Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/dIt4YQjix57DiMxtXtolzoe9z5M.roa
File: dIt4YQjix57DiMxtXtolzoe9z5M.roa (raw, json)
Hash identifier: HaDhtTBMCaRvcpOVtSjqxk8CTwGX4KjZuIkXZB/htcE=
Subject key identifier: 74:8B:78:61:08:E2:C7:9E:C3:88:CC:6D:5E:DA:25:CE:87:BD:CF:93
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018572C387DA18441651C8CCF8BCE9CA577A
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/dIt4YQjix57DiMxtXtolzoe9z5M.roa
Signing time: Mon 02 Jan 2023 13:54:54 +0000
ROA not before: Mon 02 Jan 2023 13:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211421
IP address blocks: 45.159.148.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:87:da:18:44:16:51:c8:cc:f8:bc:e9:ca:57:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Jan 2 13:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=748b786108e2c79ec388cc6d5eda25ce87bdcf93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:99:59:e1:b4:ad:6e:1a:8f:61:cc:26:fc:e0:
94:e9:89:ec:a0:18:c1:b2:cc:58:bd:c8:50:54:e6:
f9:ed:62:9c:60:5b:eb:b9:28:a6:09:08:57:09:0a:
5c:a8:2c:55:c6:a9:6a:24:fb:1b:1e:a1:16:d2:90:
97:45:19:d0:23:3b:5c:d4:cf:5a:df:98:10:86:be:
87:c6:2c:ae:0b:4b:04:48:af:25:12:b5:9a:5f:f1:
2c:d8:3d:02:de:c8:47:c1:d7:4f:ae:b8:c9:20:da:
42:8f:38:1f:51:34:bd:1f:94:e4:62:7a:b8:aa:6d:
1a:cc:dc:87:60:d5:23:9d:16:81:cd:e6:61:0b:af:
a9:cf:a3:9f:a1:e4:c7:bf:85:74:9e:18:2d:17:16:
d0:55:77:04:d9:81:bc:c9:1d:49:df:07:04:76:69:
5a:7f:0f:24:fc:39:a7:2d:d8:e8:aa:ad:22:44:49:
59:b6:cf:40:b6:08:4b:ea:95:63:6b:83:0f:d6:0c:
71:f6:31:bc:19:33:0c:41:84:e2:d0:39:d3:64:60:
d5:70:29:b2:c5:8e:b1:3e:0f:08:01:c5:3f:ca:1c:
95:65:dd:8d:30:2d:9e:f3:8a:2c:74:94:d8:9e:7a:
af:f6:b6:fa:5d:2f:81:13:9c:c5:68:21:02:70:0e:
4f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:8B:78:61:08:E2:C7:9E:C3:88:CC:6D:5E:DA:25:CE:87:BD:CF:93
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/dIt4YQjix57DiMxtXtolzoe9z5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.148.0/24
Signature Algorithm: sha256WithRSAEncryption
84:7a:b5:3c:cb:66:18:1a:1b:e4:19:c3:5b:ce:4f:54:20:0c:
8f:b5:de:b7:87:b3:1f:3a:c4:2f:24:76:bf:f3:3c:91:36:10:
07:b4:95:f3:d9:f3:87:c0:66:75:1e:f3:50:76:d1:88:3e:f4:
97:3f:e7:c6:69:da:95:0b:0c:ad:3f:14:67:31:75:99:fe:4f:
bd:c2:9f:03:9b:b9:83:05:95:72:2f:fc:28:7b:a5:27:2a:6b:
28:38:de:ff:6c:a0:b2:e8:c8:fc:42:e6:bc:45:0e:16:07:d1:
be:7c:55:af:53:25:78:53:e4:f2:44:98:67:47:38:9d:78:f1:
79:b5:81:66:33:96:91:e1:55:f5:51:95:2d:0f:85:97:e5:ae:
87:7b:1f:9a:63:d1:a7:88:d1:d7:d7:5c:95:c8:8f:00:a0:cc:
6e:ad:9c:e5:6f:04:96:25:4a:bd:85:db:92:28:87:87:6f:4b:
89:d0:f1:6b:6a:b7:5f:85:72:fb:51:00:6c:9f:bc:ca:e5:c0:
37:b0:72:e4:c2:d4:a4:9b:9b:ad:95:dc:65:65:10:57:be:bd:
1e:df:ab:ff:a2:5f:86:10:1d:48:ef:9b:9b:7f:b6:47:8d:78:
56:9e:2f:a7:e0:97:dc:95:d4:dc:f8:fa:59:15:19:8d:ab:0b:
ee:f9:5e:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyw4faGEQWUcjM+Lzpyld6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjMwMTAyMTM1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDhiNzg2MTA4ZTJjNzllYzM4OGNjNmQ1ZWRhMjVjZTg3YmRjZjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5lZ4bStbhqPYcwm/OCU6YnsoBjB
ssxYvchQVOb57WKcYFvruSimCQhXCQpcqCxVxqlqJPsbHqEW0pCXRRnQIztc1M9a
35gQhr6HxiyuC0sESK8lErWaX/Es2D0C3shHwddPrrjJINpCjzgfUTS9H5TkYnq4
qm0azNyHYNUjnRaBzeZhC6+pz6OfoeTHv4V0nhgtFxbQVXcE2YG8yR1J3wcEdmla
fw8k/DmnLdjoqq0iRElZts9AtghL6pVja4MP1gxx9jG8GTMMQYTi0DnTZGDVcCmy
xY6xPg8IAcU/yhyVZd2NMC2e84osdJTYnnqv9rb6XS+BE5zFaCECcA5P0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHSLeGEI4seew4jMbV7aJc6Hvc+TMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvZEl0NFlRaml4NTdEaU14dFh0b2x6b2U5ejVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ+UMA0G
CSqGSIb3DQEBCwUAA4IBAQCEerU8y2YYGhvkGcNbzk9UIAyPtd63h7MfOsQvJHa/
8zyRNhAHtJXz2fOHwGZ1HvNQdtGIPvSXP+fGadqVCwytPxRnMXWZ/k+9wp8Dm7mD
BZVyL/woe6UnKmsoON7/bKCy6Mj8Qua8RQ4WB9G+fFWvUyV4U+TyRJhnRzidePF5
tYFmM5aR4VX1UZUtD4WX5a6Hex+aY9GniNHX11yVyI8AoMxurZzlbwSWJUq9hduS
KIeHb0uJ0PFrardfhXL7UQBsn7zK5cA3sHLkwtSkm5utldxlZRBXvr0e36v/ol+G
EB1I75ubf7ZHjXhWni+n4JfcldTc+PpZFRmNqwvu+V7h
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:16 2024 by rpki-client on console-fra.rpki-client.org