Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/L93jf7DX3XHPLmKWe-7v4G6cZZo.roa
File: L93jf7DX3XHPLmKWe-7v4G6cZZo.roa (raw, json)
Hash identifier: GSAm0eQ+GpD2EgEf/qu0BqSC3j+FWQXw3grZE4iTGgQ=
Subject key identifier: 2F:DD:E3:7F:B0:D7:DD:71:CF:2E:62:96:7B:EE:EF:E0:6E:9C:65:9A
Certificate issuer: /CN=2864bb34fb5d16ca9d1fa3f9794cb48d4bed8473
Certificate serial: 059312FC
Authority key identifier: 28:64:BB:34:FB:5D:16:CA:9D:1F:A3:F9:79:4C:B4:8D:4B:ED:84:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KGS7NPtdFsqdH6P5eUy0jUvthHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/L93jf7DX3XHPLmKWe-7v4G6cZZo.roa
Signing time: Wed 26 Jan 2022 09:20:23 +0000
ROA not before: Wed 26 Jan 2022 09:20:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 45.11.68.0/24 maxlen: 24
45.11.68.0/22 maxlen: 22
45.11.70.0/24 maxlen: 24
45.131.16.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93524732 (0x59312fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2864bb34fb5d16ca9d1fa3f9794cb48d4bed8473
Validity
Not Before: Jan 26 09:20:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2fdde37fb0d7dd71cf2e62967beeefe06e9c659a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c5:04:71:1b:ce:ce:b4:73:f1:4f:fc:e2:b4:
ac:c2:64:0c:45:1e:3a:6e:06:8d:c5:cc:0b:1b:bc:
8d:fc:16:0d:b2:8c:2e:95:dd:8a:8a:27:79:3a:8c:
24:e3:6a:75:e1:98:72:44:ac:be:b0:12:0f:d6:42:
f2:87:aa:c8:df:dc:9a:05:f6:2a:d7:10:5e:44:cf:
78:ff:7a:e4:4f:31:7f:3d:41:4b:0d:68:a9:a4:b1:
63:8e:80:91:35:db:8c:df:fe:4d:7f:5c:d4:2c:43:
8d:74:18:8c:70:fa:91:a0:a1:9a:6e:93:84:17:93:
7f:7f:c6:e3:a7:8a:e9:21:9e:35:7e:e8:74:62:35:
66:b6:06:6a:22:a4:91:a6:d6:32:41:f9:72:62:06:
e5:a5:e6:57:21:be:2f:ba:9f:4a:42:2a:b6:36:a5:
a4:b0:dd:53:c0:91:87:c2:bc:01:55:91:69:63:d8:
0f:30:c1:27:03:7c:b9:02:4f:0b:4e:68:5c:ce:f7:
5f:34:4e:44:fc:3a:b7:80:f8:2a:f8:48:cb:9e:68:
ce:ed:59:41:de:33:f1:91:dc:66:f6:8f:66:45:4b:
c9:77:0b:f0:ae:8b:69:17:3a:cc:64:ee:40:ce:13:
4f:9c:7b:66:e6:a8:52:2c:0f:c2:4b:c6:be:5a:c6:
47:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:DD:E3:7F:B0:D7:DD:71:CF:2E:62:96:7B:EE:EF:E0:6E:9C:65:9A
X509v3 Authority Key Identifier:
keyid:28:64:BB:34:FB:5D:16:CA:9D:1F:A3:F9:79:4C:B4:8D:4B:ED:84:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGS7NPtdFsqdH6P5eUy0jUvthHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/L93jf7DX3XHPLmKWe-7v4G6cZZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/KGS7NPtdFsqdH6P5eUy0jUvthHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.68.0/22
45.131.16.0/22
Signature Algorithm: sha256WithRSAEncryption
18:8b:22:35:92:02:f6:00:71:66:00:b9:60:75:18:7e:ac:69:
7a:1e:43:85:8a:64:1e:8d:83:23:94:cb:4f:cc:ec:c1:51:ce:
74:ee:dd:b7:96:25:91:51:92:f5:97:9e:d6:7a:68:7d:6f:d1:
3f:d5:54:ab:cb:df:59:bd:34:b9:43:66:13:9c:ad:49:0d:a1:
d7:c0:bf:28:b7:93:26:03:98:d4:bc:24:f3:c4:35:76:8c:2a:
40:9a:f6:91:39:e0:d1:21:80:25:98:d0:12:36:43:9d:12:63:
ab:ba:2a:49:e6:fa:25:85:07:ee:f0:c4:cb:eb:ca:be:6f:34:
3b:5c:cd:c2:56:0a:bd:4e:6d:55:90:0e:ba:f9:35:9e:9d:b4:
71:9d:3a:1e:0c:47:79:28:9c:d4:40:e1:c0:f7:60:46:af:43:
76:5f:07:41:e1:fe:5a:63:c6:00:ee:6b:14:53:37:10:c5:c9:
51:ad:b8:10:77:b0:90:69:d9:19:38:4f:08:d7:4a:6b:01:79:
9a:63:93:3b:f8:1d:85:0c:84:a0:c6:ac:cf:da:2a:c2:d6:f7:
17:84:f4:04:7c:44:6a:6e:73:44:8b:3d:4e:5f:65:3c:53:15:
6d:33:cc:2f:24:d0:a6:83:50:74:5f:72:a9:24:c8:a9:dc:90:
1f:fe:53:f1
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBZMS/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODY0YmIzNGZiNWQxNmNhOWQxZmEzZjk3OTRjYjQ4ZDRiZWQ4NDczMB4XDTIyMDEy
NjA5MjAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmZkZGUzN2ZiMGQ3
ZGQ3MWNmMmU2Mjk2N2JlZWVmZTA2ZTljNjU5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/FBHEbzs60c/FP/OK0rMJkDEUeOm4GjcXMCxu8jfwWDbKM
LpXdiooneTqMJONqdeGYckSsvrASD9ZC8oeqyN/cmgX2KtcQXkTPeP965E8xfz1B
Sw1oqaSxY46AkTXbjN/+TX9c1CxDjXQYjHD6kaChmm6ThBeTf3/G46eK6SGeNX7o
dGI1ZrYGaiKkkabWMkH5cmIG5aXmVyG+L7qfSkIqtjalpLDdU8CRh8K8AVWRaWPY
DzDBJwN8uQJPC05oXM73XzRORPw6t4D4KvhIy55ozu1ZQd4z8ZHcZvaPZkVLyXcL
8K6LaRc6zGTuQM4TT5x7ZuaoUiwPwkvGvlrGR4MCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQv3eN/sNfdcc8uYpZ77u/gbpxlmjAfBgNVHSMEGDAWgBQoZLs0+10Wyp0f
o/l5TLSNS+2EczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tHUzdOUHRkRnNxZEg2UDVlVXkwalV2dGhITS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvNDdmNDQ1LTVlYTktNDM3ZC1hNTlhLTU5MDBhNTk0N2I4ZC8x
L0w5M2pmN0RYM1hIUExtS1dlLTd2NEc2Y1paby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
NDdmNDQ1LTVlYTktNDM3ZC1hNTlhLTU5MDBhNTk0N2I4ZC8xL0tHUzdOUHRkRnNx
ZEg2UDVlVXkwalV2dGhITS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi0LRAMEAi2DEDANBgkqhkiG9w0B
AQsFAAOCAQEAGIsiNZIC9gBxZgC5YHUYfqxpeh5DhYpkHo2DI5TLT8zswVHOdO7d
t5YlkVGS9Zee1npofW/RP9VUq8vfWb00uUNmE5ytSQ2h18C/KLeTJgOY1Lwk88Q1
dowqQJr2kTng0SGAJZjQEjZDnRJjq7oqSeb6JYUH7vDEy+vKvm80O1zNwlYKvU5t
VZAOuvk1np20cZ06HgxHeSic1EDhwPdgRq9Ddl8HQeH+WmPGAO5rFFM3EMXJUa24
EHewkGnZGThPCNdKawF5mmOTO/gdhQyEoMasz9oqwtb3F4T0BHxEam5zRIs9Tl9l
PFMVbTPMLyTQpoNQdF9yqSTIqdyQH/5T8Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:02 2023 by rpki-client on console-ams.rpki-client.org