Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/6ZLtwsdctDtckoC-nBIngtqoogU.roa
File: 6ZLtwsdctDtckoC-nBIngtqoogU.roa (raw, json)
Hash identifier: AlGygPKdN03vGjiMcPu62ZC74Lm3V7rzQbjNT+Nt+i0=
Subject key identifier: E9:92:ED:C2:C7:5C:B4:3B:5C:92:80:BE:9C:12:27:82:DA:A8:A2:05
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018572C3810FF0B98049F66F8E33D3A726E4
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/6ZLtwsdctDtckoC-nBIngtqoogU.roa
Signing time: Mon 02 Jan 2023 13:54:53 +0000
ROA not before: Mon 02 Jan 2023 13:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39650
IP address blocks: 45.90.73.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:81:0f:f0:b9:80:49:f6:6f:8e:33:d3:a7:26:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Jan 2 13:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e992edc2c75cb43b5c9280be9c122782daa8a205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bd:0d:3a:85:70:2a:c1:89:7d:4a:28:85:75:
f0:1d:07:ea:73:ba:a2:33:4f:d6:a3:cc:60:7b:00:
ae:06:a5:cd:fc:35:d4:85:a4:67:26:2b:8e:c4:f2:
ad:3f:f1:70:62:c7:f2:ee:c8:87:a0:3a:e6:9c:c3:
57:ec:50:44:87:71:12:3e:3f:45:f7:bd:cf:ae:a0:
a3:51:4c:05:1c:78:31:7b:41:a3:14:54:76:ae:f6:
8c:54:52:8e:25:47:99:73:ed:d0:f8:be:11:68:0d:
7f:0f:40:8c:65:a8:cf:38:86:e9:31:b0:81:b9:14:
20:d1:b2:05:18:76:f7:fc:96:8b:42:b4:3c:0c:1f:
d4:3c:be:63:df:7f:1d:cd:d7:e0:0c:0f:1b:94:96:
2a:9a:e9:72:7a:87:c8:af:9c:77:0d:9a:78:4e:c3:
f6:18:78:04:c1:18:34:a5:3f:eb:8b:8f:81:ae:e1:
8e:5a:8b:29:1f:f2:6c:ca:55:93:4a:0f:02:6d:d4:
6b:48:58:c3:bc:06:41:58:0f:3b:d3:23:38:d5:d8:
96:cb:da:95:8f:e1:48:cc:71:9d:73:1c:0a:d7:a9:
d1:ea:47:82:29:2e:73:0a:bf:27:0c:13:87:11:ed:
e3:59:83:03:c5:9f:ba:67:7f:ae:36:5a:fc:f5:70:
d3:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:92:ED:C2:C7:5C:B4:3B:5C:92:80:BE:9C:12:27:82:DA:A8:A2:05
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/6ZLtwsdctDtckoC-nBIngtqoogU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.73.0/24
Signature Algorithm: sha256WithRSAEncryption
93:5f:3a:ee:89:0f:ea:b2:b3:9c:57:b5:c6:c7:61:88:1a:d8:
a0:84:9a:99:fb:83:df:3b:bb:8a:ea:b1:ba:1a:e3:48:bf:95:
02:d4:00:e3:99:54:28:b8:23:ff:9a:24:96:9b:f2:f0:65:e7:
96:0e:44:40:b3:d8:57:5a:19:44:01:70:36:da:d6:dd:42:5a:
d4:14:73:c1:4d:19:f2:ab:4a:31:e6:68:63:12:ff:00:14:83:
c1:f6:8e:b4:b1:14:f3:8f:a6:be:d8:e8:3f:5f:4b:06:a6:31:
b9:7e:48:76:62:44:5d:72:9d:a4:6d:96:31:62:27:87:3d:26:
91:89:cd:42:6a:66:0d:a7:f1:ea:0c:cf:71:7c:cf:85:87:52:
de:34:d8:0a:4f:72:85:c4:4b:c9:18:da:41:89:ee:d4:82:b4:
10:be:0c:df:15:47:8b:4d:34:1e:7b:e1:6c:c3:50:43:fc:e1:
d0:35:07:03:7b:7c:5e:53:e3:7f:f9:d2:03:c5:4e:cb:5b:32:
78:f7:ec:5b:94:f8:4e:2a:21:40:f1:55:4a:1d:87:a8:b4:f3:
86:54:0a:92:49:c0:58:0e:b3:bc:61:c2:03:b9:22:73:fd:43:
c2:2b:27:bf:0e:47:f6:46:5f:fe:18:4a:c1:31:3d:a0:9f:b5:
75:a5:ea:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyw4EP8LmASfZvjjPTpybkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjMwMTAyMTM1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTkyZWRjMmM3NWNiNDNiNWM5MjgwYmU5YzEyMjc4MmRhYThhMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyL0NOoVwKsGJfUoohXXwHQfqc7qi
M0/Wo8xgewCuBqXN/DXUhaRnJiuOxPKtP/FwYsfy7siHoDrmnMNX7FBEh3ESPj9F
973PrqCjUUwFHHgxe0GjFFR2rvaMVFKOJUeZc+3Q+L4RaA1/D0CMZajPOIbpMbCB
uRQg0bIFGHb3/JaLQrQ8DB/UPL5j338dzdfgDA8blJYqmulyeofIr5x3DZp4TsP2
GHgEwRg0pT/ri4+BruGOWospH/JsylWTSg8CbdRrSFjDvAZBWA870yM41diWy9qV
j+FIzHGdcxwK16nR6keCKS5zCr8nDBOHEe3jWYMDxZ+6Z3+uNlr89XDTTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOmS7cLHXLQ7XJKAvpwSJ4LaqKIFMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvNlpMdHdzZGN0RHRja29DLW5CSW5ndHFvb2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVpJMA0G
CSqGSIb3DQEBCwUAA4IBAQCTXzruiQ/qsrOcV7XGx2GIGtighJqZ+4PfO7uK6rG6
GuNIv5UC1ADjmVQouCP/miSWm/LwZeeWDkRAs9hXWhlEAXA22tbdQlrUFHPBTRny
q0ox5mhjEv8AFIPB9o60sRTzj6a+2Og/X0sGpjG5fkh2YkRdcp2kbZYxYieHPSaR
ic1CamYNp/HqDM9xfM+Fh1LeNNgKT3KFxEvJGNpBie7UgrQQvgzfFUeLTTQee+Fs
w1BD/OHQNQcDe3xeU+N/+dIDxU7LWzJ49+xblPhOKiFA8VVKHYeotPOGVAqSScBY
DrO8YcIDuSJz/UPCKye/Dkf2Rl/+GErBMT2gn7V1perq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:19 2024 by rpki-client on console-ams.rpki-client.org