f:55:89:3b:3b:73:
4f:66:1c:92:45:f6:8b:11:32:59:bb:a7:6c:97:48:e1:77:75:
16:b6:ff:b9:18:ed:b3:05:8a:de:c5:e5:e4:72:28:fb:ec:7c:
f1:b7:03:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4yQ8btsZRDV6YY9paWA0VqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQwMzEyMTA0NDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWFmOWViODc4MGFhMTBiYjU5ZGMwNTAzNjcxYjRlZjFiZTUyZWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/JcCprVjMfMxNbRk3gtjI0ZmPjL
3Y0KU7mZ8xBSAqm8zy6hytXaXuREdZIDB6O2ogYYln7FMIlTx97lCKwhMZOHsIlo
tGOXZInHuauFNTfY8s9klD6CWoCU/T16cui9nYbmAhbBRfyvgd1A5yW4PoIa3eIs
h8/sBCQq+8GLNA+fhdGwZghbSixCsuTKj1gG+HPWygAGXmQOsmofm6kepOgv2PrK
qPhrl87Nbe5mtwieyGJcUVVvZAIJIVrG6TS4Zs1EiX8tvxIp5Uvugzr38L8XX/RH
G7llSJBOkS4Do/S1tfoFVDs4zCdn3tsMcvAna2g361i1FWOfcZaXfAh+ZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJGvnrh4CqELtZ3AUDZxtO8b5S7wMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEva2EtZXVIZ0tvUXUxbmNCUU5uRzA3eHZsTHZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZcdAwQA
sHQPMA0GCSqGSIb3DQEBCwUAA4IBAQBu6Ic75UEPwXP9SFkx/eADxs3OP6z5CTqX
wy2oAIiYn47uC3jIEZO4MH0yZXf8/i99gRaXcIET1lws6DFnw8/9hyjLyQPTL0h8
OcECMZeHlcD2qBn/oj//+oboANTHJGaTyPqo19ufymtN3A/hoTPQjYReCoHEfQrb
wNhieqCUkg/pSXby1KFpIrQnbf6cmG6Eke2IBoQtVu3WeIDNGKQSEACzfcERsRRY
6pUCkiZbkPOTmP8+e9Yh4CFO2KOaBHx0VMNSDHqdJmTHMBHU00ZBME8vVYk7O3NP
ZhySRfaLETJZu6dsl0jhd3UWtv+5GO2zBYrexeXkcij77HzxtwMu
-----END CERTIFICATE-----
Generated at Tue Apr 2 17:16:02 2024 by rpki-client on console-fra.rpki-client.org