Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/q6xJ8Yr3uX9XTKU8HHbW1gZqibk.roa
File: q6xJ8Yr3uX9XTKU8HHbW1gZqibk.roa (raw, json)
Hash identifier: gLb11ZrydfbXj3Ho4phAu53LuMDlJ/qLLaP2NfLUA/E=
Subject key identifier: AB:AC:49:F1:8A:F7:B9:7F:57:4C:A5:3C:1C:76:D6:D6:06:6A:89:B9
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 0188F7C1DBFE121E465D703546E24DFF1408
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/q6xJ8Yr3uX9XTKU8HHbW1gZqibk.roa
Signing time: Mon 26 Jun 2023 12:50:57 +0000
ROA not before: Mon 26 Jun 2023 12:50:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211056
IP address blocks: 45.81.17.0/24 maxlen: 24
45.81.16.0/24 maxlen: 24
45.81.18.0/24 maxlen: 24
185.201.49.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f7:c1:db:fe:12:1e:46:5d:70:35:46:e2:4d:ff:14:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Jun 26 12:50:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abac49f18af7b97f574ca53c1c76d6d6066a89b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6b:4b:5e:82:24:6d:ad:db:f6:6a:67:f3:e9:
b3:d2:8a:1c:0e:2a:43:30:01:cb:aa:48:6d:6c:96:
9e:3c:ee:26:7e:84:82:64:f7:e4:ac:02:35:71:df:
15:17:e5:8f:02:d2:b8:09:0b:3a:2e:dc:74:b6:c3:
5c:fc:8b:65:4b:ba:b1:c2:3b:6c:9e:51:ae:10:a5:
d6:35:49:3d:42:5b:31:06:d0:1f:69:3c:3e:3d:2a:
9b:62:44:4f:98:e0:16:3d:09:db:3f:7e:f0:64:4e:
6e:e4:d9:63:18:4e:7e:99:fc:b1:96:bb:66:b8:bc:
de:9f:bf:06:97:30:df:5e:d9:99:db:12:65:b8:28:
64:09:62:8b:26:f0:55:26:9c:72:c0:72:73:b8:77:
6d:d8:9e:d7:02:3d:f5:76:12:8c:de:95:51:c5:d0:
eb:33:64:72:6d:08:d0:13:e0:d4:ce:2d:44:a7:83:
44:fb:91:2c:74:46:b3:da:71:a3:79:7f:fa:c0:89:
59:ba:b6:bb:26:99:56:a2:09:7d:d2:29:1b:c3:a6:
19:5a:4a:b0:8c:af:f5:50:0a:33:58:23:79:fc:33:
0a:e1:cc:59:64:e5:db:b0:01:ce:47:58:dd:22:4f:
88:18:b3:0c:6d:3a:22:6f:2c:53:e7:7d:6f:79:64:
8a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:AC:49:F1:8A:F7:B9:7F:57:4C:A5:3C:1C:76:D6:D6:06:6A:89:B9
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/q6xJ8Yr3uX9XTKU8HHbW1gZqibk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.16.0-45.81.18.255
185.201.49.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:0a:85:29:23:39:25:1e:cf:d3:21:08:6f:3a:11:e8:7c:2b:
46:61:11:d1:88:f2:a5:87:fe:50:7b:b9:f2:58:f3:99:44:3e:
59:37:74:15:cd:51:92:a2:74:ab:14:56:5b:e9:38:e1:95:f9:
5f:f9:2e:83:60:32:ae:7f:c1:c9:9f:33:11:b8:8d:24:75:87:
00:3c:98:26:a5:59:0d:54:ea:68:49:6a:c1:d6:a8:be:f5:07:
f6:ec:05:4d:26:64:0f:56:5e:a7:79:f4:2b:7d:5d:30:b5:f0:
2a:27:1e:a9:ca:10:97:ed:a5:c1:be:d4:d4:29:42:ea:d9:f3:
ff:e2:b4:8e:9e:ca:25:93:60:a4:08:cb:1e:0f:8b:56:cc:c4:
6e:0e:e7:c9:d5:92:30:d5:13:63:38:e5:06:96:1b:06:36:43:
4a:5c:b5:54:b7:ca:3d:92:03:2d:12:ff:b8:18:e6:79:7d:3c:
36:ea:7a:01:28:16:d0:cd:79:de:d9:1e:34:9a:fe:be:94:4c:
53:0d:ba:e1:e9:00:cb:8a:41:8b:31:d2:8e:f5:a4:e2:f1:26:
c1:d8:db:44:6d:ff:79:17:e9:c9:cc:20:42:c4:15:83:f4:e8:
f2:22:09:93:a9:cd:a6:1f:f5:ff:ef:3a:6e:13:49:a9:35:14:
03:55:4f:9c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYj3wdv+Eh5GXXA1RuJN/xQIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjMwNjI2MTI1MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmFjNDlmMThhZjdiOTdmNTc0Y2E1M2MxYzc2ZDZkNjA2NmE4OWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGtLXoIkba3b9mpn8+mz0oocDipD
MAHLqkhtbJaePO4mfoSCZPfkrAI1cd8VF+WPAtK4CQs6Ltx0tsNc/ItlS7qxwjts
nlGuEKXWNUk9QlsxBtAfaTw+PSqbYkRPmOAWPQnbP37wZE5u5NljGE5+mfyxlrtm
uLzen78GlzDfXtmZ2xJluChkCWKLJvBVJpxywHJzuHdt2J7XAj31dhKM3pVRxdDr
M2RybQjQE+DUzi1Ep4NE+5EsdEaz2nGjeX/6wIlZura7JplWogl90ikbw6YZWkqw
jK/1UAozWCN5/DMK4cxZZOXbsAHOR1jdIk+IGLMMbToibyxT531veWSKdQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKusSfGK97l/V0ylPBx21tYGaom5MB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvcTZ4SjhZcjN1WDlYVEtVOEhIYlcxZ1pxaWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAQtURAD
BAAtURIDBAC5yTEwDQYJKoZIhvcNAQELBQADggEBAKQKhSkjOSUez9MhCG86Eeh8
K0ZhEdGI8qWH/lB7ufJY85lEPlk3dBXNUZKidKsUVlvpOOGV+V/5LoNgMq5/wcmf
MxG4jSR1hwA8mCalWQ1U6mhJasHWqL71B/bsBU0mZA9WXqd59Ct9XTC18ConHqnK
EJftpcG+1NQpQurZ8//itI6eyiWTYKQIyx4Pi1bMxG4O58nVkjDVE2M45QaWGwY2
Q0pctVS3yj2SAy0S/7gY5nl9PDbqegEoFtDNed7ZHjSa/r6UTFMNuuHpAMuKQYsx
0o71pOLxJsHY20Rt/3kX6cnMIELEFYP06PIiCZOpzaYf9f/vOm4TSak1FANVT5w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:19 2024 by rpki-client on console-ams.rpki-client.org