Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/OV_YvBVCeLNO7QDba0TM8aAX0UY.roa
File: OV_YvBVCeLNO7QDba0TM8aAX0UY.roa (raw, json)
Hash identifier: Qp83OgF+lFCH2/+BywAs2D5gnGNsv6lSdX4PG/UUGF8=
Subject key identifier: 39:5F:D8:BC:15:42:78:B3:4E:ED:00:DB:6B:44:CC:F1:A0:17:D1:46
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 01857230FDEB2CFDA325ABC0C01664D80A58
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/OV_YvBVCeLNO7QDba0TM8aAX0UY.roa
Signing time: Mon 02 Jan 2023 11:14:51 +0000
ROA not before: Mon 02 Jan 2023 11:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60591
IP address blocks: 45.135.234.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:30:fd:eb:2c:fd:a3:25:ab:c0:c0:16:64:d8:0a:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Jan 2 11:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=395fd8bc154278b34eed00db6b44ccf1a017d146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9c:b4:1e:a3:30:b0:4e:17:06:16:0b:74:0b:
01:d7:f8:03:07:92:ca:ba:e4:63:0c:20:ad:44:e4:
31:98:09:53:24:11:a9:3b:58:03:c4:fb:7e:81:9e:
da:1b:ac:37:ec:60:3e:5f:45:9b:5d:1f:c0:9a:70:
ae:d1:1d:8e:ce:d4:e5:8d:69:fc:6e:d2:4c:75:2b:
8b:04:89:46:bf:63:bf:71:ad:4c:4c:fd:d2:11:d9:
c5:f8:b1:4b:02:f1:05:9b:37:49:9a:64:63:75:00:
e4:4e:e1:d0:0a:16:a5:01:bd:99:16:ba:e7:0f:37:
ca:bc:ad:4b:21:35:d9:34:29:98:df:2c:bc:8d:40:
91:1f:c8:4b:ca:bf:33:2d:dd:4f:5f:87:96:23:98:
8a:c0:59:ce:94:3b:67:b4:c6:60:ce:3e:0b:23:74:
a0:51:55:b9:38:b9:42:54:54:5e:db:28:67:e0:8d:
4c:4f:1f:03:8b:d5:b8:0e:2c:e8:da:75:dc:34:51:
1b:28:22:fa:b5:68:68:1f:b7:88:81:6b:25:3c:75:
bc:1b:1f:b8:3f:8e:83:66:d9:2c:be:1c:97:62:3c:
e6:e5:90:de:9c:a1:e2:93:d2:c3:01:1b:21:eb:34:
5b:b4:98:91:1b:55:b2:c5:c5:35:c2:e4:a1:b4:f0:
50:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:5F:D8:BC:15:42:78:B3:4E:ED:00:DB:6B:44:CC:F1:A0:17:D1:46
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/OV_YvBVCeLNO7QDba0TM8aAX0UY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.234.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:65:e1:03:88:ad:14:7b:38:b7:d6:6d:a6:b0:9c:1f:ea:58:
b3:c6:67:b9:f3:71:75:dd:7a:00:13:e7:4a:26:c0:84:63:c4:
ad:c1:47:14:62:b1:bb:0f:4d:18:09:28:b3:7e:87:36:ec:96:
14:54:f6:e1:62:72:eb:95:7e:9b:5e:1f:50:eb:fd:cc:4f:2a:
58:82:86:4c:6d:b1:6c:d5:50:1e:04:2c:92:48:d6:72:a0:84:
3b:ca:2d:51:20:7e:e6:de:3c:e2:6b:e4:19:d3:5c:58:95:9a:
ed:2c:d4:e0:eb:b5:33:a5:61:24:95:90:f4:8c:78:9f:32:b3:
ce:2c:19:cd:8a:b9:d4:de:e9:0f:5e:68:31:95:16:20:00:7e:
24:ba:1d:1b:ca:db:22:8f:71:a0:41:57:9e:5d:2d:aa:f2:f6:
48:b4:d3:5a:3e:84:f1:90:91:c2:36:3b:e6:98:43:2c:90:78:
1f:1c:df:f3:18:49:85:ab:23:bc:a4:c0:92:7a:a0:29:a8:81:
1b:78:f9:42:09:1c:6d:5d:b0:64:02:9e:5f:3d:b6:0c:29:f2:
a0:84:5c:f6:b7:ae:9b:64:94:b8:92:7a:5a:21:f8:0d:42:4d:
7e:83:7a:6a:4b:2f:be:7d:e5:40:65:a5:f0:45:fd:e8:e9:9c:
30:11:6c:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyMP3rLP2jJavAwBZk2ApYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjMwMTAyMTExNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTVmZDhiYzE1NDI3OGIzNGVlZDAwZGI2YjQ0Y2NmMWEwMTdkMTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5y0HqMwsE4XBhYLdAsB1/gDB5LK
uuRjDCCtROQxmAlTJBGpO1gDxPt+gZ7aG6w37GA+X0WbXR/AmnCu0R2OztTljWn8
btJMdSuLBIlGv2O/ca1MTP3SEdnF+LFLAvEFmzdJmmRjdQDkTuHQChalAb2ZFrrn
DzfKvK1LITXZNCmY3yy8jUCRH8hLyr8zLd1PX4eWI5iKwFnOlDtntMZgzj4LI3Sg
UVW5OLlCVFRe2yhn4I1MTx8Di9W4Dizo2nXcNFEbKCL6tWhoH7eIgWslPHW8Gx+4
P46DZtksvhyXYjzm5ZDenKHik9LDARsh6zRbtJiRG1WyxcU1wuShtPBQmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDlf2LwVQnizTu0A22tEzPGgF9FGMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvT1ZfWXZCVkNlTE5PN1FEYmEwVE04YUFYMFVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYfqMA0G
CSqGSIb3DQEBCwUAA4IBAQB/ZeEDiK0Uezi31m2msJwf6lizxme583F13XoAE+dK
JsCEY8StwUcUYrG7D00YCSizfoc27JYUVPbhYnLrlX6bXh9Q6/3MTypYgoZMbbFs
1VAeBCySSNZyoIQ7yi1RIH7m3jzia+QZ01xYlZrtLNTg67UzpWEklZD0jHifMrPO
LBnNirnU3ukPXmgxlRYgAH4kuh0bytsij3GgQVeeXS2q8vZItNNaPoTxkJHCNjvm
mEMskHgfHN/zGEmFqyO8pMCSeqApqIEbePlCCRxtXbBkAp5fPbYMKfKghFz2t66b
ZJS4knpaIfgNQk1+g3pqSy++feVAZaXwRf3o6ZwwEWzL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:02 2024 by rpki-client on console-fra.rpki-client.org