Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/rQ6yLw1dMo8O_gtlwNqf9rCJuC4.roa
File: rQ6yLw1dMo8O_gtlwNqf9rCJuC4.roa (raw, json)
Hash identifier: yRqT0yPywNNGSJCZBmpkZnB38IaPSzACBWALfvbRNdk=
Subject key identifier: AD:0E:B2:2F:0D:5D:32:8F:0E:FE:0B:65:C0:DA:9F:F6:B0:89:B8:2E
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018CC2DB05EDD89F93A3F3E2C7862CCA1BAA
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/rQ6yLw1dMo8O_gtlwNqf9rCJuC4.roa
Signing time: Mon 01 Jan 2024 02:29:42 +0000
ROA not before: Mon 01 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60631
IP address blocks: 62.106.95.0/24 maxlen: 24
45.159.150.0/24 maxlen: 24
45.159.149.0/24 maxlen: 24
146.19.212.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:05:ed:d8:9f:93:a3:f3:e2:c7:86:2c:ca:1b:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Jan 1 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad0eb22f0d5d328f0efe0b65c0da9ff6b089b82e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f4:17:7f:25:88:2e:c7:a3:f9:40:e8:86:09:
44:3c:1a:06:a0:db:ea:31:88:7e:19:e5:61:2d:74:
1a:4a:cf:a3:62:78:03:23:59:6d:7a:32:76:1b:82:
09:8f:93:2e:55:ef:2f:5d:97:69:34:e7:fe:a7:2c:
80:cd:94:c4:f8:fe:f6:54:3a:57:b5:86:62:8b:13:
70:43:b2:da:8c:b5:8b:dc:ea:19:e0:b7:e8:73:2a:
a3:54:c9:48:bd:ac:e1:9f:98:91:44:95:58:05:d5:
da:7f:e8:8f:2f:5c:1b:aa:1e:73:13:68:cf:15:c3:
85:2f:82:69:f4:0d:5b:8a:a4:60:90:2b:91:da:86:
83:4d:d6:7a:2e:30:a0:a6:7e:53:2a:65:fb:2c:2f:
6c:b2:22:16:8f:94:3d:40:3a:ba:3f:cb:61:08:e5:
63:cd:87:7f:2c:ef:c8:10:cf:fb:d2:d0:6d:99:f5:
17:64:43:1c:18:d7:5e:47:11:6e:23:0b:92:5b:3a:
32:6a:1c:b5:57:97:a4:b7:bf:57:0a:9c:5d:f8:8d:
cb:5a:b2:11:4a:5d:5b:ab:5c:0e:b2:c0:1f:72:62:
fe:a5:3d:84:ed:44:01:47:43:30:a2:5d:85:b0:a7:
6c:18:d0:1b:46:e9:c8:b3:e5:25:02:6a:bb:65:ea:
fb:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:0E:B2:2F:0D:5D:32:8F:0E:FE:0B:65:C0:DA:9F:F6:B0:89:B8:2E
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/rQ6yLw1dMo8O_gtlwNqf9rCJuC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.149.0-45.159.150.255
62.106.95.0/24
146.19.212.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:2e:22:5d:77:2a:24:89:10:e7:fe:71:e3:d8:40:47:b0:03:
8f:12:bb:9b:d4:96:2f:05:4f:34:b5:35:a2:69:fb:9c:f7:3e:
50:09:14:ea:17:47:65:47:30:d7:9f:eb:11:50:8c:f2:55:a8:
8d:a7:ed:c9:21:a4:8d:ac:38:a4:a3:d8:3f:6a:71:8d:0a:60:
88:b5:27:3e:58:16:f0:f6:a6:86:97:ff:ed:c0:63:94:0e:46:
78:02:61:a0:48:27:5d:1c:48:50:7a:6e:da:b4:fe:03:b3:d3:
fe:49:80:20:fa:e2:31:86:64:d6:26:43:94:60:80:54:dc:e7:
02:16:00:06:37:19:31:a4:f0:9c:3c:55:6d:6a:f0:0b:41:d6:
c1:90:59:27:3b:9c:18:45:14:39:a5:1c:7a:80:26:86:f5:3c:
9a:49:2d:8e:0a:1d:6b:45:5b:29:fa:92:26:0c:63:1f:59:76:
15:09:77:b9:db:9d:ee:bc:02:ad:4a:f7:df:3f:93:3a:69:84:
f9:25:7b:c1:6b:e4:e8:a1:dd:16:4e:37:47:ba:32:a2:5d:32:
d8:16:8f:60:52:7f:f0:86:87:10:d6:3d:a3:2a:be:f6:bc:e4:
34:f0:fa:b4:e6:40:2d:55:25:60:f4:ae:0f:de:57:89:c2:f6:
2b:18:2a:d1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzC2wXt2J+To/Pix4YsyhuqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjQwMTAxMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDBlYjIyZjBkNWQzMjhmMGVmZTBiNjVjMGRhOWZmNmIwODliODJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/QXfyWILsej+UDohglEPBoGoNvq
MYh+GeVhLXQaSs+jYngDI1ltejJ2G4IJj5MuVe8vXZdpNOf+pyyAzZTE+P72VDpX
tYZiixNwQ7LajLWL3OoZ4LfocyqjVMlIvazhn5iRRJVYBdXaf+iPL1wbqh5zE2jP
FcOFL4Jp9A1biqRgkCuR2oaDTdZ6LjCgpn5TKmX7LC9ssiIWj5Q9QDq6P8thCOVj
zYd/LO/IEM/70tBtmfUXZEMcGNdeRxFuIwuSWzoyahy1V5ekt79XCpxd+I3LWrIR
Sl1bq1wOssAfcmL+pT2E7UQBR0Mwol2FsKdsGNAbRunIs+UlAmq7Zer7wwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFK0Osi8NXTKPDv4LZcDan/awibguMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvclE2eUx3MWRNbzhPX2d0bHdOcWY5ckNKdUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtn5UD
BAAtn5YDBAA+al8DBACSE9QwDQYJKoZIhvcNAQELBQADggEBAKUuIl13KiSJEOf+
cePYQEewA48Su5vUli8FTzS1NaJp+5z3PlAJFOoXR2VHMNef6xFQjPJVqI2n7ckh
pI2sOKSj2D9qcY0KYIi1Jz5YFvD2poaX/+3AY5QORngCYaBIJ10cSFB6btq0/gOz
0/5JgCD64jGGZNYmQ5RggFTc5wIWAAY3GTGk8Jw8VW1q8AtB1sGQWSc7nBhFFDml
HHqAJob1PJpJLY4KHWtFWyn6kiYMYx9ZdhUJd7nbne68Aq1K998/kzpphPkle8Fr
5Oih3RZON0e6MqJdMtgWj2BSf/CGhxDWPaMqvva85DTw+rTmQC1VJWD0rg/eV4nC
9isYKtE=
-----END CERTIFICATE-----
Generated at Tue May 14 16:18:17 2024 by rpki-client on console-fra.rpki-client.org