Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/KixqFT2CS3CjzcycHadyAELdG0c.roa
File: KixqFT2CS3CjzcycHadyAELdG0c.roa (raw, json)
Hash identifier: nNnP+7oc2g19t5oXn4kZJ16abrovlA/zDYBF6CuXV7M=
Subject key identifier: 2A:2C:6A:15:3D:82:4B:70:A3:CD:CC:9C:1D:A7:72:00:42:DD:1B:47
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 0189AC0AF772E45BD16F6640A3C857B643D7
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/KixqFT2CS3CjzcycHadyAELdG0c.roa
Signing time: Mon 31 Jul 2023 13:02:27 +0000
ROA not before: Mon 31 Jul 2023 13:02:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201364
IP address blocks: 185.77.3.0/24 maxlen: 24
45.10.56.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ac:0a:f7:72:e4:5b:d1:6f:66:40:a3:c8:57:b6:43:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Jul 31 13:02:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a2c6a153d824b70a3cdcc9c1da7720042dd1b47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d2:dd:3e:20:80:c4:93:7b:39:71:b2:4e:c4:
b0:8f:93:06:e8:93:6c:de:a5:a7:9f:ab:61:bc:31:
51:40:7a:9c:8e:20:03:63:07:2d:6b:fb:02:34:67:
e5:35:9a:d6:a9:b6:00:6a:50:40:33:1e:76:2f:bf:
50:10:52:e3:72:f4:0f:37:9c:39:bd:75:92:45:1d:
0e:dd:aa:5a:f7:62:56:98:ef:a2:df:88:61:49:59:
d9:72:32:78:6c:51:f6:24:27:7a:6f:70:ac:ce:78:
4d:c7:0f:cb:31:3f:c1:25:d8:45:b4:f7:87:d5:03:
47:78:49:63:c0:fa:56:44:45:2c:23:7a:09:08:17:
76:b7:04:fc:2a:02:86:45:46:30:28:6d:94:7c:77:
34:1f:95:99:71:45:72:b4:9c:31:c0:c1:35:c6:8c:
05:7e:e1:f1:70:bc:ec:d7:db:aa:19:89:fa:5f:fd:
1a:52:8e:2b:27:17:bb:ec:85:76:69:c4:aa:fa:6e:
e9:6c:07:1d:2b:45:d2:71:2b:c6:88:75:4a:d6:d9:
99:79:aa:89:fc:31:3e:92:4c:2f:58:87:2b:22:d0:
a9:e0:56:e5:c2:c6:10:28:8d:f6:b6:b7:be:06:00:
1b:b8:12:32:6e:f1:ac:ef:a8:23:81:e7:29:f4:01:
88:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:2C:6A:15:3D:82:4B:70:A3:CD:CC:9C:1D:A7:72:00:42:DD:1B:47
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/KixqFT2CS3CjzcycHadyAELdG0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.56.0/24
185.77.3.0/24
Signature Algorithm: sha256WithRSAEncryption
76:0c:53:c1:b4:bd:e8:d7:4f:a2:c4:c8:e8:48:4e:68:50:3c:
47:bf:10:12:52:18:2c:c6:ea:1b:73:a0:10:ad:44:4a:5b:31:
d4:c8:7c:28:57:3d:b5:a7:38:44:aa:db:2f:0e:89:b8:9d:45:
8a:6a:7b:36:c5:ce:96:35:3c:b1:49:a0:93:60:4e:b3:c4:69:
93:50:14:15:18:48:34:17:ac:6e:07:e3:f9:61:c9:78:89:1b:
87:b6:95:52:2d:16:ba:4a:d4:a3:92:71:c3:6f:1e:29:38:06:
3a:43:f4:ed:d0:92:c6:23:d8:e8:61:b9:ae:e6:00:5b:fa:e8:
91:b5:15:be:86:7d:26:67:5c:63:fa:57:f9:e2:f0:9f:81:23:
47:a5:bd:e8:7b:b2:63:b7:b1:72:17:dc:ff:3b:59:ca:29:c6:
d2:cb:54:17:0c:6d:5f:b8:ca:46:ba:8a:58:95:31:b8:86:3e:
50:cb:63:f5:fd:73:13:5c:44:44:54:38:96:65:a7:04:2e:cf:
c4:7e:55:bb:84:0e:5a:f9:ab:d2:dd:42:26:a7:e8:73:ae:9a:
6f:2b:1d:a5:4f:68:37:ae:9a:93:a5:b0:19:b9:6e:01:7a:3d:
1c:15:5f:13:c5:d1:a9:13:9f:d0:0f:1d:74:da:2f:43:d0:f6:
33:18:e8:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmsCvdy5FvRb2ZAo8hXtkPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjMwNzMxMTMwMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTJjNmExNTNkODI0YjcwYTNjZGNjOWMxZGE3NzIwMDQyZGQxYjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9LdPiCAxJN7OXGyTsSwj5MG6JNs
3qWnn6thvDFRQHqcjiADYwcta/sCNGflNZrWqbYAalBAMx52L79QEFLjcvQPN5w5
vXWSRR0O3apa92JWmO+i34hhSVnZcjJ4bFH2JCd6b3CsznhNxw/LMT/BJdhFtPeH
1QNHeEljwPpWREUsI3oJCBd2twT8KgKGRUYwKG2UfHc0H5WZcUVytJwxwME1xowF
fuHxcLzs19uqGYn6X/0aUo4rJxe77IV2acSq+m7pbAcdK0XScSvGiHVK1tmZeaqJ
/DE+kkwvWIcrItCp4FblwsYQKI32tre+BgAbuBIybvGs76gjgecp9AGIYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCosahU9gktwo83MnB2ncgBC3RtHMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvS2l4cUZUMkNTM0NqemN5Y0hhZHlBRUxkRzBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQo4AwQA
uU0DMA0GCSqGSIb3DQEBCwUAA4IBAQB2DFPBtL3o10+ixMjoSE5oUDxHvxASUhgs
xuobc6AQrURKWzHUyHwoVz21pzhEqtsvDom4nUWKans2xc6WNTyxSaCTYE6zxGmT
UBQVGEg0F6xuB+P5Ycl4iRuHtpVSLRa6StSjknHDbx4pOAY6Q/Tt0JLGI9joYbmu
5gBb+uiRtRW+hn0mZ1xj+lf54vCfgSNHpb3oe7Jjt7FyF9z/O1nKKcbSy1QXDG1f
uMpGuopYlTG4hj5Qy2P1/XMTXEREVDiWZacELs/EflW7hA5a+avS3UImp+hzrppv
Kx2lT2g3rpqTpbAZuW4Bej0cFV8TxdGpE5/QDx102i9D0PYzGOgk
-----END CERTIFICATE-----
Generated at Wed Sep 13 15:04:51 2023 by rpki-client on console-ams.rpki-client.org