Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/ZbZbcSBOlNl2P1Py5Bi4jUh8Nvg.roa
File: ZbZbcSBOlNl2P1Py5Bi4jUh8Nvg.roa (raw, json)
Hash identifier: oMg1ObqXAsL0WidEZmNIMS+C+JDYPBbfbbT0AmpGX88=
Subject key identifier: 65:B6:5B:71:20:4E:94:D9:76:3F:53:F2:E4:18:B8:8D:48:7C:36:F8
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 018CC26D088C4291C7C5F10C07B332DE1554
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/ZbZbcSBOlNl2P1Py5Bi4jUh8Nvg.roa
Signing time: Mon 01 Jan 2024 00:29:34 +0000
ROA not before: Mon 01 Jan 2024 00:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 45.128.129.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:08:8c:42:91:c7:c5:f1:0c:07:b3:32:de:15:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Jan 1 00:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65b65b71204e94d9763f53f2e418b88d487c36f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:27:87:b8:25:e7:52:c8:fc:ea:e0:77:66:32:
49:df:a8:dd:6e:ac:7a:fd:6f:b5:b3:c1:b5:42:eb:
c7:08:fc:4e:ea:a7:2c:5f:8b:c6:8f:29:8a:3d:aa:
90:7e:72:df:5d:48:c4:7c:d5:a9:91:88:39:5d:ca:
88:e7:ef:a6:84:54:56:97:dd:d2:17:f7:f5:90:d4:
60:f6:15:05:fa:a5:e1:fb:12:9f:ca:49:ea:83:45:
13:75:48:f8:30:14:95:4a:33:23:1e:9d:b9:ae:40:
a1:63:85:c3:29:85:2d:b3:a5:8d:8d:2e:18:3c:69:
6d:46:b6:5b:6b:c7:80:b6:69:69:aa:ce:65:bc:25:
a1:df:f1:ca:81:cb:79:2c:91:08:93:8d:13:23:d2:
46:57:27:f9:fc:8d:12:23:16:a5:26:3e:34:2c:f2:
24:8c:c2:8b:8b:7d:6f:2c:f0:fe:a1:f2:bd:64:73:
f8:2a:3b:74:1b:ef:f0:64:66:d4:75:c0:b9:e4:88:
af:71:1d:9f:29:05:86:a1:ec:e3:8f:14:d8:84:a3:
23:fc:49:af:08:a1:75:8e:80:78:24:f6:b5:a5:d5:
ef:c8:ba:11:22:b6:e9:bc:7f:2e:3d:0f:66:af:d8:
22:97:b3:09:05:96:6b:ff:69:73:a4:ff:93:ca:dc:
c3:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:B6:5B:71:20:4E:94:D9:76:3F:53:F2:E4:18:B8:8D:48:7C:36:F8
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/ZbZbcSBOlNl2P1Py5Bi4jUh8Nvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:7a:5c:22:89:fb:98:82:64:0f:4b:21:c4:6c:e4:09:8e:5a:
d0:14:e9:bf:38:91:43:40:22:57:94:e2:79:b0:55:2b:75:c6:
b8:67:52:b1:9b:89:29:86:e9:a6:c3:59:11:68:c2:79:01:f8:
57:a0:1f:9b:7d:4b:40:a5:46:1e:4d:d5:15:ea:1e:89:a2:09:
94:1e:d2:e8:f5:e7:f1:02:58:2e:d3:9c:04:a6:5b:dc:2e:85:
02:ca:bd:c0:0f:48:22:3d:48:06:26:70:68:f6:fb:c9:fb:34:
55:10:01:4a:7d:3b:bc:f6:bc:cf:00:fe:ca:83:0d:29:da:99:
fd:f7:75:82:42:3e:40:99:6d:39:78:f0:33:ba:93:9f:e5:13:
8e:fc:ae:64:60:3b:0e:8f:6f:dc:e8:1c:e7:49:52:e1:81:9d:
d3:64:10:46:21:51:da:f3:55:cb:fa:75:b1:59:37:56:bc:4e:
b0:82:5a:03:fa:b8:a9:74:55:90:12:6b:a9:15:35:0a:44:4f:
3e:1a:91:19:63:fc:e5:ac:ed:0e:5f:08:62:d8:c4:4e:eb:12:
35:c1:ca:5f:63:4c:18:8f:2a:d5:55:dc:86:96:ae:39:9f:5f:
12:dc:3e:06:67:e5:42:1c:ec:99:8f:b1:59:a0:ed:1e:19:f9:
40:eb:ea:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbQiMQpHHxfEMB7My3hVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQwMTAxMDAyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWI2NWI3MTIwNGU5NGQ5NzYzZjUzZjJlNDE4Yjg4ZDQ4N2MzNmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuieHuCXnUsj86uB3ZjJJ36jdbqx6
/W+1s8G1QuvHCPxO6qcsX4vGjymKPaqQfnLfXUjEfNWpkYg5XcqI5++mhFRWl93S
F/f1kNRg9hUF+qXh+xKfyknqg0UTdUj4MBSVSjMjHp25rkChY4XDKYUts6WNjS4Y
PGltRrZba8eAtmlpqs5lvCWh3/HKgct5LJEIk40TI9JGVyf5/I0SIxalJj40LPIk
jMKLi31vLPD+ofK9ZHP4Kjt0G+/wZGbUdcC55IivcR2fKQWGoezjjxTYhKMj/Emv
CKF1joB4JPa1pdXvyLoRIrbpvH8uPQ9mr9gil7MJBZZr/2lzpP+TytzDZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGW2W3EgTpTZdj9T8uQYuI1IfDb4MB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvWmJaYmNTQk9sTmwyUDFQeTVCaTRqVWg4TnZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYCBMA0G
CSqGSIb3DQEBCwUAA4IBAQC5elwiifuYgmQPSyHEbOQJjlrQFOm/OJFDQCJXlOJ5
sFUrdca4Z1Kxm4kphummw1kRaMJ5AfhXoB+bfUtApUYeTdUV6h6JogmUHtLo9efx
Algu05wEplvcLoUCyr3AD0giPUgGJnBo9vvJ+zRVEAFKfTu89rzPAP7Kgw0p2pn9
93WCQj5AmW05ePAzupOf5ROO/K5kYDsOj2/c6BznSVLhgZ3TZBBGIVHa81XL+nWx
WTdWvE6wgloD+ripdFWQEmupFTUKRE8+GpEZY/zlrO0OXwhi2MRO6xI1wcpfY0wY
jyrVVdyGlq45n18S3D4GZ+VCHOyZj7FZoO0eGflA6+pp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:55 2024 by rpki-client on console-ams.rpki-client.org