Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/sGLA4rQnKfHDci8U9JYzWXtHjb8.roa
File: sGLA4rQnKfHDci8U9JYzWXtHjb8.roa (raw, json)
Hash identifier: a0W0Hy0jWSnqaN9agmBOMlDnfXmiO7JwqstALMJGGWI=
Subject key identifier: B0:62:C0:E2:B4:27:29:F1:C3:72:2F:14:F4:96:33:59:7B:47:8D:BF
Certificate issuer: /CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Certificate serial: 0185B0B40E3C8AEA3C14DBA28C96C02A1A29
Authority key identifier: 42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/sGLA4rQnKfHDci8U9JYzWXtHjb8.roa
Signing time: Sat 14 Jan 2023 14:34:28 +0000
ROA not before: Sat 14 Jan 2023 14:34:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44103
IP address blocks: 45.113.236.0/23 maxlen: 32
27.123.244.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b0:b4:0e:3c:8a:ea:3c:14:db:a2:8c:96:c0:2a:1a:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4292b5da4b4ffeaf720649518fbaaa10c5cb2811
Validity
Not Before: Jan 14 14:34:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b062c0e2b42729f1c3722f14f49633597b478dbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:26:5c:38:24:76:d4:ed:5f:2c:b6:e5:fe:d1:
d3:83:ca:ba:76:9f:f6:d2:19:58:a0:93:bc:12:c7:
42:b1:68:29:53:c9:f5:ec:77:c0:df:c5:d1:ac:c9:
f6:1c:66:e3:73:d3:6d:4a:90:be:d2:b6:18:28:26:
59:77:70:dd:8e:52:3b:a8:11:67:a6:23:6b:f4:d5:
ac:dd:8b:26:7a:36:fe:32:43:71:5a:d7:c6:15:4f:
48:22:9e:f8:5d:29:44:92:e1:a1:eb:a0:7e:6d:e5:
00:42:5c:ef:5b:50:1d:1d:71:e0:d0:11:23:5a:56:
31:e5:1e:35:ae:11:4f:c6:34:c5:a8:aa:45:19:9d:
59:83:53:71:33:0f:0d:a9:5f:15:50:8a:cb:d9:d0:
54:db:1b:ea:ee:5d:e1:42:a5:23:66:eb:4a:9d:79:
91:ba:67:d6:4d:33:96:aa:9a:43:90:1c:5d:29:c9:
14:8e:83:8c:9c:f4:5c:96:a4:a4:d6:75:ea:16:4c:
f6:9e:3c:ef:4f:ca:a2:2d:5c:58:63:65:85:e7:de:
49:02:19:e1:d9:5e:09:4c:e8:da:37:2c:4a:00:ba:
8f:b4:30:e9:aa:db:4c:14:aa:1a:86:8a:e1:ee:4e:
74:5f:f4:a8:5e:2d:a3:a2:35:e0:f7:e1:6f:af:a0:
3c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:62:C0:E2:B4:27:29:F1:C3:72:2F:14:F4:96:33:59:7B:47:8D:BF
X509v3 Authority Key Identifier:
keyid:42:92:B5:DA:4B:4F:FE:AF:72:06:49:51:8F:BA:AA:10:C5:CB:28:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpK12ktP_q9yBklRj7qqEMXLKBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/sGLA4rQnKfHDci8U9JYzWXtHjb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4522fb-c1da-4ccc-a7c7-a043e1b67b94/1/QpK12ktP_q9yBklRj7qqEMXLKBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.123.244.0/22
45.113.236.0/23
Signature Algorithm: sha256WithRSAEncryption
24:85:57:d3:37:b8:71:16:8c:a8:fb:47:10:92:0a:80:12:52:
00:90:52:7b:b2:7c:63:90:20:a1:e5:a6:32:60:28:31:68:ae:
9f:63:45:98:5b:b5:55:b2:0e:e4:5f:53:44:48:39:9d:21:1b:
2d:fb:29:58:bc:8b:cf:37:2c:a7:f2:08:ee:c7:3b:87:72:a1:
a3:9c:c7:e8:be:7d:6b:8a:03:b2:dd:39:f4:e2:5c:4f:86:b8:
30:04:f2:9a:1d:a9:a6:60:5a:00:af:2b:eb:2e:52:f7:3b:0e:
bd:4d:9b:68:03:7a:72:aa:7f:29:fe:a0:99:77:d3:c5:8e:bb:
12:a1:6f:eb:4f:83:8b:9c:0e:4b:92:71:07:5c:3c:42:b7:67:
a5:5f:72:4a:15:96:a2:8d:fb:74:41:89:75:d8:78:34:cc:72:
73:5a:94:c1:5a:d1:27:ff:e5:ad:06:d8:ac:30:47:fe:79:0b:
cc:f9:cc:ef:01:ca:a6:95:9f:64:39:e6:85:da:66:02:e1:e6:
ad:3d:2a:8a:ad:b5:ac:df:4f:fb:43:78:bc:3b:2b:04:4c:01:
eb:b6:6e:b5:5a:55:20:a2:27:24:06:5a:b3:e6:4d:7f:42:4b:
d3:0e:89:de:e8:2c:71:98:d1:49:e5:29:92:36:02:cb:e6:33:
51:22:c7:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWwtA48iuo8FNuijJbAKhopMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTJiNWRhNGI0ZmZlYWY3MjA2NDk1MThmYmFhYTEwYzVj
YjI4MTEwHhcNMjMwMTE0MTQzNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDYyYzBlMmI0MjcyOWYxYzM3MjJmMTRmNDk2MzM1OTdiNDc4ZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyZcOCR21O1fLLbl/tHTg8q6dp/2
0hlYoJO8EsdCsWgpU8n17HfA38XRrMn2HGbjc9NtSpC+0rYYKCZZd3DdjlI7qBFn
piNr9NWs3Ysmejb+MkNxWtfGFU9IIp74XSlEkuGh66B+beUAQlzvW1AdHXHg0BEj
WlYx5R41rhFPxjTFqKpFGZ1Zg1NxMw8NqV8VUIrL2dBU2xvq7l3hQqUjZutKnXmR
umfWTTOWqppDkBxdKckUjoOMnPRclqSk1nXqFkz2njzvT8qiLVxYY2WF595JAhnh
2V4JTOjaNyxKALqPtDDpqttMFKoahorh7k50X/SoXi2jojXg9+Fvr6A83wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLBiwOK0Jynxw3IvFPSWM1l7R42/MB8GA1UdIwQY
MBaAFEKStdpLT/6vcgZJUY+6qhDFyygRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3Yzct
YTA0M2UxYjY3Yjk0LzEvc0dMQTRyUW5LZkhEY2k4VTlKWXpXWHRIamI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80NTIyZmItYzFkYS00Y2NjLWE3YzctYTA0M2UxYjY3Yjk0
LzEvUXBLMTJrdFBfcTl5QmtsUmo3cXFFTVhMS0JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCG3v0AwQB
LXHsMA0GCSqGSIb3DQEBCwUAA4IBAQAkhVfTN7hxFoyo+0cQkgqAElIAkFJ7snxj
kCCh5aYyYCgxaK6fY0WYW7VVsg7kX1NESDmdIRst+ylYvIvPNyyn8gjuxzuHcqGj
nMfovn1rigOy3Tn04lxPhrgwBPKaHammYFoAryvrLlL3Ow69TZtoA3pyqn8p/qCZ
d9PFjrsSoW/rT4OLnA5LknEHXDxCt2elX3JKFZaijft0QYl12Hg0zHJzWpTBWtEn
/+WtBtisMEf+eQvM+czvAcqmlZ9kOeaF2mYC4eatPSqKrbWs30/7Q3i8OysETAHr
tm61WlUgoickBlqz5k1/QkvTDone6CxxmNFJ5SmSNgLL5jNRIser
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:15 2024 by rpki-client on console-ams.rpki-client.org