Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/JnSEvVhrSZY3iKrDNN2KCcFhD4s.roa
File: JnSEvVhrSZY3iKrDNN2KCcFhD4s.roa (raw, json)
Hash identifier: jKdYdm/OUYF/fcrU61OIr5TmK9rRq1SMBXgEtVNmXaA=
Subject key identifier: 26:74:84:BD:58:6B:49:96:37:88:AA:C3:34:DD:8A:09:C1:61:0F:8B
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018CC2DB098B22170546A5F3B60D49DD209A
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/JnSEvVhrSZY3iKrDNN2KCcFhD4s.roa
Signing time: Mon 01 Jan 2024 02:29:43 +0000
ROA not before: Mon 01 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211421
IP address blocks: 45.159.148.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:09:8b:22:17:05:46:a5:f3:b6:0d:49:dd:20:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Jan 1 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=267484bd586b49963788aac334dd8a09c1610f8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3b:57:8c:bd:d4:2f:44:72:6d:18:c0:1c:16:
64:a3:a8:f5:0f:12:81:8c:8c:a2:66:a3:78:78:8c:
a7:6f:c5:59:61:81:c0:1d:27:53:1d:3a:f2:61:a7:
59:58:00:aa:6e:51:a7:b1:f8:ec:fb:ed:a0:09:54:
04:88:34:ca:f7:4d:a1:4f:84:43:93:fa:b3:af:32:
0e:3f:a7:21:1c:6d:69:3f:30:57:df:4d:b2:1c:94:
1b:29:36:a8:1a:ee:8e:23:5d:3f:ed:c5:c6:41:65:
a1:44:42:65:cc:64:31:8c:8b:88:63:f0:a5:a8:c2:
19:15:77:61:83:60:ec:d3:76:6b:c6:1f:67:23:66:
b9:f7:5f:c9:cb:2a:1b:66:a8:02:68:1b:11:ae:6d:
ae:05:e7:a2:d7:fc:a1:94:1a:24:da:40:36:58:10:
f8:66:33:5f:d8:b4:51:9f:1e:d9:7f:c0:3a:e9:3f:
8f:e3:2e:82:67:de:43:90:68:78:86:09:fe:fd:68:
86:1e:ad:32:f6:48:48:00:9d:fe:bc:1d:2e:77:a8:
e7:9e:69:33:09:4c:c8:18:56:e1:23:9c:da:5e:d3:
bc:49:83:28:e7:45:c0:eb:92:58:79:e1:3a:5e:28:
82:3b:cf:93:8c:79:54:27:5f:a7:7b:44:37:ff:6f:
92:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:74:84:BD:58:6B:49:96:37:88:AA:C3:34:DD:8A:09:C1:61:0F:8B
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/JnSEvVhrSZY3iKrDNN2KCcFhD4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.148.0/24
Signature Algorithm: sha256WithRSAEncryption
85:21:f3:8e:bc:cd:ce:ba:48:66:1b:b7:30:33:47:ae:1b:b6:
f6:33:da:6d:62:23:c4:80:47:27:ad:3d:49:83:ae:6a:53:5b:
21:3b:a7:b6:f1:14:b3:d4:f3:6d:2d:71:3c:0d:71:8c:26:6f:
fb:6a:0f:65:d0:01:0e:34:8d:e6:90:e1:d7:7c:5d:c4:f2:95:
ac:a9:81:93:5a:9c:13:5b:4a:01:59:92:91:f5:ad:22:cd:ac:
0d:01:e1:43:67:c1:dd:c0:6a:88:9c:de:fa:ac:6b:74:28:32:
02:70:7c:54:2e:92:33:73:8c:2e:67:c9:ab:ea:ea:05:7d:c0:
39:bc:d6:13:67:8c:4d:66:a7:22:ca:a0:70:f0:51:57:22:46:
a9:d4:83:56:1f:c2:3e:01:1e:d8:73:9a:99:d0:59:eb:67:90:
71:c0:56:46:76:fe:f0:9a:f6:e9:19:ce:6a:1d:ea:fd:53:66:
cc:fb:31:1f:51:98:cc:ae:df:cf:7d:e7:24:15:c5:00:a4:dd:
70:08:83:f2:5f:b9:24:67:f7:18:4e:b4:0f:45:fb:a2:e2:02:
87:fa:d5:4d:92:bb:f4:8b:82:7d:f9:b1:17:28:93:bb:ee:1a:
6a:9a:8c:0a:71:d1:3b:bd:53:ba:d0:94:f3:61:6d:c6:be:8e:
98:bb:02:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2wmLIhcFRqXztg1J3SCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjQwMTAxMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjc0ODRiZDU4NmI0OTk2Mzc4OGFhYzMzNGRkOGEwOWMxNjEwZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlztXjL3UL0RybRjAHBZko6j1DxKB
jIyiZqN4eIynb8VZYYHAHSdTHTryYadZWACqblGnsfjs++2gCVQEiDTK902hT4RD
k/qzrzIOP6chHG1pPzBX302yHJQbKTaoGu6OI10/7cXGQWWhREJlzGQxjIuIY/Cl
qMIZFXdhg2Ds03Zrxh9nI2a591/JyyobZqgCaBsRrm2uBeei1/yhlBok2kA2WBD4
ZjNf2LRRnx7Zf8A66T+P4y6CZ95DkGh4hgn+/WiGHq0y9khIAJ3+vB0ud6jnnmkz
CUzIGFbhI5zaXtO8SYMo50XA65JYeeE6XiiCO8+TjHlUJ1+ne0Q3/2+SIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCZ0hL1Ya0mWN4iqwzTdignBYQ+LMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvSm5TRXZWaHJTWlkzaUtyRE5OMktDY0ZoRDRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ+UMA0G
CSqGSIb3DQEBCwUAA4IBAQCFIfOOvM3OukhmG7cwM0euG7b2M9ptYiPEgEcnrT1J
g65qU1shO6e28RSz1PNtLXE8DXGMJm/7ag9l0AEONI3mkOHXfF3E8pWsqYGTWpwT
W0oBWZKR9a0izawNAeFDZ8HdwGqInN76rGt0KDICcHxULpIzc4wuZ8mr6uoFfcA5
vNYTZ4xNZqciyqBw8FFXIkap1INWH8I+AR7Yc5qZ0FnrZ5BxwFZGdv7wmvbpGc5q
Her9U2bM+zEfUZjMrt/PfeckFcUApN1wCIPyX7kkZ/cYTrQPRfui4gKH+tVNkrv0
i4J9+bEXKJO77hpqmowKcdE7vVO60JTzYW3Gvo6YuwKa
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:58 2025 by rpki-client