Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/zl5Xf9LOoU81lh6PnMEJSdarDk4.roa
File: zl5Xf9LOoU81lh6PnMEJSdarDk4.roa (raw, json)
Hash identifier: SLFso2iykzVJtGCqL0zHlaj8/AETspbYUCq2968Tt/M=
Subject key identifier: CE:5E:57:7F:D2:CE:A1:4F:35:96:1E:8F:9C:C1:09:49:D6:AB:0E:4E
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 0185C8E74CB71AE7A371A5BB76060175CD46
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/zl5Xf9LOoU81lh6PnMEJSdarDk4.roa
Signing time: Thu 19 Jan 2023 07:21:19 +0000
ROA not before: Thu 19 Jan 2023 07:21:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204104
IP address blocks: 45.81.19.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c8:e7:4c:b7:1a:e7:a3:71:a5:bb:76:06:01:75:cd:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Jan 19 07:21:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce5e577fd2cea14f35961e8f9cc10949d6ab0e4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:1a:f8:43:cd:3d:dd:95:13:32:e0:e2:39:e9:
b8:5b:a1:e6:d1:5c:c8:ad:9a:89:1a:10:a8:68:a2:
eb:24:76:c7:1e:b7:47:84:37:a1:c1:2d:ca:2d:0b:
57:f2:d1:04:af:a5:5f:d4:24:c5:fc:cc:e1:8a:85:
d6:e0:4d:33:12:41:8a:51:b3:2a:cb:3f:1a:c4:4b:
86:51:c2:ab:09:d1:6b:b3:e4:c9:d9:e3:a0:e2:ae:
dd:e5:67:7a:58:bd:8f:7c:10:7f:86:0b:e6:ef:f0:
28:14:d3:4c:2f:e4:db:65:7c:51:20:49:bd:47:82:
83:34:e6:a3:a5:a8:fc:4a:78:f4:2e:53:90:2e:12:
3e:88:91:f2:50:29:b9:4f:6f:1f:a7:5f:3c:33:a0:
da:63:46:a6:41:50:80:48:bd:4c:65:24:96:72:6a:
bc:28:26:04:0e:35:72:3f:d8:4f:19:34:21:fc:3b:
0d:34:ff:89:fa:95:c3:95:5d:10:3b:d9:71:29:95:
9b:f9:b0:5f:33:e7:68:ea:0d:2b:b0:4a:f0:6b:8c:
dd:4c:4e:c9:40:5e:bd:1a:31:f6:39:e8:e5:df:4c:
75:88:ae:ab:3e:74:b4:39:9b:e6:1b:2c:05:39:0a:
89:41:5a:39:53:07:ed:d1:fb:24:8a:06:b7:70:d1:
70:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:5E:57:7F:D2:CE:A1:4F:35:96:1E:8F:9C:C1:09:49:D6:AB:0E:4E
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/zl5Xf9LOoU81lh6PnMEJSdarDk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.19.0/24
Signature Algorithm: sha256WithRSAEncryption
01:f2:8c:37:5d:ad:29:b4:c2:85:a3:6b:c3:d2:fd:cc:1f:8c:
33:4e:6b:0c:2a:3a:b0:bf:f9:ac:b1:b3:de:f0:0e:e6:21:e7:
73:ce:a1:c6:22:84:fa:2e:c0:88:63:e6:13:79:9a:a2:b5:12:
f9:90:46:df:d3:be:5e:da:9d:c3:09:af:fe:61:a7:d7:d3:da:
37:e2:1f:43:f6:fd:94:de:15:dd:98:0f:86:81:d2:31:fa:27:
4a:eb:14:8e:6c:67:9f:cf:2b:1e:a8:25:ab:75:e3:3a:12:07:
d7:bc:8d:a6:fd:a3:17:2b:8a:11:90:51:1f:0f:02:d0:c4:eb:
82:4a:55:54:ab:04:60:57:df:3a:ca:fd:0c:06:45:06:86:79:
89:1d:b2:d4:54:c9:f4:2f:24:da:ee:cd:bb:d8:ac:d9:72:1b:
fb:4a:de:f9:a8:b2:fb:ec:16:04:60:dc:c9:cc:a9:2a:fd:92:
7b:cd:12:ed:3f:2d:06:6c:8d:9f:19:9b:03:6d:c4:e0:dd:df:
9a:6f:c9:4c:f2:53:52:3f:37:ea:91:a2:57:9e:e4:1b:04:98:
a5:d1:5d:98:37:0d:17:da:ac:28:57:09:ee:b8:d4:74:77:76:
31:06:f8:9d:c6:aa:0c:01:93:56:bd:9b:e9:e3:ae:9a:03:27:
0e:b6:6d:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXI50y3GuejcaW7dgYBdc1GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjMwMTE5MDcyMTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTVlNTc3ZmQyY2VhMTRmMzU5NjFlOGY5Y2MxMDk0OWQ2YWIwZTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Br4Q8093ZUTMuDiOem4W6Hm0VzI
rZqJGhCoaKLrJHbHHrdHhDehwS3KLQtX8tEEr6Vf1CTF/MzhioXW4E0zEkGKUbMq
yz8axEuGUcKrCdFrs+TJ2eOg4q7d5Wd6WL2PfBB/hgvm7/AoFNNML+TbZXxRIEm9
R4KDNOajpaj8Snj0LlOQLhI+iJHyUCm5T28fp188M6DaY0amQVCASL1MZSSWcmq8
KCYEDjVyP9hPGTQh/DsNNP+J+pXDlV0QO9lxKZWb+bBfM+do6g0rsErwa4zdTE7J
QF69GjH2Oejl30x1iK6rPnS0OZvmGywFOQqJQVo5Uwft0fskiga3cNFwFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM5eV3/SzqFPNZYej5zBCUnWqw5OMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvemw1WGY5TE9vVTgxbGg2UG5NRUpTZGFyRGs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVETMA0G
CSqGSIb3DQEBCwUAA4IBAQAB8ow3Xa0ptMKFo2vD0v3MH4wzTmsMKjqwv/mssbPe
8A7mIedzzqHGIoT6LsCIY+YTeZqitRL5kEbf075e2p3DCa/+YafX09o34h9D9v2U
3hXdmA+GgdIx+idK6xSObGefzyseqCWrdeM6EgfXvI2m/aMXK4oRkFEfDwLQxOuC
SlVUqwRgV986yv0MBkUGhnmJHbLUVMn0LyTa7s272KzZchv7St75qLL77BYEYNzJ
zKkq/ZJ7zRLtPy0GbI2fGZsDbcTg3d+ab8lM8lNSPzfqkaJXnuQbBJil0V2YNw0X
2qwoVwnuuNR0d3YxBvidxqoMAZNWvZvp466aAycOtm3K
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:19 2024 by rpki-client on console-ams.rpki-client.org