Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/LTZMEEZHxHZ5KCjki2vpgWbmo_o.roa
File: LTZMEEZHxHZ5KCjki2vpgWbmo_o.roa (raw, json)
Hash identifier: eFIAS0RZgbqYa2ePJXK4iCFq7kH1QzbPRQbvbqLj7Zs=
Subject key identifier: 2D:36:4C:10:46:47:C4:76:79:28:28:E4:8B:6B:E9:81:66:E6:A3:FA
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 03FEAA79
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/LTZMEEZHxHZ5KCjki2vpgWbmo_o.roa
Signing time: Sat 01 Jan 2022 13:54:42 +0000
ROA not before: Sat 01 Jan 2022 13:54:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29119
IP address blocks: 45.153.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67021433 (0x3feaa79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: Jan 1 13:54:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d364c104647c476792828e48b6be98166e6a3fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:91:7d:fb:81:c1:b5:71:a8:41:a8:a3:69:a4:
bd:bc:6b:69:99:bb:f3:c8:fa:8d:12:82:a3:7a:52:
5c:ef:f6:25:c4:3c:aa:72:04:f7:67:fe:fb:e7:57:
17:19:06:12:50:44:ca:0a:1a:e6:66:a7:a5:92:14:
34:6f:91:11:f5:c0:db:df:02:39:24:f8:a1:82:b9:
fc:82:5c:0f:d1:93:b6:84:07:97:bf:f6:14:93:ad:
98:cd:f5:a7:e1:bc:79:77:b5:1b:06:4b:1e:56:c4:
1b:30:a6:65:03:fa:04:6b:08:12:46:a9:bd:7e:4c:
5c:e5:43:d4:20:e9:59:9d:b5:76:3b:e0:55:0b:a5:
14:0c:1b:ab:1f:de:b7:b3:52:4d:4c:b4:94:5b:20:
f5:69:06:ca:6c:b3:f7:b5:3a:78:ed:ec:e7:00:e8:
29:a9:fe:f9:6c:cd:fe:68:9b:e3:2b:22:c2:97:5b:
af:27:16:3e:15:d3:80:3d:3b:83:ab:94:e7:af:65:
48:8c:ff:02:39:96:a7:86:eb:33:f9:03:df:b6:9b:
27:b1:01:df:e5:9b:fb:d6:1e:a0:8b:60:49:bc:4a:
25:0f:43:e9:3e:c4:95:81:69:e2:7f:e9:e4:ea:d1:
e3:34:67:95:46:38:e9:fd:a8:08:6b:54:d5:a8:4a:
87:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:36:4C:10:46:47:C4:76:79:28:28:E4:8B:6B:E9:81:66:E6:A3:FA
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/LTZMEEZHxHZ5KCjki2vpgWbmo_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.89.0/24
Signature Algorithm: sha256WithRSAEncryption
18:22:74:fd:32:77:a3:d8:97:43:90:f2:ae:62:84:91:66:f9:
99:bd:c6:97:d6:8e:56:18:41:3c:b2:19:20:3b:f4:62:00:ce:
a3:e3:4a:d0:35:46:c9:15:29:14:05:3c:c6:15:a7:30:de:10:
0a:8c:86:a4:82:9e:b1:70:96:1c:6b:5d:70:f5:25:5f:92:3e:
d8:b0:4c:3c:95:51:f3:84:25:0e:13:ba:c1:d2:82:4b:bf:7d:
45:84:f9:c3:ce:17:8f:fc:90:e4:ef:ef:ae:e5:33:86:4d:f8:
9d:67:c5:37:fb:34:ca:1e:4a:64:1d:01:cb:ae:6b:14:dd:18:
d1:6a:b3:38:e1:00:98:ed:84:a0:01:60:96:33:ce:23:7d:fc:
cf:6f:df:de:92:e3:c3:20:f9:1b:62:52:06:22:5b:02:fe:f3:
a8:41:14:c6:af:b7:fb:bb:a4:28:ca:1f:ff:2d:d7:69:90:29:
85:38:60:2b:f2:fd:d1:77:e6:f3:60:04:24:03:1b:61:5c:22:
61:af:08:7e:b1:6f:17:a9:e9:9c:48:74:f9:a3:13:7c:7c:9e:
b4:7b:b7:67:9a:ab:5b:00:17:9f:d7:59:cf:c2:38:e7:aa:74:
ce:65:0f:d4:c8:df:01:d6:63:c9:88:d5:d4:7e:69:3d:7a:9b:
55:51:73:cf
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA/6qeTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTgyNDdkM2Y4MTQ3MmRiYmEwNmRiZWE5YmQxOWM3ODVkMThiYWJlMB4XDTIyMDEw
MTEzNTQ0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmQzNjRjMTA0NjQ3
YzQ3Njc5MjgyOGU0OGI2YmU5ODE2NmU2YTNmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI2RffuBwbVxqEGoo2mkvbxraZm788j6jRKCo3pSXO/2JcQ8
qnIE92f+++dXFxkGElBEygoa5manpZIUNG+REfXA298COST4oYK5/IJcD9GTtoQH
l7/2FJOtmM31p+G8eXe1GwZLHlbEGzCmZQP6BGsIEkapvX5MXOVD1CDpWZ21djvg
VQulFAwbqx/et7NSTUy0lFsg9WkGymyz97U6eO3s5wDoKan++WzN/mib4ysiwpdb
rycWPhXTgD07g6uU569lSIz/AjmWp4brM/kD37abJ7EB3+Wb+9YeoItgSbxKJQ9D
6T7ElYFp4n/p5OrR4zRnlUY46f2oCGtU1ahKh8cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQtNkwQRkfEdnkoKOSLa+mBZuaj+jAfBgNVHSMEGDAWgBTZgkfT+BRy27oG
2+qb0Zx4XRi6vjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJZSkgwX2dVY3R1NkJ0dnFtOUdjZUYwWXVyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvNmRiYzk5LWJmYTktNGVmNy1hNzk4LWEzMDMyNjE1NjYwYy8x
L0xUWk1FRVpIeEhaNUtDamtpMnZwZ1dibW9fby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
NmRiYzk5LWJmYTktNGVmNy1hNzk4LWEzMDMyNjE1NjYwYy8xLzJZSkgwX2dVY3R1
NkJ0dnFtOUdjZUYwWXVyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2ZWTANBgkqhkiG9w0BAQsFAAOC
AQEAGCJ0/TJ3o9iXQ5DyrmKEkWb5mb3Gl9aOVhhBPLIZIDv0YgDOo+NK0DVGyRUp
FAU8xhWnMN4QCoyGpIKesXCWHGtdcPUlX5I+2LBMPJVR84QlDhO6wdKCS799RYT5
w84Xj/yQ5O/vruUzhk34nWfFN/s0yh5KZB0By65rFN0Y0WqzOOEAmO2EoAFgljPO
I338z2/f3pLjwyD5G2JSBiJbAv7zqEEUxq+3+7ukKMof/y3XaZAphThgK/L90Xfm
82AEJAMbYVwiYa8IfrFvF6npnEh0+aMTfHyetHu3Z5qrWwAXn9dZz8I456p0zmUP
1MjfAdZjyYjV1H5pPXqbVVFzzw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:00 2023 by rpki-client on console-ams.rpki-client.org