Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/R0A5lpQe7fPYWF6u4sQfzfJvbuI.roa
File: R0A5lpQe7fPYWF6u4sQfzfJvbuI.roa (raw, json)
Hash identifier: icbZrcOwcLOOC6oMRGDDtiXX070kLPPvf5bcE9FFLH0=
Subject key identifier: 47:40:39:96:94:1E:ED:F3:D8:58:5E:AE:E2:C4:1F:CD:F2:6F:6E:E2
Certificate issuer: /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial: 018D3034A05DC57299A38B1112EF7C32C395
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/R0A5lpQe7fPYWF6u4sQfzfJvbuI.roa
Signing time: Mon 22 Jan 2024 08:06:11 +0000
ROA not before: Mon 22 Jan 2024 08:06:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 45.15.255.0/24 maxlen: 24
194.34.250.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:34:a0:5d:c5:72:99:a3:8b:11:12:ef:7c:32:c3:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
Validity
Not Before: Jan 22 08:06:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47403996941eedf3d8585eaee2c41fcdf26f6ee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7c:98:36:c6:f9:4d:95:f3:a0:1c:c5:af:d7:
88:c6:e2:e7:5f:e1:98:46:1a:4b:31:fb:5b:1b:f7:
e9:2a:c7:61:fb:e0:d0:a7:90:f1:51:2c:f6:49:7e:
77:4a:43:c7:19:03:13:13:f0:05:c0:fd:85:ba:7b:
8a:f6:19:aa:66:59:e4:18:e7:a8:68:b7:c2:23:52:
65:a3:47:76:46:7a:3f:39:df:80:41:fa:9d:b5:14:
fa:fd:0d:ed:7f:58:7e:93:50:d3:b6:e1:36:a9:68:
fe:4d:aa:c6:06:10:72:ee:81:b9:d7:72:20:40:f4:
45:2a:45:5d:c8:fa:a5:98:ba:9f:15:1e:e6:1a:5e:
51:5d:8f:4a:0d:35:30:ed:9e:66:89:04:ae:0b:ce:
35:ac:f4:05:7a:09:29:42:b3:73:6a:ba:3a:fc:a9:
f1:04:70:db:22:3b:16:02:d5:14:a3:ca:08:f1:50:
0c:eb:e2:14:35:6c:a4:fb:15:79:81:c8:74:5b:02:
14:65:9a:f2:62:bf:8c:bd:89:5b:dd:f0:fd:a5:58:
a6:0b:71:16:87:21:49:d9:96:c8:e3:5c:f9:63:a6:
00:63:ed:2b:8c:57:66:dc:00:aa:4b:51:e1:b3:fa:
96:93:86:bf:52:1b:17:a6:47:aa:f2:4c:8c:68:4e:
33:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:40:39:96:94:1E:ED:F3:D8:58:5E:AE:E2:C4:1F:CD:F2:6F:6E:E2
X509v3 Authority Key Identifier:
keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/R0A5lpQe7fPYWF6u4sQfzfJvbuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.255.0/24
194.34.250.0/24
Signature Algorithm: sha256WithRSAEncryption
44:45:86:63:b8:0e:b5:d5:da:79:d6:31:b3:34:02:69:79:63:
f7:f8:7b:13:96:16:1a:f3:f5:a0:f1:b1:f4:c4:e5:d9:6c:f3:
1f:df:66:24:ec:31:d1:d3:3f:05:6b:07:27:c1:a6:17:db:1e:
4f:37:d0:f2:d7:d6:28:80:30:f4:81:f0:0b:35:11:d2:83:3a:
c8:d0:90:2c:18:f4:d8:fa:1d:d1:ae:6f:ca:d3:ef:be:1d:52:
b3:11:bb:4c:f1:ee:13:10:a2:5d:aa:30:77:47:b5:80:59:a8:
b6:63:88:cb:7a:34:17:95:4e:00:33:aa:d8:01:26:73:7a:5d:
68:10:05:ca:04:6e:07:67:2a:be:dd:06:a9:a5:e2:75:09:e4:
0b:74:a8:14:9c:72:df:94:89:9b:36:f9:a4:2b:46:d0:4f:e3:
ae:80:11:68:ff:55:f6:80:2e:19:5a:ed:4a:f8:51:95:f9:37:
5f:0b:be:1a:d8:2a:13:c6:d9:46:96:51:f4:44:7b:ba:18:6b:
ea:03:a9:a4:8a:a9:aa:13:b6:3d:d8:14:51:47:ab:1b:bf:ca:
a3:ae:92:b0:18:3e:bd:8c:64:23:2e:ea:27:fe:6a:7e:24:f6:
9b:d9:6c:14:79:43:c0:e5:e3:5e:63:70:0b:be:08:4c:3c:35:
3e:3f:fb:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0wNKBdxXKZo4sREu98MsOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjQwMTIyMDgwNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzQwMzk5Njk0MWVlZGYzZDg1ODVlYWVlMmM0MWZjZGYyNmY2ZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXyYNsb5TZXzoBzFr9eIxuLnX+GY
RhpLMftbG/fpKsdh++DQp5DxUSz2SX53SkPHGQMTE/AFwP2FunuK9hmqZlnkGOeo
aLfCI1Jlo0d2Rno/Od+AQfqdtRT6/Q3tf1h+k1DTtuE2qWj+TarGBhBy7oG513Ig
QPRFKkVdyPqlmLqfFR7mGl5RXY9KDTUw7Z5miQSuC841rPQFegkpQrNzaro6/Knx
BHDbIjsWAtUUo8oI8VAM6+IUNWyk+xV5gch0WwIUZZryYr+MvYlb3fD9pVimC3EW
hyFJ2ZbI41z5Y6YAY+0rjFdm3ACqS1Hhs/qWk4a/UhsXpkeq8kyMaE4zHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEdAOZaUHu3z2FheruLEH83yb27iMB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvUjBBNWxwUWU3ZlBZV0Y2dTRzUWZ6Zkp2YnVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQ//AwQA
wiL6MA0GCSqGSIb3DQEBCwUAA4IBAQBERYZjuA611dp51jGzNAJpeWP3+HsTlhYa
8/Wg8bH0xOXZbPMf32Yk7DHR0z8FawcnwaYX2x5PN9Dy19YogDD0gfALNRHSgzrI
0JAsGPTY+h3Rrm/K0+++HVKzEbtM8e4TEKJdqjB3R7WAWai2Y4jLejQXlU4AM6rY
ASZzel1oEAXKBG4HZyq+3QappeJ1CeQLdKgUnHLflImbNvmkK0bQT+OugBFo/1X2
gC4ZWu1K+FGV+TdfC74a2CoTxtlGllH0RHu6GGvqA6mkiqmqE7Y92BRRR6sbv8qj
rpKwGD69jGQjLuon/mp+JPab2WwUeUPA5eNeY3ALvghMPDU+P/sE
-----END CERTIFICATE-----
Generated at Fri Feb 9 21:18:00 2024 by rpki-client on console-fra.rpki-client.org