Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/MjyxJcoqn8YfYmxO5S4itdnw4D8.roa
File: MjyxJcoqn8YfYmxO5S4itdnw4D8.roa (raw, json)
Hash identifier: w2yPBlEF8zSJeYw+Hb7UmU2bR2I7C4IJwuF97gFmTOc=
Subject key identifier: 32:3C:B1:25:CA:2A:9F:C6:1F:62:6C:4E:E5:2E:22:B5:D9:F0:E0:3F
Certificate issuer: /CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Certificate serial: 01907880B38A40A7828990163D9054AC3EA1
Authority key identifier: 42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/MjyxJcoqn8YfYmxO5S4itdnw4D8.roa
Signing time: Wed 03 Jul 2024 12:10:18 +0000
ROA not before: Wed 03 Jul 2024 12:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199752
IP address blocks: 45.113.236.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:78:80:b3:8a:40:a7:82:89:90:16:3d:90:54:ac:3e:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Validity
Not Before: Jul 3 12:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=323cb125ca2a9fc61f626c4ee52e22b5d9f0e03f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:42:e7:5a:69:12:72:9a:0c:e2:a2:6f:d3:3f:
1c:35:10:5e:5b:af:bd:46:a1:79:60:54:c8:99:a3:
be:96:3a:6e:dd:26:ed:ec:45:0e:cd:a9:15:65:66:
9a:ce:f7:b2:eb:7c:01:aa:f0:b6:5c:3d:5e:d7:58:
c4:c0:61:93:7c:ae:0a:01:3a:f1:0f:ea:e5:2f:95:
8d:6b:03:54:38:93:ac:cb:34:e7:6a:f9:a8:8f:6a:
01:40:9b:00:04:a9:7b:73:88:6a:e7:6e:25:61:d3:
09:ba:9e:95:6e:ab:15:73:6e:73:51:88:80:df:e7:
d7:65:7f:a0:42:3b:b8:4b:c1:04:66:85:e0:b5:c5:
a0:61:42:f2:b4:3d:63:e2:4c:09:a9:5e:85:b8:03:
d4:05:70:20:09:cc:68:02:a2:48:5d:e5:de:34:53:
56:7d:ae:d0:2d:b6:de:21:64:4c:de:e4:f9:eb:13:
df:fd:36:93:d8:f1:5b:4d:45:f5:f2:95:28:48:a2:
6d:95:0d:41:99:f6:40:ba:a2:6f:aa:59:32:da:16:
39:3a:7c:b0:9d:68:fe:a9:5c:2c:d0:74:13:a8:f6:
e4:47:e5:f8:ac:de:49:76:69:72:04:ea:65:fa:63:
75:fd:be:f6:e8:fa:4f:ae:75:2a:a2:a4:db:3a:d4:
cf:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:3C:B1:25:CA:2A:9F:C6:1F:62:6C:4E:E5:2E:22:B5:D9:F0:E0:3F
X509v3 Authority Key Identifier:
keyid:42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/MjyxJcoqn8YfYmxO5S4itdnw4D8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/QpK12ktP_q9yBklRj7qqEMXLKBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.113.236.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:d4:e8:4c:fd:1f:4c:cf:79:cb:55:03:87:bd:c1:f9:3c:84:
a4:f8:a0:2a:73:e8:a9:0e:c1:41:40:8d:73:10:e2:71:98:62:
6b:9b:8f:7b:92:d9:8f:a8:93:55:75:e0:33:71:f1:1b:fa:b9:
55:dc:03:12:e7:01:9b:23:fb:9c:3e:3b:12:fa:b2:b1:17:28:
80:ad:c2:8c:58:7d:3e:c5:00:07:59:1a:9e:62:af:6e:ff:05:
bc:95:a7:98:52:bb:9e:1a:ec:cc:00:53:5c:7d:39:8c:68:81:
1c:a2:f6:40:70:ab:1d:56:3a:ca:52:2a:d6:55:73:fb:02:a2:
ae:f4:b7:4e:c0:7b:8d:bf:11:a2:13:69:cc:90:71:07:23:38:
e3:fe:67:d1:af:a3:a3:04:46:89:71:fc:e6:1a:73:d6:d6:d0:
a7:46:9c:94:80:da:4c:18:17:d3:c0:20:c9:4c:1f:80:a7:8a:
13:5f:be:c0:f2:ed:2a:01:17:fa:8d:75:60:57:6e:02:a5:09:
f7:1a:47:04:14:b4:78:9b:54:3b:4e:ea:49:2d:8d:e6:d0:4b:
3a:ae:b3:2e:f7:e9:cd:cd:a6:0f:31:bb:da:f5:d3:0c:5d:af:
90:75:74:c3:2f:5d:19:35:9a:87:bd:13:d1:8e:5d:3a:df:c8:
31:5a:b8:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZB4gLOKQKeCiZAWPZBUrD6hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTJiNWRhNGI0ZmZlYWY3MjA2NDk1MThmYmFhYTEwYzVj
YjI4MTEwHhcNMjQwNzAzMTIxMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjNjYjEyNWNhMmE5ZmM2MWY2MjZjNGVlNTJlMjJiNWQ5ZjBlMDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkLnWmkScpoM4qJv0z8cNRBeW6+9
RqF5YFTImaO+ljpu3Sbt7EUOzakVZWaazvey63wBqvC2XD1e11jEwGGTfK4KATrx
D+rlL5WNawNUOJOsyzTnavmoj2oBQJsABKl7c4hq524lYdMJup6VbqsVc25zUYiA
3+fXZX+gQju4S8EEZoXgtcWgYULytD1j4kwJqV6FuAPUBXAgCcxoAqJIXeXeNFNW
fa7QLbbeIWRM3uT56xPf/TaT2PFbTUX18pUoSKJtlQ1BmfZAuqJvqlky2hY5Onyw
nWj+qVws0HQTqPbkR+X4rN5JdmlyBOpl+mN1/b726PpPrnUqoqTbOtTPpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDI8sSXKKp/GH2JsTuUuIrXZ8OA/MB8GA1UdIwQY
MBaAFEKStdpLT/6vcgZJUY+6qhDFyygRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3Yzct
YTA0M2UxYjY3Yjk0LzEvTWp5eEpjb3FuOFlmWW14TzVTNGl0ZG53NEQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3YzctYTA0M2UxYjY3Yjk0
LzEvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALXHsMA0G
CSqGSIb3DQEBCwUAA4IBAQCM1OhM/R9Mz3nLVQOHvcH5PISk+KAqc+ipDsFBQI1z
EOJxmGJrm497ktmPqJNVdeAzcfEb+rlV3AMS5wGbI/ucPjsS+rKxFyiArcKMWH0+
xQAHWRqeYq9u/wW8laeYUrueGuzMAFNcfTmMaIEcovZAcKsdVjrKUirWVXP7AqKu
9LdOwHuNvxGiE2nMkHEHIzjj/mfRr6OjBEaJcfzmGnPW1tCnRpyUgNpMGBfTwCDJ
TB+Ap4oTX77A8u0qARf6jXVgV24CpQn3GkcEFLR4m1Q7TupJLY3m0Es6rrMu9+nN
zaYPMbva9dMMXa+QdXTDL10ZNZqHvRPRjl0638gxWrgr
-----END CERTIFICATE-----
Generated at Tue Jul 9 10:17:55 2024 by rpki-client on console-fra.rpki-client.org