Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/RK7IE6TfuIk0iQm10xYluvbSBXo.roa
File: RK7IE6TfuIk0iQm10xYluvbSBXo.roa (raw, json)
Hash identifier: FN6VNM11lw0rn5sp5e+UrIt2bcEYDwhXAzAOvZRpxvU=
Subject key identifier: 44:AE:C8:13:A4:DF:B8:89:34:89:09:B5:D3:16:25:BA:F6:D2:05:7A
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 018C3EE43EF0D5BF469DDCCFAC2ECE1E0946
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/RK7IE6TfuIk0iQm10xYluvbSBXo.roa
Signing time: Wed 06 Dec 2023 11:29:54 +0000
ROA not before: Wed 06 Dec 2023 11:29:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 45.153.230.0/24 maxlen: 24
45.132.131.0/24 maxlen: 24
45.132.130.0/24 maxlen: 24
193.38.54.0/24 maxlen: 24
193.38.55.0/24 maxlen: 24
2a0e:4bc6::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:e4:3e:f0:d5:bf:46:9d:dc:cf:ac:2e:ce:1e:09:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Dec 6 11:29:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44aec813a4dfb889348909b5d31625baf6d2057a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e9:91:3c:d9:3c:0a:e1:da:dc:8e:31:4f:d6:
5b:1d:0d:7d:7a:7c:25:04:ce:4b:d9:33:e7:28:0a:
f5:7b:22:33:80:1e:8b:91:f5:22:b8:87:46:a6:a8:
94:65:7a:4a:da:74:91:46:a6:d7:92:24:18:d7:f6:
25:0c:5a:3b:95:bc:e4:8c:3a:9a:68:26:f9:fa:17:
bc:a4:76:e9:31:44:44:49:42:63:cf:8b:e6:f6:7a:
45:97:18:35:6b:f1:af:62:c8:6d:af:b4:24:91:37:
0f:e7:7b:36:4d:11:a8:66:6c:fb:5c:45:51:e9:f4:
52:38:a7:3e:8b:27:61:e5:56:70:e5:67:7c:7d:72:
32:32:a1:c9:42:4e:55:2d:02:e4:2c:77:4b:63:ce:
a3:bf:8a:31:d6:24:6e:72:aa:e6:bc:b9:71:5a:94:
b5:2a:a1:c1:a1:30:cf:63:69:13:51:ed:d4:8c:38:
0e:a0:ab:6c:27:a8:fb:55:d7:9a:55:d5:27:50:b1:
b6:fa:11:d7:13:3b:f1:63:00:74:cd:c8:dc:90:78:
0a:64:6c:40:80:7b:dc:df:6c:be:95:ba:a7:8d:61:
ce:ac:d2:57:73:32:c1:86:b0:21:67:a2:a4:1e:ba:
db:24:dd:af:5d:f8:fc:08:d9:ec:ea:6d:b0:83:b0:
47:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:AE:C8:13:A4:DF:B8:89:34:89:09:B5:D3:16:25:BA:F6:D2:05:7A
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/RK7IE6TfuIk0iQm10xYluvbSBXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.130.0/23
45.153.230.0/24
193.38.54.0/23
IPv6:
2a0e:4bc6::/32
Signature Algorithm: sha256WithRSAEncryption
7a:a1:67:4b:99:b9:c0:65:e3:d0:e7:e6:c1:74:e1:0b:21:0d:
72:e1:83:99:2c:aa:9a:a5:77:22:e5:0d:94:40:b4:b0:6b:9b:
c1:a9:18:56:5d:e2:36:46:d0:22:e0:61:60:95:ac:1d:e3:93:
f7:7b:55:16:9b:c3:3b:59:f8:4e:33:af:6e:52:c8:e8:fd:04:
5e:c8:7a:61:dd:ef:f3:21:cb:cc:25:bb:c4:33:46:f9:ea:23:
da:cb:68:75:c7:32:6e:62:51:5d:33:a3:2f:76:ba:f7:de:84:
b9:22:27:f2:82:6c:bb:9a:72:a0:57:25:b1:88:bd:83:39:c2:
3a:03:8f:24:59:33:30:ee:57:f0:6b:14:d4:23:10:3f:94:a3:
92:42:8c:db:bb:1c:e5:51:48:07:f4:3a:59:5d:53:de:34:f0:
b2:2d:f8:fd:12:6f:72:d9:aa:b8:e9:b7:3c:8d:45:4a:82:75:
19:fa:9c:ed:a5:b9:52:64:94:50:5e:a3:6f:e0:a8:03:3a:71:
18:4b:35:4e:bb:87:9a:72:20:6f:e0:aa:3b:67:50:d3:44:d0:
94:38:f0:1e:fc:f0:7a:fb:bf:bf:ae:6f:a4:34:cf:e1:72:62:
b1:1a:cd:28:11:27:2d:7f:9d:1b:fe:b5:0a:c3:7a:fa:88:50:
74:c3:b3:71
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYw+5D7w1b9GndzPrC7OHglGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMxMjA2MTEyOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGFlYzgxM2E0ZGZiODg5MzQ4OTA5YjVkMzE2MjViYWY2ZDIwNTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6umRPNk8CuHa3I4xT9ZbHQ19enwl
BM5L2TPnKAr1eyIzgB6LkfUiuIdGpqiUZXpK2nSRRqbXkiQY1/YlDFo7lbzkjDqa
aCb5+he8pHbpMURESUJjz4vm9npFlxg1a/GvYshtr7QkkTcP53s2TRGoZmz7XEVR
6fRSOKc+iydh5VZw5Wd8fXIyMqHJQk5VLQLkLHdLY86jv4ox1iRucqrmvLlxWpS1
KqHBoTDPY2kTUe3UjDgOoKtsJ6j7VdeaVdUnULG2+hHXEzvxYwB0zcjckHgKZGxA
gHvc32y+lbqnjWHOrNJXczLBhrAhZ6KkHrrbJN2vXfj8CNns6m2wg7BH9wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFESuyBOk37iJNIkJtdMWJbr20gV6MB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvUks3SUU2VGZ1SWswaVFtMTB4WWx1dmJTQlhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBLYSCAwQA
LZnmAwQBwSY2MA0EAgACMAcDBQAqDkvGMA0GCSqGSIb3DQEBCwUAA4IBAQB6oWdL
mbnAZePQ5+bBdOELIQ1y4YOZLKqapXci5Q2UQLSwa5vBqRhWXeI2RtAi4GFglawd
45P3e1UWm8M7WfhOM69uUsjo/QReyHph3e/zIcvMJbvEM0b56iPay2h1xzJuYlFd
M6Mvdrr33oS5Iifygmy7mnKgVyWxiL2DOcI6A48kWTMw7lfwaxTUIxA/lKOSQozb
uxzlUUgH9DpZXVPeNPCyLfj9Em9y2aq46bc8jUVKgnUZ+pztpblSZJRQXqNv4KgD
OnEYSzVOu4eaciBv4Ko7Z1DTRNCUOPAe/PB6+7+/rm+kNM/hcmKxGs0oESctf50b
/rUKw3r6iFB0w7Nx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org