Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/sUU5eePUeB8Qgm-aNKU0GkOcRXY.roa
File: sUU5eePUeB8Qgm-aNKU0GkOcRXY.roa (raw, json)
Hash identifier: gHW1sVbzlPtT1nCcUiEBlHItJolbltkxPFDG5CQwwzM=
Subject key identifier: B1:45:39:79:E3:D4:78:1F:10:82:6F:9A:34:A5:34:1A:43:9C:45:76
Certificate issuer: /CN=72e4baf99ab840129133285fe9ad7b83fd130c39
Certificate serial: 018CC56ED01622B4654EDEA42537EF3D86F0
Authority key identifier: 72:E4:BA:F9:9A:B8:40:12:91:33:28:5F:E9:AD:7B:83:FD:13:0C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/sUU5eePUeB8Qgm-aNKU0GkOcRXY.roa
Signing time: Mon 01 Jan 2024 14:30:22 +0000
ROA not before: Mon 01 Jan 2024 14:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212228
IP address blocks: 45.11.180.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:d0:16:22:b4:65:4e:de:a4:25:37:ef:3d:86:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e4baf99ab840129133285fe9ad7b83fd130c39
Validity
Not Before: Jan 1 14:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1453979e3d4781f10826f9a34a5341a439c4576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:44:a2:a1:8c:65:fb:d2:90:2b:15:b2:05:bd:
bc:25:cf:0c:09:1e:da:08:68:b5:28:17:02:8c:ac:
a4:b7:4e:d9:c2:68:5c:6d:79:92:db:ad:0b:40:73:
15:6f:03:f6:04:ee:4f:a2:20:3e:1e:15:79:fe:95:
50:7a:a7:12:91:76:00:95:04:a2:38:c5:1c:dc:4e:
14:a0:cc:9f:ed:2f:37:4f:93:85:78:b9:f2:30:fa:
8f:8d:6c:7a:2f:87:f4:de:7a:e5:51:6e:a5:2d:2f:
88:c5:48:50:fe:bc:3d:5e:d7:aa:9f:ef:05:8d:2d:
49:e9:e1:a4:7f:a2:e6:3d:50:87:ba:a6:a7:8b:c3:
c8:0e:34:c2:dd:b1:8d:a2:b3:5f:63:8a:c4:0e:01:
96:f4:ea:24:51:31:da:d0:29:b4:22:d3:f2:0f:8b:
3a:fd:14:7d:f6:64:74:67:08:fb:72:22:f4:b2:b5:
d7:90:4b:f0:53:4b:59:0b:be:ee:dd:56:fa:07:08:
e2:c8:9f:74:b8:ad:c4:69:ec:99:09:33:64:b7:47:
9c:d5:18:d4:eb:e5:d8:67:01:5d:ab:b3:c1:e7:11:
0b:88:de:50:20:7b:25:80:2c:83:ab:83:57:de:2d:
b4:cd:92:2f:80:3f:39:6b:8b:94:ff:5f:ac:c7:18:
eb:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:45:39:79:E3:D4:78:1F:10:82:6F:9A:34:A5:34:1A:43:9C:45:76
X509v3 Authority Key Identifier:
keyid:72:E4:BA:F9:9A:B8:40:12:91:33:28:5F:E9:AD:7B:83:FD:13:0C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/sUU5eePUeB8Qgm-aNKU0GkOcRXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/cuS6-Zq4QBKRMyhf6a17g_0TDDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.180.0/24
Signature Algorithm: sha256WithRSAEncryption
92:55:ad:e8:a5:d5:67:5e:f3:b8:b9:db:96:6c:3e:13:5e:d5:
db:83:d8:cf:e3:c7:01:5f:0f:39:71:03:e5:9d:a4:ee:d5:cf:
95:7e:f2:b1:4c:07:1b:87:a4:7e:f1:69:02:88:61:4b:7c:71:
b8:bf:9c:9f:94:9f:04:b9:c9:fb:11:1d:cb:d3:e2:11:5d:f9:
63:72:66:95:53:7e:8f:94:6a:9a:14:16:17:c8:6e:75:09:a4:
4e:04:9c:98:13:ab:5e:a2:32:78:08:2b:3b:21:67:83:0f:98:
9a:47:86:d8:1d:f0:e2:bc:e6:87:9f:06:58:bf:b3:38:ea:a1:
62:31:46:0f:fe:a4:10:a4:d3:8d:11:ad:61:a3:16:ed:64:13:
79:99:66:f0:f7:c8:aa:95:ad:4e:5f:6d:c2:0a:93:ea:42:eb:
ee:58:7c:4b:d8:61:6d:e9:23:43:8c:26:26:e5:03:fd:b3:92:
f1:2c:14:7e:d4:db:da:9c:c3:78:0d:5b:b0:f0:72:36:29:03:
d6:ec:7b:0c:a1:fd:d9:dd:6d:80:b0:1c:d9:47:41:c3:f1:c3:
91:37:fa:bd:7c:f6:2b:1e:ac:56:c9:8d:d0:28:fe:fa:30:64:
f2:0b:99:5c:38:44:7a:7b:de:82:dc:74:20:a7:fa:62:f8:c3:
b5:35:84:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbtAWIrRlTt6kJTfvPYbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTRiYWY5OWFiODQwMTI5MTMzMjg1ZmU5YWQ3YjgzZmQx
MzBjMzkwHhcNMjQwMTAxMTQzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTQ1Mzk3OWUzZDQ3ODFmMTA4MjZmOWEzNGE1MzQxYTQzOWM0NTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUSioYxl+9KQKxWyBb28Jc8MCR7a
CGi1KBcCjKykt07ZwmhcbXmS260LQHMVbwP2BO5PoiA+HhV5/pVQeqcSkXYAlQSi
OMUc3E4UoMyf7S83T5OFeLnyMPqPjWx6L4f03nrlUW6lLS+IxUhQ/rw9Xteqn+8F
jS1J6eGkf6LmPVCHuqani8PIDjTC3bGNorNfY4rEDgGW9OokUTHa0Cm0ItPyD4s6
/RR99mR0Zwj7ciL0srXXkEvwU0tZC77u3Vb6BwjiyJ90uK3EaeyZCTNkt0ec1RjU
6+XYZwFdq7PB5xELiN5QIHslgCyDq4NX3i20zZIvgD85a4uU/1+sxxjreQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLFFOXnj1HgfEIJvmjSlNBpDnEV2MB8GA1UdIwQY
MBaAFHLkuvmauEASkTMoX+mte4P9Eww5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VTNi1acTRRQktSTXloZjZhMTdnXzBURERrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82NmI3NGMtODFjMS00MTBlLTk1N2Qt
YThkNjVkY2NiOTZiLzEvc1VVNWVlUFVlQjhRZ20tYU5LVTBHa09jUlhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82NmI3NGMtODFjMS00MTBlLTk1N2QtYThkNjVkY2NiOTZi
LzEvY3VTNi1acTRRQktSTXloZjZhMTdnXzBURERrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQu0MA0G
CSqGSIb3DQEBCwUAA4IBAQCSVa3opdVnXvO4uduWbD4TXtXbg9jP48cBXw85cQPl
naTu1c+VfvKxTAcbh6R+8WkCiGFLfHG4v5yflJ8Eucn7ER3L0+IRXfljcmaVU36P
lGqaFBYXyG51CaROBJyYE6teojJ4CCs7IWeDD5iaR4bYHfDivOaHnwZYv7M46qFi
MUYP/qQQpNONEa1hoxbtZBN5mWbw98iqla1OX23CCpPqQuvuWHxL2GFt6SNDjCYm
5QP9s5LxLBR+1NvanMN4DVuw8HI2KQPW7HsMof3Z3W2AsBzZR0HD8cORN/q9fPYr
HqxWyY3QKP76MGTyC5lcOER6e96C3HQgp/pi+MO1NYRg
-----END CERTIFICATE-----
Generated at Wed Apr 10 14:01:33 2024 by rpki-client on console-fra.rpki-client.org