Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/fSrEJBGm2NLdSrlib4a-9SqnOLQ.roa
File: fSrEJBGm2NLdSrlib4a-9SqnOLQ.roa (raw, json)
Hash identifier: kO0mLXmJrOVhfD0AYMzhmK052Z3JI8NSsZdwMXVln7c=
Subject key identifier: 7D:2A:C4:24:11:A6:D8:D2:DD:4A:B9:62:6F:86:BE:F5:2A:A7:38:B4
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 0525042B
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/fSrEJBGm2NLdSrlib4a-9SqnOLQ.roa
Signing time: Sat 07 May 2022 11:49:09 +0000
ROA not before: Sat 07 May 2022 11:49:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 45.153.89.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86311979 (0x525042b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: May 7 11:49:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d2ac42411a6d8d2dd4ab9626f86bef52aa738b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:44:f6:30:d2:88:ef:ea:18:0e:6c:eb:df:0e:
8e:30:83:67:33:75:79:48:78:84:c7:22:43:1e:60:
51:a7:46:a4:ef:ad:0d:94:13:3e:dd:57:6f:6f:81:
9c:67:99:0a:b9:29:04:8d:99:21:59:af:ac:fb:63:
72:d2:e8:2d:50:9f:c9:72:39:fb:59:f6:5c:54:d2:
a7:24:7c:f2:0e:ed:8a:cd:97:85:dc:db:eb:eb:47:
21:49:9e:dc:3f:5c:1f:8a:2c:e0:44:bc:c0:08:f6:
eb:0e:b2:fb:c2:9c:c6:bb:bf:0e:9d:b5:2e:ba:bc:
07:fd:62:73:92:53:29:e1:2b:2f:d6:93:3d:67:eb:
3d:d2:eb:1a:97:69:3e:4f:f3:c3:2f:d6:56:40:43:
d8:64:f9:9d:cc:76:2c:6c:de:83:7b:63:2b:be:65:
b9:13:02:6a:d7:8b:db:c6:6e:c3:2a:e2:70:26:1e:
1d:3e:94:0c:62:1c:dd:cd:3a:b4:10:a0:6f:8b:4a:
9e:d5:b7:4a:47:9f:0a:17:61:14:67:36:9c:96:fc:
aa:17:9a:9c:3f:8f:0c:5f:d2:d1:8d:92:77:a6:8a:
92:bb:fd:6e:8f:60:d3:82:1d:e0:c9:14:a7:74:f5:
b9:5c:7e:e4:11:b3:8b:b6:a7:2e:16:8d:5e:33:40:
58:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:2A:C4:24:11:A6:D8:D2:DD:4A:B9:62:6F:86:BE:F5:2A:A7:38:B4
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/fSrEJBGm2NLdSrlib4a-9SqnOLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.89.0/24
Signature Algorithm: sha256WithRSAEncryption
42:50:a3:1a:08:9b:58:e0:f5:fa:cd:fc:e9:fa:e0:82:a1:93:
61:61:68:8e:fe:ba:b8:d0:33:e4:93:fa:0e:af:51:8f:f6:08:
2f:3d:10:23:10:60:48:1c:a2:55:ec:1b:cf:49:1c:8b:3c:fd:
64:5c:98:3f:0a:5b:54:44:8e:e1:63:29:48:a9:d8:ff:74:95:
bd:2a:0a:ac:cd:52:c5:28:51:cf:38:c4:8a:a6:29:65:d4:ed:
8a:e4:31:43:05:fa:d8:08:3d:25:6b:29:3f:60:42:17:fb:f3:
83:8c:63:10:16:2c:25:16:d8:7f:93:0b:21:f8:70:ab:1f:50:
7f:98:44:00:da:db:25:3b:31:aa:36:db:6e:3f:38:01:d6:09:
72:85:a3:9a:8b:b9:07:92:3d:6b:9c:23:a8:6e:e0:ab:5e:f6:
31:77:63:08:d2:77:4e:13:55:72:b7:5a:97:e5:b9:4e:e8:1c:
c0:28:0d:24:4b:03:d1:11:be:b3:9b:66:da:c1:ff:15:10:c8:
62:0a:26:4f:59:e8:f6:19:bb:81:92:0f:88:02:9e:8f:26:81:
27:7a:83:e7:1e:70:49:76:38:a9:6e:e0:59:55:10:e1:6b:c6:
df:71:22:e4:a8:5b:6c:c2:9b:b3:18:dd:8b:a0:80:18:53:4c:
bf:f5:14:af
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBSUEKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTgyNDdkM2Y4MTQ3MmRiYmEwNmRiZWE5YmQxOWM3ODVkMThiYWJlMB4XDTIyMDUw
NzExNDkwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2QyYWM0MjQxMWE2
ZDhkMmRkNGFiOTYyNmY4NmJlZjUyYWE3MzhiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJxE9jDSiO/qGA5s698OjjCDZzN1eUh4hMciQx5gUadGpO+t
DZQTPt1Xb2+BnGeZCrkpBI2ZIVmvrPtjctLoLVCfyXI5+1n2XFTSpyR88g7tis2X
hdzb6+tHIUme3D9cH4os4ES8wAj26w6y+8Kcxru/Dp21Lrq8B/1ic5JTKeErL9aT
PWfrPdLrGpdpPk/zwy/WVkBD2GT5ncx2LGzeg3tjK75luRMCateL28ZuwyricCYe
HT6UDGIc3c06tBCgb4tKntW3SkefChdhFGc2nJb8qheanD+PDF/S0Y2Sd6aKkrv9
bo9g04Id4MkUp3T1uVx+5BGzi7anLhaNXjNAWKkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR9KsQkEabY0t1KuWJvhr71Kqc4tDAfBgNVHSMEGDAWgBTZgkfT+BRy27oG
2+qb0Zx4XRi6vjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJZSkgwX2dVY3R1NkJ0dnFtOUdjZUYwWXVyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvNmRiYzk5LWJmYTktNGVmNy1hNzk4LWEzMDMyNjE1NjYwYy8x
L2ZTckVKQkdtMk5MZFNybGliNGEtOVNxbk9MUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
NmRiYzk5LWJmYTktNGVmNy1hNzk4LWEzMDMyNjE1NjYwYy8xLzJZSkgwX2dVY3R1
NkJ0dnFtOUdjZUYwWXVyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2ZWTANBgkqhkiG9w0BAQsFAAOC
AQEAQlCjGgibWOD1+s386frggqGTYWFojv66uNAz5JP6Dq9Rj/YILz0QIxBgSByi
Vewbz0kcizz9ZFyYPwpbVESO4WMpSKnY/3SVvSoKrM1SxShRzzjEiqYpZdTtiuQx
QwX62Ag9JWspP2BCF/vzg4xjEBYsJRbYf5MLIfhwqx9Qf5hEANrbJTsxqjbbbj84
AdYJcoWjmou5B5I9a5wjqG7gq172MXdjCNJ3ThNVcrdal+W5TugcwCgNJEsD0RG+
s5tm2sH/FRDIYgomT1no9hm7gZIPiAKejyaBJ3qD5x5wSXY4qW7gWVUQ4WvG33Ei
5KhbbMKbsxjdi6CAGFNMv/UUrw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:00 2023 by rpki-client on console-ams.rpki-client.org