Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/CWSKtr2LF7u-7EdtA1R6MpNYRBg.roa
File: CWSKtr2LF7u-7EdtA1R6MpNYRBg.roa (raw, json)
Hash identifier: ijboqqQ0KKnHZkq5O5SHYeAS9LBnEhIsrc7AT3Jm04A=
Subject key identifier: 09:64:8A:B6:BD:8B:17:BB:BE:EC:47:6D:03:54:7A:32:93:58:44:18
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 059C1270
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/CWSKtr2LF7u-7EdtA1R6MpNYRBg.roa
Signing time: Sun 26 Jun 2022 09:17:08 +0000
ROA not before: Sun 26 Jun 2022 09:17:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51295
IP address blocks: 45.153.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94114416 (0x59c1270)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: Jun 26 09:17:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09648ab6bd8b17bbbeec476d03547a3293584418
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:01:af:fe:47:f7:12:d0:e7:4d:80:d7:bf:18:
ab:cd:e2:3d:13:d5:14:ba:7e:a6:74:99:bb:b8:77:
0c:f2:4b:b6:09:4a:20:e4:9e:ee:f2:f0:28:05:20:
40:c6:72:58:3f:cb:38:f7:d2:d2:98:89:cf:b7:60:
5b:c1:9d:82:83:0e:52:8b:d6:43:9c:eb:a2:da:a8:
17:82:9f:8c:ff:72:bd:4c:b6:b9:72:aa:49:b7:7b:
c8:bb:c3:67:db:52:5b:a9:1f:34:42:60:5d:d4:2b:
a4:4d:83:0c:f7:27:e4:0c:56:f7:53:39:79:bc:62:
ac:3e:dc:f0:b0:fb:49:4c:78:8f:75:25:13:d0:89:
5d:c2:9c:74:cf:28:c6:8a:b9:f4:bf:f9:19:da:3c:
db:76:3e:1f:fa:6e:56:fa:cb:d2:d9:c1:31:b2:5d:
cf:b7:87:a3:2a:c1:f1:e0:15:b0:ba:a2:f7:22:f1:
5e:c3:a3:a3:08:ac:27:d2:5b:8b:56:58:35:2c:33:
4f:8e:bd:35:27:34:cd:93:86:5e:93:c5:f1:79:c5:
aa:01:0e:32:56:62:b3:b1:52:77:56:81:10:21:a5:
63:0a:b1:e6:3e:1b:be:af:7a:13:e2:ed:fb:90:4e:
dc:c6:cb:31:22:78:16:3d:09:ed:04:77:fd:f2:fd:
e5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:64:8A:B6:BD:8B:17:BB:BE:EC:47:6D:03:54:7A:32:93:58:44:18
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/CWSKtr2LF7u-7EdtA1R6MpNYRBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.89.0/24
Signature Algorithm: sha256WithRSAEncryption
80:be:96:d4:45:04:1a:f5:e1:e2:d5:b2:22:9a:92:18:99:35:
f9:fb:10:b8:d3:81:cb:85:ed:a8:c0:01:73:b5:38:93:8b:75:
f8:2b:00:9d:0f:2b:05:37:15:ea:12:69:b7:6c:c2:9e:21:f9:
eb:4f:41:fa:f1:5a:76:3c:1d:4d:11:54:37:59:94:9f:4e:b1:
cd:aa:c4:fc:aa:66:e0:66:0c:6a:e1:0a:85:49:53:bf:f9:b8:
c0:83:64:ff:74:cb:2a:f3:87:30:fd:93:bd:b8:52:39:54:09:
38:b2:ad:3a:37:b1:8f:0d:7f:31:3a:27:cc:97:6f:9c:26:0c:
e1:e6:3e:33:3a:2f:70:c5:e9:51:b8:b3:aa:40:cb:1c:03:11:
5d:d6:a1:0e:0d:09:50:23:e4:82:a8:d8:8b:38:79:0f:af:b5:
15:cb:89:6c:e8:ee:9c:ea:59:7d:f5:2e:92:4c:5c:16:1b:81:
c0:ce:9b:26:57:85:7b:62:ae:ea:f3:1c:c1:29:3b:63:f8:ca:
a3:58:9e:85:62:d6:57:96:30:62:60:c7:67:07:de:de:c7:af:
e3:bb:36:52:d9:aa:4c:fc:fc:22:cf:77:56:d1:02:c0:57:63:
58:02:ac:89:bc:78:a3:b4:cd:ed:f7:c1:60:e8:f7:8e:df:39:
6b:67:4c:5f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBZwScDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTgyNDdkM2Y4MTQ3MmRiYmEwNmRiZWE5YmQxOWM3ODVkMThiYWJlMB4XDTIyMDYy
NjA5MTcwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDk2NDhhYjZiZDhi
MTdiYmJlZWM0NzZkMDM1NDdhMzI5MzU4NDQxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN4Br/5H9xLQ502A178Yq83iPRPVFLp+pnSZu7h3DPJLtglK
IOSe7vLwKAUgQMZyWD/LOPfS0piJz7dgW8GdgoMOUovWQ5zrotqoF4KfjP9yvUy2
uXKqSbd7yLvDZ9tSW6kfNEJgXdQrpE2DDPcn5AxW91M5ebxirD7c8LD7SUx4j3Ul
E9CJXcKcdM8oxoq59L/5Gdo823Y+H/puVvrL0tnBMbJdz7eHoyrB8eAVsLqi9yLx
XsOjowisJ9Jbi1ZYNSwzT469NSc0zZOGXpPF8XnFqgEOMlZis7FSd1aBECGlYwqx
5j4bvq96E+Lt+5BO3MbLMSJ4Fj0J7QR3/fL95QsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQJZIq2vYsXu77sR20DVHoyk1hEGDAfBgNVHSMEGDAWgBTZgkfT+BRy27oG
2+qb0Zx4XRi6vjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJZSkgwX2dVY3R1NkJ0dnFtOUdjZUYwWXVyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvNmRiYzk5LWJmYTktNGVmNy1hNzk4LWEzMDMyNjE1NjYwYy8x
L0NXU0t0cjJMRjd1LTdFZHRBMVI2TXBOWVJCZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
NmRiYzk5LWJmYTktNGVmNy1hNzk4LWEzMDMyNjE1NjYwYy8xLzJZSkgwX2dVY3R1
NkJ0dnFtOUdjZUYwWXVyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2ZWTANBgkqhkiG9w0BAQsFAAOC
AQEAgL6W1EUEGvXh4tWyIpqSGJk1+fsQuNOBy4XtqMABc7U4k4t1+CsAnQ8rBTcV
6hJpt2zCniH5609B+vFadjwdTRFUN1mUn06xzarE/Kpm4GYMauEKhUlTv/m4wINk
/3TLKvOHMP2TvbhSOVQJOLKtOjexjw1/MTonzJdvnCYM4eY+MzovcMXpUbizqkDL
HAMRXdahDg0JUCPkgqjYizh5D6+1FcuJbOjunOpZffUukkxcFhuBwM6bJleFe2Ku
6vMcwSk7Y/jKo1iehWLWV5YwYmDHZwfe3sev47s2UtmqTPz8Is93VtECwFdjWAKs
ibx4o7TN7ffBYOj3jt85a2dMXw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:00 2023 by rpki-client on console-ams.rpki-client.org