Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/0fb69d-cefc-46ec-be39-85bd34bd4e5a/1/Ce8cZaxINpBfB4tYuLuyRrO4Hfo.roa
File: Ce8cZaxINpBfB4tYuLuyRrO4Hfo.roa (raw, json)
Hash identifier: LsiEm2h4bozF9dScn+WTW+DSskKvhetG7mmksM52J7k=
Subject key identifier: 09:EF:1C:65:AC:48:36:90:5F:07:8B:58:B8:BB:B2:46:B3:B8:1D:FA
Certificate issuer: /CN=74774b7b530edacf8fa73353a9014a5638949bfb
Certificate serial: 030341
Authority key identifier: 74:77:4B:7B:53:0E:DA:CF:8F:A7:33:53:A9:01:4A:56:38:94:9B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dHdLe1MO2s-PpzNTqQFKVjiUm_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/0fb69d-cefc-46ec-be39-85bd34bd4e5a/1/Ce8cZaxINpBfB4tYuLuyRrO4Hfo.roa
Signing time: Thu 05 May 2022 11:46:46 +0000
ROA not before: Thu 05 May 2022 11:46:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60118
IP address blocks: 45.87.121.0/24 maxlen: 24
45.87.120.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 197441 (0x30341)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74774b7b530edacf8fa73353a9014a5638949bfb
Validity
Not Before: May 5 11:46:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09ef1c65ac4836905f078b58b8bbb246b3b81dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:59:14:da:47:c5:2b:6b:f2:bf:0a:37:0d:9c:
03:42:66:42:63:4c:77:3d:00:c9:9e:d4:f4:c5:88:
d3:c2:16:12:06:3e:6f:52:8e:15:00:80:ba:c9:23:
69:e6:83:0f:4b:4b:58:dd:51:48:4a:85:05:07:b3:
01:7c:31:cc:80:ae:e1:50:20:97:a8:5a:eb:15:ae:
5b:fb:ec:41:ea:a9:ce:50:b2:31:f3:01:fe:e9:a1:
42:1a:3d:f3:94:d0:4b:03:77:9d:af:a0:6f:45:c6:
66:96:86:a4:8f:73:5e:d3:13:5d:4b:d5:a1:88:1e:
0f:82:ee:1e:e0:68:3d:e3:f6:65:3c:0d:45:bd:f1:
ab:c9:4a:6c:e3:a9:b1:5b:63:b3:46:ff:11:74:15:
f5:3c:3e:cb:f4:84:b4:03:1d:db:7e:0c:5f:2d:33:
26:8e:72:94:fd:15:d9:6d:73:0a:db:13:75:27:87:
b8:4d:11:e2:e7:e1:e0:6a:e9:03:34:cb:57:b3:40:
96:94:ca:c9:df:9a:a6:71:b1:03:8b:ef:37:76:51:
94:26:90:29:a5:4f:bd:6e:98:05:90:6a:6f:c9:63:
f8:da:4a:1b:08:92:b7:24:1b:a1:bc:a7:36:9c:18:
8e:fb:bf:fa:f8:b8:fd:7f:3e:4a:63:7d:b7:80:90:
21:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:EF:1C:65:AC:48:36:90:5F:07:8B:58:B8:BB:B2:46:B3:B8:1D:FA
X509v3 Authority Key Identifier:
keyid:74:77:4B:7B:53:0E:DA:CF:8F:A7:33:53:A9:01:4A:56:38:94:9B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dHdLe1MO2s-PpzNTqQFKVjiUm_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/0fb69d-cefc-46ec-be39-85bd34bd4e5a/1/Ce8cZaxINpBfB4tYuLuyRrO4Hfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/0fb69d-cefc-46ec-be39-85bd34bd4e5a/1/dHdLe1MO2s-PpzNTqQFKVjiUm_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.120.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:c7:6e:22:55:1a:8f:09:b1:86:23:da:59:2b:32:6a:50:ef:
27:b9:7b:77:1a:31:91:50:ad:81:c7:00:b3:59:2e:af:e3:41:
f9:f5:03:ef:bc:6a:94:08:d3:cd:f9:1b:c8:21:2f:ba:8f:2f:
99:09:b1:d1:b6:34:71:28:0b:43:96:08:75:04:0b:a3:e1:4e:
8c:d6:d9:74:5d:f9:07:13:36:dc:63:80:3d:eb:b6:31:63:dc:
4e:22:3b:03:e9:65:e6:c5:3e:11:27:3d:a5:0d:2a:f7:99:97:
21:74:08:74:5c:6e:40:8e:2e:0f:04:e9:eb:3f:b5:df:c0:d8:
63:87:b9:c2:b7:e3:98:26:ed:0a:09:20:02:fa:e0:43:38:1a:
9e:35:3b:0e:21:c7:da:ae:1b:b3:4d:e3:e4:9d:6b:e9:d4:98:
1e:18:0e:6d:e5:55:b4:b4:9e:64:ca:1e:32:4f:e7:54:a1:fe:
93:dc:d2:2a:76:8a:3b:f0:93:24:0c:e8:bc:4a:95:0e:81:34:
6a:cd:c1:0a:2c:2e:a0:9d:70:6a:0e:f2:f3:2c:ee:1f:c0:cd:
9e:e7:05:f1:d3:3b:c2:c3:23:44:1b:44:02:c5:67:aa:fc:24:
2b:f6:d4:78:95:62:b4:a7:6f:8c:2e:42:fa:c5:b1:84:24:b7:
60:3e:57:15
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAwNBMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc0
Nzc0YjdiNTMwZWRhY2Y4ZmE3MzM1M2E5MDE0YTU2Mzg5NDliZmIwHhcNMjIwNTA1
MTE0NjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwOWVmMWM2NWFjNDgz
NjkwNWYwNzhiNThiOGJiYjI0NmIzYjgxZGZhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsVkU2kfFK2vyvwo3DZwDQmZCY0x3PQDJntT0xYjTwhYSBj5v
Uo4VAIC6ySNp5oMPS0tY3VFISoUFB7MBfDHMgK7hUCCXqFrrFa5b++xB6qnOULIx
8wH+6aFCGj3zlNBLA3edr6BvRcZmloakj3Ne0xNdS9WhiB4Pgu4e4Gg94/ZlPA1F
vfGryUps46mxW2OzRv8RdBX1PD7L9IS0Ax3bfgxfLTMmjnKU/RXZbXMK2xN1J4e4
TRHi5+HgaukDNMtXs0CWlMrJ35qmcbEDi+83dlGUJpAppU+9bpgFkGpvyWP42kob
CJK3JBuhvKc2nBiO+7/6+Lj9fz5KY323gJAh0wIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFAnvHGWsSDaQXweLWLi7skazuB36MB8GA1UdIwQYMBaAFHR3S3tTDtrPj6cz
U6kBSlY4lJv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZEhkTGUxTU8ycy1QcHpOVHFRRktWamlVbV9zLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC82OC8wZmI2OWQtY2VmYy00NmVjLWJlMzktODViZDM0YmQ0ZTVhLzEv
Q2U4Y1pheElOcEJmQjR0WXVMdXlSck80SGZvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8w
ZmI2OWQtY2VmYy00NmVjLWJlMzktODViZDM0YmQ0ZTVhLzEvZEhkTGUxTU8ycy1Q
cHpOVHFRRktWamlVbV9zLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVd4MA0GCSqGSIb3DQEBCwUAA4IB
AQCkx24iVRqPCbGGI9pZKzJqUO8nuXt3GjGRUK2BxwCzWS6v40H59QPvvGqUCNPN
+RvIIS+6jy+ZCbHRtjRxKAtDlgh1BAuj4U6M1tl0XfkHEzbcY4A967YxY9xOIjsD
6WXmxT4RJz2lDSr3mZchdAh0XG5Aji4PBOnrP7XfwNhjh7nCt+OYJu0KCSAC+uBD
OBqeNTsOIcfarhuzTePknWvp1JgeGA5t5VW0tJ5kyh4yT+dUof6T3NIqdoo78JMk
DOi8SpUOgTRqzcEKLC6gnXBqDvLzLO4fwM2e5wXx0zvCwyNEG0QCxWeq/CQr9tR4
lWK0p2+MLkL6xbGEJLdgPlcV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:23 2024 by rpki-client on console-fra.rpki-client.org