Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/j9hYzOLQ53RS6DYtv7vXWfGOvpI.roa
File: j9hYzOLQ53RS6DYtv7vXWfGOvpI.roa (raw, json)
Hash identifier: C1A+xtPzQtmzrbYneN/NoL+MULMh+/lZRVX9JsYur+U=
Subject key identifier: 8F:D8:58:CC:E2:D0:E7:74:52:E8:36:2D:BF:BB:D7:59:F1:8E:BE:92
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DCB54182B0BADE8E91E221E5469FC
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/j9hYzOLQ53RS6DYtv7vXWfGOvpI.roa
Signing time: Sun 01 Jan 2023 20:55:01 +0000
ROA not before: Sun 01 Jan 2023 20:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196695
IP address blocks: 45.129.236.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:cb:54:18:2b:0b:ad:e8:e9:1e:22:1e:54:69:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fd858cce2d0e77452e8362dbfbbd759f18ebe92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d1:11:70:24:c7:c4:89:f4:d6:da:98:ad:99:
77:52:6b:6e:77:9e:4e:87:ae:d7:aa:dd:2b:91:5e:
11:27:3b:8b:3a:ab:68:0d:1d:87:28:37:27:48:3a:
7e:99:77:af:55:ea:35:ff:3b:ed:72:0e:9d:96:48:
fd:8e:42:df:92:8a:e1:26:5a:dd:bd:2e:e1:e2:8d:
6d:b8:3e:e8:11:b0:0f:56:a2:3d:42:a0:bc:10:36:
0d:e7:43:33:65:f9:61:6b:c6:39:82:11:f8:e7:04:
c3:4e:d6:4d:e5:04:b3:b2:89:d1:1c:9c:b7:98:f8:
35:9e:e1:a7:85:b3:ae:db:50:7f:48:b0:37:70:65:
5d:e0:8e:0f:f2:c7:3b:10:5a:ae:e9:c8:28:19:22:
9c:89:01:8f:ec:2d:da:4b:83:4c:3c:22:19:a4:0b:
bf:96:61:0d:26:70:ef:06:45:cf:42:14:e5:53:52:
c2:b4:6f:2a:95:2d:52:87:c9:89:86:0e:f4:39:77:
f6:45:cf:dd:fd:29:ec:cc:de:9a:b7:c3:d7:90:98:
b9:d6:6d:c1:d7:e3:ab:af:15:17:a0:0e:29:66:54:
f4:ac:20:d6:4a:28:90:4e:75:85:cf:a6:8d:ae:bb:
62:33:51:e3:a7:2f:ad:3b:00:20:68:20:84:20:e1:
f7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D8:58:CC:E2:D0:E7:74:52:E8:36:2D:BF:BB:D7:59:F1:8E:BE:92
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/j9hYzOLQ53RS6DYtv7vXWfGOvpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.236.0/24
Signature Algorithm: sha256WithRSAEncryption
37:2f:6b:b6:c0:55:dd:a3:8f:07:e5:bb:b9:30:be:7e:04:75:
3f:ee:ee:e3:e0:81:d1:17:59:53:f7:df:f1:0f:51:0d:c0:36:
e5:58:3a:aa:5c:0d:40:c8:61:18:7a:32:94:88:9f:6a:75:f9:
57:3c:68:08:f4:c5:45:78:57:4c:26:3c:a1:82:50:df:35:74:
98:86:fe:4c:63:16:50:84:5a:ca:4e:5b:ec:66:00:23:58:e7:
38:e2:cd:8e:4c:02:35:93:32:90:ad:bb:4b:86:60:91:78:c3:
69:df:d0:71:90:5a:7a:c5:3e:e0:35:4d:80:83:85:71:12:bb:
10:7e:4d:b1:5e:9c:c0:45:4a:9c:dc:b4:94:db:57:34:3e:2b:
2f:b8:74:1e:fc:91:0f:79:43:74:f8:bd:4b:18:0f:b0:e8:b0:
c4:b4:31:dd:b1:78:e1:9e:9f:4d:17:5a:35:c8:64:48:13:4f:
45:30:97:d3:09:47:f7:d9:51:ae:50:69:f3:bf:e0:da:89:79:
c1:70:9b:c8:07:c7:51:25:4f:57:e9:aa:80:81:17:28:ca:2e:
2c:c2:17:a4:65:63:d0:3b:e7:c4:3b:e7:6b:28:82:f5:23:0b:
3b:b2:f8:07:08:29:d4:5d:46:92:5c:42:c7:d2:23:a7:d4:eb:
5c:ec:da:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHctUGCsLrejpHiIeVGn8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmQ4NThjY2UyZDBlNzc0NTJlODM2MmRiZmJiZDc1OWYxOGViZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtERcCTHxIn01tqYrZl3Umtud55O
h67Xqt0rkV4RJzuLOqtoDR2HKDcnSDp+mXevVeo1/zvtcg6dlkj9jkLfkorhJlrd
vS7h4o1tuD7oEbAPVqI9QqC8EDYN50MzZflha8Y5ghH45wTDTtZN5QSzsonRHJy3
mPg1nuGnhbOu21B/SLA3cGVd4I4P8sc7EFqu6cgoGSKciQGP7C3aS4NMPCIZpAu/
lmENJnDvBkXPQhTlU1LCtG8qlS1Sh8mJhg70OXf2Rc/d/SnszN6at8PXkJi51m3B
1+OrrxUXoA4pZlT0rCDWSiiQTnWFz6aNrrtiM1Hjpy+tOwAgaCCEIOH3QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI/YWMzi0Od0Uug2Lb+711nxjr6SMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvajloWXpPTFE1M1JTNkRZdHY3dlhXZkdPdnBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYHsMA0G
CSqGSIb3DQEBCwUAA4IBAQA3L2u2wFXdo48H5bu5ML5+BHU/7u7j4IHRF1lT99/x
D1ENwDblWDqqXA1AyGEYejKUiJ9qdflXPGgI9MVFeFdMJjyhglDfNXSYhv5MYxZQ
hFrKTlvsZgAjWOc44s2OTAI1kzKQrbtLhmCReMNp39BxkFp6xT7gNU2Ag4VxErsQ
fk2xXpzARUqc3LSU21c0PisvuHQe/JEPeUN0+L1LGA+w6LDEtDHdsXjhnp9NF1o1
yGRIE09FMJfTCUf32VGuUGnzv+DaiXnBcJvIB8dRJU9X6aqAgRcoyi4swhekZWPQ
O+fEO+drKIL1Iws7svgHCCnUXUaSXELH0iOn1Otc7NpN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org