Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/qvikn5ZgxWf37NDNFyW827JdsB0.roa
File: qvikn5ZgxWf37NDNFyW827JdsB0.roa (raw, json)
Hash identifier: gZKXg0tNqz0GBg5HvV+KAPlunSMRGHgC5oYaa40zouQ=
Subject key identifier: AA:F8:A4:9F:96:60:C5:67:F7:EC:D0:CD:17:25:BC:DB:B2:5D:B0:1D
Certificate issuer: /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial: 018D8E9902A3346ED681E3D518A835761E55
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/qvikn5ZgxWf37NDNFyW827JdsB0.roa
Signing time: Fri 09 Feb 2024 16:00:08 +0000
ROA not before: Fri 09 Feb 2024 16:00:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 45.93.12.0/24 maxlen: 24
45.93.14.0/24 maxlen: 24
45.93.15.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8e:99:02:a3:34:6e:d6:81:e3:d5:18:a8:35:76:1e:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
Validity
Not Before: Feb 9 16:00:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aaf8a49f9660c567f7ecd0cd1725bcdbb25db01d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7e:b0:e6:c6:56:23:fb:86:33:fe:4e:ce:8d:
14:96:53:6c:fd:09:cf:25:11:09:2c:16:13:4e:d5:
b0:20:e0:c5:b8:23:fa:c1:8c:6b:a9:e6:31:30:c6:
07:4f:60:65:d8:51:bc:62:b7:88:64:44:1f:4f:10:
9b:1f:35:4b:cb:c8:44:48:53:60:7a:e6:64:6e:d1:
80:8c:2b:e3:d9:7c:f6:a3:73:9b:d0:fd:dd:97:e0:
4b:6f:85:d9:58:6f:95:90:27:69:7e:1b:5f:47:89:
6d:07:69:cf:35:27:2f:5a:f9:c0:07:ea:74:9c:c5:
22:64:68:ca:fc:04:fe:9b:1b:0a:2a:74:4e:40:32:
c3:db:b4:b9:26:13:98:09:61:8e:94:85:66:18:28:
35:55:ab:5a:3a:66:43:b7:a9:c6:46:70:a3:b1:38:
cf:8e:0b:5a:91:6a:42:77:e9:38:e1:60:0d:c9:78:
e3:cd:3b:45:aa:bf:48:7c:57:9f:fb:4e:b4:59:37:
05:05:cf:d7:92:96:a8:50:a2:b2:5d:05:33:c1:49:
18:54:56:7d:ce:65:45:72:ee:bf:27:d9:3a:f1:8c:
a5:59:67:6c:00:dd:f0:21:02:d2:9c:16:f4:79:8c:
25:ee:ea:63:17:57:64:27:79:db:d7:68:5a:c5:19:
85:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:F8:A4:9F:96:60:C5:67:F7:EC:D0:CD:17:25:BC:DB:B2:5D:B0:1D
X509v3 Authority Key Identifier:
keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/qvikn5ZgxWf37NDNFyW827JdsB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.12.0/24
45.93.14.0/23
Signature Algorithm: sha256WithRSAEncryption
67:a5:af:6e:13:c6:f2:d3:89:c3:2a:5f:86:f1:63:8c:89:56:
24:b4:75:65:36:a3:02:2e:74:81:2b:08:53:cb:db:8b:d9:e2:
b0:f8:85:70:ce:cb:54:9b:63:9e:d4:9a:1f:5c:c9:20:9a:71:
02:74:c1:dd:5e:b8:94:72:92:90:e1:b0:48:7a:8c:8b:6d:83:
3f:ad:83:8d:b1:6a:9f:1f:92:9d:e8:91:b1:45:3b:5b:91:2a:
69:f3:92:ee:f0:98:0c:cc:95:cc:c4:18:6c:0b:2e:50:76:24:
e9:74:c2:00:7d:a7:ad:9a:63:e0:3c:bf:3a:fc:86:1d:5e:d7:
9d:8f:15:40:a6:65:68:1a:b3:d6:72:b9:56:2b:56:36:8b:cc:
3f:6e:22:d8:51:91:ad:b9:6d:54:63:b8:48:82:ac:47:4d:7d:
21:64:15:d7:6d:b3:44:70:d8:c0:13:e6:d8:d1:de:7a:53:94:
20:fb:98:fa:96:d5:a3:73:f3:4b:ee:63:cf:42:02:83:0e:c7:
65:e9:83:19:84:f0:61:42:4f:38:cf:58:af:02:37:24:9a:b2:
77:47:6a:86:4e:c4:f7:19:e9:11:59:09:d6:cc:db:02:39:b5:
e5:14:a3:a9:b3:10:22:4d:9b:30:7e:cb:af:28:1a:e1:15:0f:
2e:29:0a:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2OmQKjNG7WgePVGKg1dh5VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjQwMjA5MTYwMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWY4YTQ5Zjk2NjBjNTY3ZjdlY2QwY2QxNzI1YmNkYmIyNWRiMDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmH6w5sZWI/uGM/5Ozo0UllNs/QnP
JREJLBYTTtWwIODFuCP6wYxrqeYxMMYHT2Bl2FG8YreIZEQfTxCbHzVLy8hESFNg
euZkbtGAjCvj2Xz2o3Ob0P3dl+BLb4XZWG+VkCdpfhtfR4ltB2nPNScvWvnAB+p0
nMUiZGjK/AT+mxsKKnROQDLD27S5JhOYCWGOlIVmGCg1VataOmZDt6nGRnCjsTjP
jgtakWpCd+k44WANyXjjzTtFqr9IfFef+060WTcFBc/XkpaoUKKyXQUzwUkYVFZ9
zmVFcu6/J9k68YylWWdsAN3wIQLSnBb0eYwl7upjF1dkJ3nb12haxRmF2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKr4pJ+WYMVn9+zQzRclvNuyXbAdMB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvcXZpa241Wmd4V2YzN05ETkZ5VzgyN0pkc0IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALV0MAwQB
LV0OMA0GCSqGSIb3DQEBCwUAA4IBAQBnpa9uE8by04nDKl+G8WOMiVYktHVlNqMC
LnSBKwhTy9uL2eKw+IVwzstUm2Oe1JofXMkgmnECdMHdXriUcpKQ4bBIeoyLbYM/
rYONsWqfH5Kd6JGxRTtbkSpp85Lu8JgMzJXMxBhsCy5QdiTpdMIAfaetmmPgPL86
/IYdXtedjxVApmVoGrPWcrlWK1Y2i8w/biLYUZGtuW1UY7hIgqxHTX0hZBXXbbNE
cNjAE+bY0d56U5Qg+5j6ltWjc/NL7mPPQgKDDsdl6YMZhPBhQk84z1ivAjckmrJ3
R2qGTsT3GekRWQnWzNsCObXlFKOpsxAiTZswfsuvKBrhFQ8uKQqY
-----END CERTIFICATE-----
Generated at Mon Sep 9 09:22:36 2024 by rpki-client on console-fra.rpki-client.org