Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/x24I_aJObbX4VBdOuLlf9IkEbT4.roa
File: x24I_aJObbX4VBdOuLlf9IkEbT4.roa (raw, json)
Hash identifier: LfFJjrStDPBwMjf+vyo5uTdieI8JpKRRc8CQPu8IuzA=
Subject key identifier: C7:6E:08:FD:A2:4E:6D:B5:F8:54:17:4E:B8:B9:5F:F4:89:04:6D:3E
Certificate issuer: /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial: 018D8E990217A5A34FA0D991E63058C34B0E
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/x24I_aJObbX4VBdOuLlf9IkEbT4.roa
Signing time: Fri 09 Feb 2024 16:00:08 +0000
ROA not before: Fri 09 Feb 2024 16:00:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 45.15.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8e:99:02:17:a5:a3:4f:a0:d9:91:e6:30:58:c3:4b:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
Validity
Not Before: Feb 9 16:00:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c76e08fda24e6db5f854174eb8b95ff489046d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:28:39:6c:02:48:c6:d5:27:1d:67:e3:12:15:
cb:04:30:3a:7e:23:51:c3:b1:61:e4:c5:ca:95:3f:
96:a8:51:6a:b4:8b:79:76:3d:35:8b:fc:22:d3:40:
1a:4e:fc:b6:54:1b:5a:de:75:79:52:da:49:f9:5d:
5a:1e:3d:ea:2e:38:4b:0d:46:95:5f:ca:37:f9:18:
6b:24:ae:3f:cc:3c:2f:e0:91:60:fb:e9:c3:ce:f7:
83:cb:7c:79:8e:3e:e2:39:a0:a1:de:36:98:43:cb:
43:c6:75:b5:29:12:b9:37:2c:81:5c:00:87:e3:ae:
d9:bd:88:4e:b4:36:18:49:66:c9:0b:07:83:64:e1:
d8:6c:03:16:5d:b7:ad:ff:10:29:56:e0:e3:fe:44:
04:44:cb:d5:3d:c5:aa:69:5d:d8:13:13:0d:c3:ea:
db:fc:f3:51:98:e6:d8:64:e6:bb:a8:52:51:be:bc:
a2:8e:40:bd:d1:d2:78:99:e9:89:1f:a5:bd:ab:15:
57:9c:cb:30:83:ae:70:6d:37:77:b8:07:30:85:63:
41:59:fb:80:8d:66:e9:68:e5:e5:63:b9:82:b0:a9:
38:ac:2c:86:15:21:2c:86:72:3f:22:0e:3d:cb:b9:
ba:4a:1c:c7:99:1f:9f:7c:d1:4c:6e:91:95:1c:d6:
23:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:6E:08:FD:A2:4E:6D:B5:F8:54:17:4E:B8:B9:5F:F4:89:04:6D:3E
X509v3 Authority Key Identifier:
keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/x24I_aJObbX4VBdOuLlf9IkEbT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.255.0/24
Signature Algorithm: sha256WithRSAEncryption
66:a8:7c:4e:6c:32:51:3e:b7:cc:89:4e:b5:8f:b6:2e:fb:55:
79:96:c0:8d:54:a5:4c:53:e1:1c:e9:5a:be:b5:d8:24:4c:61:
c4:c3:e9:47:82:1e:e2:79:35:0a:93:56:74:3f:39:99:58:52:
cd:80:ae:95:45:eb:1d:54:ab:69:cc:4d:0a:9e:43:73:8e:90:
3a:7a:98:c7:73:f1:88:e1:03:e4:20:7e:f8:e2:4c:68:4e:a2:
42:e5:a2:d8:73:67:72:ff:30:9d:b4:ad:8d:e5:d7:e4:a2:83:
0c:f9:5d:ac:3b:68:25:f5:9f:ee:b7:36:62:91:06:b8:b5:74:
9a:76:00:63:2c:11:7f:fa:e8:32:b5:37:4f:1b:cf:6f:a6:38:
69:ac:55:cc:ff:b0:4c:45:46:54:09:c2:1f:1d:cf:0f:29:a9:
50:13:ad:de:a5:c5:53:26:53:e1:2e:93:bd:da:b8:af:7b:cf:
72:e8:e8:12:ce:e6:48:b5:a0:0a:11:81:36:47:df:19:a5:44:
7b:5e:62:f0:2e:75:59:e7:a3:ce:35:bf:d6:04:e4:7d:94:0b:
fd:e1:07:05:3d:01:3d:5a:ce:be:5a:e2:41:e7:0e:68:f2:f0:
86:11:f1:64:f0:6a:f7:cd:fd:3c:f3:37:ba:d3:ff:b7:1c:1e:
22:b3:ef:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2OmQIXpaNPoNmR5jBYw0sOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjQwMjA5MTYwMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzZlMDhmZGEyNGU2ZGI1Zjg1NDE3NGViOGI5NWZmNDg5MDQ2ZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCg5bAJIxtUnHWfjEhXLBDA6fiNR
w7Fh5MXKlT+WqFFqtIt5dj01i/wi00AaTvy2VBta3nV5UtpJ+V1aHj3qLjhLDUaV
X8o3+RhrJK4/zDwv4JFg++nDzveDy3x5jj7iOaCh3jaYQ8tDxnW1KRK5NyyBXACH
467ZvYhOtDYYSWbJCweDZOHYbAMWXbet/xApVuDj/kQERMvVPcWqaV3YExMNw+rb
/PNRmObYZOa7qFJRvryijkC90dJ4memJH6W9qxVXnMswg65wbTd3uAcwhWNBWfuA
jWbpaOXlY7mCsKk4rCyGFSEshnI/Ig49y7m6ShzHmR+ffNFMbpGVHNYjlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMduCP2iTm21+FQXTri5X/SJBG0+MB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEveDI0SV9hSk9iYlg0VkJkT3VMbGY5SWtFYlQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ//MA0G
CSqGSIb3DQEBCwUAA4IBAQBmqHxObDJRPrfMiU61j7Yu+1V5lsCNVKVMU+Ec6Vq+
tdgkTGHEw+lHgh7ieTUKk1Z0PzmZWFLNgK6VResdVKtpzE0KnkNzjpA6epjHc/GI
4QPkIH744kxoTqJC5aLYc2dy/zCdtK2N5dfkooMM+V2sO2gl9Z/utzZikQa4tXSa
dgBjLBF/+ugytTdPG89vpjhprFXM/7BMRUZUCcIfHc8PKalQE63epcVTJlPhLpO9
2rive89y6OgSzuZItaAKEYE2R98ZpUR7XmLwLnVZ56PONb/WBOR9lAv94QcFPQE9
Ws6+WuJB5w5o8vCGEfFk8Gr3zf088ze60/+3HB4is+9R
-----END CERTIFICATE-----
Generated at Mon Sep 9 09:22:36 2024 by rpki-client on console-fra.rpki-client.org