Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/RZVfQvi8RVHg7YSaZEz9J1AcRbY.roa
File: RZVfQvi8RVHg7YSaZEz9J1AcRbY.roa (raw, json)
Hash identifier: ht5hwXpg1wWH6PTUbqRC6qYVGZRKh7BwbuH3oUQtCBc=
Subject key identifier: 45:95:5F:42:F8:BC:45:51:E0:ED:84:9A:64:4C:FD:27:50:1C:45:B6
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 018DA79E3D2474AE4EDAC7E2203231D16C6E
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/RZVfQvi8RVHg7YSaZEz9J1AcRbY.roa
Signing time: Wed 14 Feb 2024 12:36:21 +0000
ROA not before: Wed 14 Feb 2024 12:36:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 45.90.44.0/24 maxlen: 24
45.90.47.0/24 maxlen: 24
45.128.130.0/23 maxlen: 23
46.149.174.0/24 maxlen: 24
62.204.32.0/24 maxlen: 24
185.253.2.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a7:9e:3d:24:74:ae:4e:da:c7:e2:20:32:31:d1:6c:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Feb 14 12:36:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45955f42f8bc4551e0ed849a644cfd27501c45b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6e:76:af:be:9a:d5:ff:9f:b6:d6:34:a1:5b:
23:e9:01:7c:e6:77:0a:22:a8:24:05:12:c1:d7:b0:
1b:6e:8d:7a:66:33:9a:da:7e:d8:af:89:a2:6c:a7:
90:59:10:e4:57:b5:4b:81:c9:92:74:b5:47:67:a4:
2a:74:6c:3c:43:58:b9:eb:23:11:60:c0:10:13:8a:
a3:f4:b6:45:13:7c:8b:22:cc:25:12:31:f8:ce:b3:
ac:40:12:93:7e:8f:4d:12:ba:b0:ed:90:04:b7:36:
09:a2:96:51:9c:5a:bd:ea:32:e7:7f:2e:63:61:b9:
73:f8:8c:01:61:24:41:50:98:38:32:a7:09:53:0b:
aa:b6:20:f8:89:cf:61:b6:9d:3a:35:19:ce:0a:ae:
30:e3:e6:d2:9a:ab:fa:0f:2e:db:56:f4:be:f5:27:
81:67:93:f0:1e:80:25:c6:f8:bd:bf:48:cd:71:1f:
a5:29:3b:18:56:57:9a:61:56:c8:16:b8:ce:00:0f:
90:0f:d7:78:1b:95:6e:d5:88:9c:41:65:a3:e2:f7:
b8:37:c3:8c:8d:ff:0c:32:ae:aa:f9:1b:86:f7:29:
14:1d:72:ce:9c:3c:9e:52:d4:f3:4c:36:6d:81:1b:
dd:8c:0a:67:d6:56:f4:f2:c2:eb:be:ef:83:74:2b:
c1:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:95:5F:42:F8:BC:45:51:E0:ED:84:9A:64:4C:FD:27:50:1C:45:B6
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/RZVfQvi8RVHg7YSaZEz9J1AcRbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.44.0/24
45.90.47.0/24
45.128.130.0/23
46.149.174.0/24
62.204.32.0/24
185.253.2.0/24
Signature Algorithm: sha256WithRSAEncryption
52:48:02:ee:10:48:a3:ef:f9:4b:ed:a5:5d:6b:fe:9b:f3:3d:
ba:c5:50:9f:c8:5d:ed:65:98:bb:21:72:78:99:be:81:8b:38:
e8:6b:23:2b:1f:34:99:e0:77:51:03:28:1a:d6:b5:cd:b5:12:
5e:f2:98:5f:e9:15:91:41:30:f0:ef:8f:c4:81:85:6c:c7:8f:
62:5c:99:85:8b:f7:28:da:6f:f4:5c:d5:b8:4d:cf:00:79:a7:
40:19:ef:88:88:46:fc:40:0a:8e:0b:98:c0:07:c1:f7:2a:23:
3d:7c:36:cc:80:c0:e5:fb:91:ce:a4:5e:77:1d:77:8f:d9:b9:
c5:03:c6:46:6e:b7:b0:93:1b:9a:7c:d9:2f:0f:a2:3a:56:d7:
1a:15:82:5d:af:77:ac:d1:ac:6e:30:0f:ca:ec:11:2a:2b:76:
3f:33:f3:e2:89:a4:90:83:56:1a:14:63:a4:e2:cd:06:bb:2d:
6d:bd:d8:62:ce:66:c8:10:b6:c2:d0:47:7a:20:eb:36:a7:32:
7c:16:ec:cc:e7:57:9c:fa:28:7d:1c:45:28:fb:0e:60:bb:97:
25:1a:4f:35:ea:e6:7b:a5:1a:7c:67:c3:94:d8:58:5c:95:a4:
04:e9:8f:49:c4:55:b5:6c:50:33:55:1a:83:af:d3:8c:5f:cb:
3e:3d:d0:1c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY2nnj0kdK5O2sfiIDIx0WxuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQwMjE0MTIzNjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTk1NWY0MmY4YmM0NTUxZTBlZDg0OWE2NDRjZmQyNzUwMWM0NWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyG52r76a1f+fttY0oVsj6QF85ncK
IqgkBRLB17Abbo16ZjOa2n7Yr4mibKeQWRDkV7VLgcmSdLVHZ6QqdGw8Q1i56yMR
YMAQE4qj9LZFE3yLIswlEjH4zrOsQBKTfo9NErqw7ZAEtzYJopZRnFq96jLnfy5j
Yblz+IwBYSRBUJg4MqcJUwuqtiD4ic9htp06NRnOCq4w4+bSmqv6Dy7bVvS+9SeB
Z5PwHoAlxvi9v0jNcR+lKTsYVleaYVbIFrjOAA+QD9d4G5Vu1YicQWWj4ve4N8OM
jf8MMq6q+RuG9ykUHXLOnDyeUtTzTDZtgRvdjApn1lb08sLrvu+DdCvBywIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEWVX0L4vEVR4O2EmmRM/SdQHEW2MB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvUlpWZlF2aThSVkhnN1lTYVpFejlKMUFjUmJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVosAwQA
LVovAwQBLYCCAwQALpWuAwQAPswgAwQAuf0CMA0GCSqGSIb3DQEBCwUAA4IBAQBS
SALuEEij7/lL7aVda/6b8z26xVCfyF3tZZi7IXJ4mb6BizjoayMrHzSZ4HdRAyga
1rXNtRJe8phf6RWRQTDw74/EgYVsx49iXJmFi/co2m/0XNW4Tc8AeadAGe+IiEb8
QAqOC5jAB8H3KiM9fDbMgMDl+5HOpF53HXeP2bnFA8ZGbrewkxuafNkvD6I6Vtca
FYJdr3es0axuMA/K7BEqK3Y/M/PiiaSQg1YaFGOk4s0Guy1tvdhizmbIELbC0Ed6
IOs2pzJ8FuzM51ec+ih9HEUo+w5gu5clGk816uZ7pRp8Z8OU2FhclaQE6Y9JxFW1
bFAzVRqDr9OMX8s+PdAc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:55 2024 by rpki-client on console-ams.rpki-client.org