Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/BOLnZrg9Rb2fDPVW8iocobZHwSk.roa
File: BOLnZrg9Rb2fDPVW8iocobZHwSk.roa (raw, json)
Hash identifier: 9EESXHnO9N7TBR0btzHMEs4o7iN8h4oq6sfR7hDLhAI=
Subject key identifier: 04:E2:E7:66:B8:3D:45:BD:9F:0C:F5:56:F2:2A:1C:A1:B6:47:C1:29
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D553C47074E30DF5BB95A339B358E9
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/BOLnZrg9Rb2fDPVW8iocobZHwSk.roa
Signing time: Mon 02 Jan 2023 04:55:06 +0000
ROA not before: Mon 02 Jan 2023 04:55:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35278
IP address blocks: 45.91.8.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:53:c4:70:74:e3:0d:f5:bb:95:a3:39:b3:58:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04e2e766b83d45bd9f0cf556f22a1ca1b647c129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ba:c7:46:dd:a3:6b:34:b5:1c:0f:b5:f4:65:
59:03:38:d9:28:94:8e:ad:01:9c:28:81:09:10:34:
f8:d7:93:d4:07:d4:00:a7:ab:4c:35:4f:e6:57:94:
8e:5f:44:ba:87:98:4d:54:8d:1e:3c:53:44:14:42:
79:14:ff:69:a7:1f:6b:09:32:32:f6:bf:3c:c1:5b:
1a:cf:d2:db:60:ba:af:09:6d:3b:4f:2b:e1:e2:3a:
0f:27:48:5b:8a:5b:a6:92:51:0c:b1:94:bd:ff:f8:
67:94:26:f7:36:36:bc:bc:6b:ab:2f:60:ed:e0:a4:
b5:30:a6:9e:ce:1b:9d:9b:af:33:f4:4d:6e:6a:bd:
73:c9:66:4b:1c:06:62:bc:cb:eb:1a:5d:ab:9a:4a:
5c:e6:a0:3e:7b:d9:33:1d:76:b8:16:fd:2e:87:21:
70:ab:81:45:41:9a:84:ca:3e:46:c1:b6:d1:81:07:
44:9d:05:62:19:4c:fb:e9:98:11:e5:b8:31:4b:65:
83:45:75:02:aa:7e:e2:bd:63:8f:ca:34:6f:ee:b3:
06:f1:9e:8f:93:ef:4b:d6:55:a8:96:d5:d8:40:b2:
9e:0b:08:da:34:d6:ee:fd:60:50:55:ad:3d:bb:40:
d5:9e:ac:c3:70:b4:e3:f4:77:7c:4d:f9:e7:2c:54:
1a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E2:E7:66:B8:3D:45:BD:9F:0C:F5:56:F2:2A:1C:A1:B6:47:C1:29
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/BOLnZrg9Rb2fDPVW8iocobZHwSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.8.0/24
Signature Algorithm: sha256WithRSAEncryption
29:c5:ce:53:50:c4:fa:1c:86:4a:bd:44:19:d1:e1:ba:9d:cd:
fd:c8:83:8d:47:57:85:a4:60:ed:2b:e0:5a:f9:8f:08:20:f0:
41:4b:ae:51:9f:cd:18:85:42:92:bb:7d:c9:f7:53:d0:5f:67:
95:49:ee:77:88:79:59:1c:36:c9:e6:75:2f:5f:89:f3:99:f1:
0e:38:95:a6:31:5c:c3:00:d2:d7:09:4b:4e:83:61:b3:03:07:
95:3a:b2:25:74:d5:84:ea:f5:04:b8:b8:3d:54:b8:6e:db:5d:
d9:4c:59:aa:ba:94:7d:30:8d:5b:6e:b6:49:94:f7:dd:2d:ee:
cf:91:b1:45:21:fd:30:d1:18:bc:82:af:14:f2:f1:76:a7:b8:
80:e2:b9:3d:d9:09:d7:a2:6f:92:f0:cd:51:d2:a1:ab:b5:04:
3d:f0:0c:b0:a9:45:9f:c5:50:36:be:b9:9d:93:92:74:74:38:
93:f9:c2:ac:d7:f6:47:d9:db:43:b3:01:dd:09:03:59:e9:2f:
ff:be:ab:35:24:6f:7c:c5:89:a0:cd:b1:71:59:d7:e2:64:0a:
c1:0c:13:81:fb:68:87:77:2b:f9:d1:12:ea:90:3c:87:1c:03:
ff:b8:bf:b7:c5:be:4d:04:59:68:dd:bc:33:f8:a5:0c:74:72:
c1:26:4c:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1VPEcHTjDfW7laM5s1jpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGUyZTc2NmI4M2Q0NWJkOWYwY2Y1NTZmMjJhMWNhMWI2NDdjMTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbrHRt2jazS1HA+19GVZAzjZKJSO
rQGcKIEJEDT415PUB9QAp6tMNU/mV5SOX0S6h5hNVI0ePFNEFEJ5FP9ppx9rCTIy
9r88wVsaz9LbYLqvCW07Tyvh4joPJ0hbilumklEMsZS9//hnlCb3Nja8vGurL2Dt
4KS1MKaezhudm68z9E1uar1zyWZLHAZivMvrGl2rmkpc5qA+e9kzHXa4Fv0uhyFw
q4FFQZqEyj5GwbbRgQdEnQViGUz76ZgR5bgxS2WDRXUCqn7ivWOPyjRv7rMG8Z6P
k+9L1lWoltXYQLKeCwjaNNbu/WBQVa09u0DVnqzDcLTj9Hd8TfnnLFQacwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFATi52a4PUW9nwz1VvIqHKG2R8EpMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvQk9MblpyZzlSYjJmRFBWVzhpb2NvYlpId1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVsIMA0G
CSqGSIb3DQEBCwUAA4IBAQApxc5TUMT6HIZKvUQZ0eG6nc39yIONR1eFpGDtK+Ba
+Y8IIPBBS65Rn80YhUKSu33J91PQX2eVSe53iHlZHDbJ5nUvX4nzmfEOOJWmMVzD
ANLXCUtOg2GzAweVOrIldNWE6vUEuLg9VLhu213ZTFmqupR9MI1bbrZJlPfdLe7P
kbFFIf0w0Ri8gq8U8vF2p7iA4rk92QnXom+S8M1R0qGrtQQ98AywqUWfxVA2vrmd
k5J0dDiT+cKs1/ZH2dtDswHdCQNZ6S//vqs1JG98xYmgzbFxWdfiZArBDBOB+2iH
dyv50RLqkDyHHAP/uL+3xb5NBFlo3bwz+KUMdHLBJkx0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org