Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/HuFSTsYoCkXVylWHWNp3baYWiDw.roa
File: HuFSTsYoCkXVylWHWNp3baYWiDw.roa (raw, json)
Hash identifier: P+g73uEFA0DxyAj2nBgdjRpUHi/2ieasA7pdnNFusfo=
Subject key identifier: 1E:E1:52:4E:C6:28:0A:45:D5:CA:55:87:58:DA:77:6D:A6:16:88:3C
Certificate issuer: /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial: 018D13D7ED20C19B5D8F3999CB449E454DD1
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/HuFSTsYoCkXVylWHWNp3baYWiDw.roa
Signing time: Tue 16 Jan 2024 19:55:34 +0000
ROA not before: Tue 16 Jan 2024 19:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 45.15.252.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:ed:20:c1:9b:5d:8f:39:99:cb:44:9e:45:4d:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
Validity
Not Before: Jan 16 19:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ee1524ec6280a45d5ca558758da776da616883c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:31:0f:a7:3b:8f:b1:19:d9:74:0e:b6:e5:3c:
60:d0:e2:23:88:ea:22:a1:aa:89:33:47:79:fb:e0:
35:be:3e:8b:c4:74:58:a4:dd:a9:5f:71:a4:47:f7:
3b:05:9b:e3:68:c5:0e:8c:17:b4:90:96:da:0f:9d:
c7:12:18:c1:37:99:de:e9:a8:13:0c:6e:af:c3:92:
de:a4:3d:11:1f:48:7a:5b:8d:f2:72:4e:f1:79:a6:
fd:d2:15:69:c3:e9:6e:9e:03:f2:cb:41:bc:42:51:
74:9b:d7:e5:e4:9a:ca:cd:fe:f3:18:3c:b6:db:54:
16:71:44:82:19:90:f3:1d:52:41:cd:e1:33:d7:ec:
c3:2e:a5:16:cb:78:69:f6:ba:fd:8e:e6:80:05:69:
d2:d2:b6:74:35:02:7f:b0:7c:dc:00:6b:93:52:0e:
3f:77:19:64:d9:10:aa:2f:2d:10:97:8f:c7:ca:e6:
68:74:d8:82:22:11:da:b8:b8:6f:fb:7a:08:d9:48:
b4:6e:0b:ee:fa:29:5f:74:f2:49:ac:4c:b6:a9:98:
b0:c5:e9:9a:37:4f:dc:21:b8:46:92:a0:e2:b5:83:
08:29:c4:23:1f:2c:1a:4b:49:c2:79:33:15:39:fe:
7d:56:da:e3:85:3f:b2:9a:fe:6c:06:a5:22:64:3d:
0b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:E1:52:4E:C6:28:0A:45:D5:CA:55:87:58:DA:77:6D:A6:16:88:3C
X509v3 Authority Key Identifier:
keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/HuFSTsYoCkXVylWHWNp3baYWiDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.252.0/24
Signature Algorithm: sha256WithRSAEncryption
07:d2:e8:a7:43:2a:39:2b:b5:0a:60:f2:a3:86:5a:46:5c:29:
1f:7a:ab:f4:72:1d:5d:b8:71:5e:9a:b9:ce:55:67:8a:d5:52:
f1:a8:da:7c:f5:73:1f:81:01:96:95:60:0a:f1:3b:a8:fc:49:
2d:37:97:23:86:35:84:7a:2a:43:57:94:6d:29:3d:23:02:95:
02:ba:44:cf:2b:9c:3d:46:e7:07:b6:98:03:79:21:5d:93:cc:
44:e6:e8:47:a4:24:a1:b1:86:48:60:13:fb:81:48:2a:af:b8:
03:b7:95:57:7c:9a:55:b6:dd:37:6f:7b:b0:49:04:96:55:39:
1c:71:9e:77:35:2d:95:2b:97:90:4c:0d:47:0f:c8:37:54:74:
cb:c7:32:07:a8:97:33:f8:cf:64:80:14:2a:e6:30:47:8b:a1:
71:6c:b4:a8:85:cf:10:c6:1a:fb:a5:d4:60:a1:a9:ab:3a:a7:
57:03:09:9b:6f:b3:98:98:bb:84:1f:98:d6:52:12:d9:86:28:
c8:07:33:74:b2:90:73:1b:9e:08:92:b1:f2:64:c5:b9:f1:8b:
0f:26:e7:9a:12:e7:8b:42:6a:69:92:03:9a:95:88:5f:4f:8b:
25:15:58:3a:a4:5d:3a:3d:4f:43:3c:4e:02:50:90:63:40:b8:
e8:5d:42:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0T1+0gwZtdjzmZy0SeRU3RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjQwMTE2MTk1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWUxNTI0ZWM2MjgwYTQ1ZDVjYTU1ODc1OGRhNzc2ZGE2MTY4ODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DEPpzuPsRnZdA625Txg0OIjiOoi
oaqJM0d5++A1vj6LxHRYpN2pX3GkR/c7BZvjaMUOjBe0kJbaD53HEhjBN5ne6agT
DG6vw5LepD0RH0h6W43yck7xeab90hVpw+lungPyy0G8QlF0m9fl5JrKzf7zGDy2
21QWcUSCGZDzHVJBzeEz1+zDLqUWy3hp9rr9juaABWnS0rZ0NQJ/sHzcAGuTUg4/
dxlk2RCqLy0Ql4/HyuZodNiCIhHauLhv+3oI2Ui0bgvu+ilfdPJJrEy2qZiwxema
N0/cIbhGkqDitYMIKcQjHywaS0nCeTMVOf59VtrjhT+ymv5sBqUiZD0LpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB7hUk7GKApF1cpVh1jad22mFog8MB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvSHVGU1RzWW9Da1hWeWxXSFdOcDNiYVlXaUR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ/8MA0G
CSqGSIb3DQEBCwUAA4IBAQAH0uinQyo5K7UKYPKjhlpGXCkfeqv0ch1duHFemrnO
VWeK1VLxqNp89XMfgQGWlWAK8Tuo/EktN5cjhjWEeipDV5RtKT0jApUCukTPK5w9
RucHtpgDeSFdk8xE5uhHpCShsYZIYBP7gUgqr7gDt5VXfJpVtt03b3uwSQSWVTkc
cZ53NS2VK5eQTA1HD8g3VHTLxzIHqJcz+M9kgBQq5jBHi6FxbLSohc8Qxhr7pdRg
oamrOqdXAwmbb7OYmLuEH5jWUhLZhijIBzN0spBzG54IkrHyZMW58YsPJueaEueL
QmppkgOalYhfT4slFVg6pF06PU9DPE4CUJBjQLjoXUJr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:03 2024 by rpki-client on console-fra.rpki-client.org