Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/80qORZBIt83tCtKMKbnjsuboD2M.roa
File: 80qORZBIt83tCtKMKbnjsuboD2M.roa (raw, json)
Hash identifier: +N8mmfHr21naGkeAuh9hnupiDCbyLjPD5Lo4nizG3Sk=
Subject key identifier: F3:4A:8E:45:90:48:B7:CD:ED:0A:D2:8C:29:B9:E3:B2:E6:E8:0F:63
Certificate issuer: /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial: 018964C13AB3F0B0F0C07C348A3133EE5495
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/80qORZBIt83tCtKMKbnjsuboD2M.roa
Signing time: Mon 17 Jul 2023 16:48:52 +0000
ROA not before: Mon 17 Jul 2023 16:48:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 45.93.14.0/24 maxlen: 24
45.93.15.0/24 maxlen: 24
45.93.12.0/24 maxlen: 24
193.187.97.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:c1:3a:b3:f0:b0:f0:c0:7c:34:8a:31:33:ee:54:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
Validity
Not Before: Jul 17 16:48:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f34a8e459048b7cded0ad28c29b9e3b2e6e80f63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:01:59:0e:f1:84:53:41:2c:0d:ef:34:7c:5c:
66:6d:f3:1d:19:25:6a:d3:48:6d:88:1e:16:18:ba:
df:bc:44:5c:4a:12:6f:e5:b9:37:33:89:84:f0:51:
56:f2:ef:4c:e7:58:85:7c:1f:27:4e:40:5b:7a:95:
b7:1b:d7:e3:5a:ba:4b:14:87:74:bb:15:73:f6:ec:
f2:96:44:17:37:c4:b8:f5:ba:f0:a4:cb:64:34:5f:
2e:3a:97:3e:7d:42:58:44:9f:75:12:33:5a:89:88:
bc:c7:c9:49:23:59:39:a5:31:57:49:65:a9:df:54:
0d:0d:cf:79:9a:11:3b:59:94:1d:4f:cb:c1:8b:37:
1b:bb:f6:3b:79:c6:bd:9d:32:02:cc:e4:63:f5:72:
a1:59:45:e8:b6:95:67:ac:8c:32:a9:8d:93:05:f5:
4b:3f:d6:a4:73:3f:09:81:3b:f7:28:83:ab:43:fe:
1e:54:68:1d:fe:32:ab:9e:35:6e:6d:a0:80:01:d1:
fc:37:cf:4e:87:4c:ac:fb:60:8d:f5:1f:d2:43:1f:
8c:11:b3:51:e3:88:7b:22:e2:0d:d5:f6:2f:55:f6:
6e:80:6f:f1:5a:6e:ec:26:ae:23:4e:fb:99:b2:82:
9f:39:44:4c:0d:ce:f6:10:66:6d:de:d3:5c:1f:60:
20:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:4A:8E:45:90:48:B7:CD:ED:0A:D2:8C:29:B9:E3:B2:E6:E8:0F:63
X509v3 Authority Key Identifier:
keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/80qORZBIt83tCtKMKbnjsuboD2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.12.0/24
45.93.14.0/23
193.187.97.0/24
Signature Algorithm: sha256WithRSAEncryption
45:48:4c:7c:b2:2a:4c:16:81:69:07:02:84:fe:57:8e:24:12:
3f:7c:27:95:94:67:b5:18:e3:5a:f0:31:89:c4:f8:ac:73:bb:
6d:a9:f3:c3:d6:c1:17:39:38:db:a7:61:09:06:59:da:9e:7e:
d9:5f:9f:31:1e:f3:4d:a8:c3:b6:4e:8d:c3:1c:11:4e:ba:41:
03:c4:da:d5:3e:a2:aa:94:c4:7f:89:c3:63:3a:4d:7a:83:a4:
58:11:bc:b5:90:0c:60:87:42:68:a2:90:1f:bd:11:70:31:9c:
aa:9b:6a:00:35:f7:1c:69:00:4a:03:e3:96:50:0e:63:d6:a5:
3e:47:de:2b:72:17:5b:f6:60:68:32:ab:95:2e:c5:12:eb:b3:
e1:a4:5a:f0:da:c8:29:4e:a1:80:18:e7:84:f1:3d:17:8c:f8:
26:f6:fe:94:8f:ed:32:bf:8c:40:06:9e:bd:09:49:4f:d5:c4:
48:92:92:21:30:41:0c:04:d8:9a:7b:b7:8d:7e:86:ef:63:8e:
48:65:b1:99:32:ea:73:62:1b:0e:35:0c:b3:4c:d4:07:2d:3b:
12:29:b4:96:29:27:65:01:c0:08:54:55:63:96:db:12:90:00:
6f:18:a0:26:f8:f7:4f:9d:61:d5:45:0a:1e:f9:e9:57:d6:15:
9d:c7:c5:06
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlkwTqz8LDwwHw0ijEz7lSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjMwNzE3MTY0ODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzRhOGU0NTkwNDhiN2NkZWQwYWQyOGMyOWI5ZTNiMmU2ZTgwZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAFZDvGEU0EsDe80fFxmbfMdGSVq
00htiB4WGLrfvERcShJv5bk3M4mE8FFW8u9M51iFfB8nTkBbepW3G9fjWrpLFId0
uxVz9uzylkQXN8S49brwpMtkNF8uOpc+fUJYRJ91EjNaiYi8x8lJI1k5pTFXSWWp
31QNDc95mhE7WZQdT8vBizcbu/Y7eca9nTICzORj9XKhWUXotpVnrIwyqY2TBfVL
P9akcz8JgTv3KIOrQ/4eVGgd/jKrnjVubaCAAdH8N89Oh0ys+2CN9R/SQx+MEbNR
44h7IuIN1fYvVfZugG/xWm7sJq4jTvuZsoKfOURMDc72EGZt3tNcH2AgqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPNKjkWQSLfN7QrSjCm547Lm6A9jMB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvODBxT1JaQkl0ODN0Q3RLTUtibmpzdWJvRDJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALV0MAwQB
LV0OAwQAwbthMA0GCSqGSIb3DQEBCwUAA4IBAQBFSEx8sipMFoFpBwKE/leOJBI/
fCeVlGe1GONa8DGJxPisc7ttqfPD1sEXOTjbp2EJBlnann7ZX58xHvNNqMO2To3D
HBFOukEDxNrVPqKqlMR/icNjOk16g6RYEby1kAxgh0JoopAfvRFwMZyqm2oANfcc
aQBKA+OWUA5j1qU+R94rchdb9mBoMquVLsUS67PhpFrw2sgpTqGAGOeE8T0XjPgm
9v6Uj+0yv4xABp69CUlP1cRIkpIhMEEMBNiae7eNfobvY45IZbGZMupzYhsONQyz
TNQHLTsSKbSWKSdlAcAIVFVjltsSkABvGKAm+PdPnWHVRQoe+elX1hWdx8UG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:58 2024 by rpki-client on console-ams.rpki-client.org