Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/jfsXXw6O15MTkdBn45zOGzGj1jI.roa
File: jfsXXw6O15MTkdBn45zOGzGj1jI.roa (raw, json)
Hash identifier: 2tgEvpoWdiLNSdLyjPha56W6AggucuvNWtzMhobPCzQ=
Subject key identifier: 8D:FB:17:5F:0E:8E:D7:93:13:91:D0:67:E3:9C:CE:1B:31:A3:D6:32
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 018C87DB8104B198A43CC2619C7B2020BA03
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/jfsXXw6O15MTkdBn45zOGzGj1jI.roa
Signing time: Wed 20 Dec 2023 15:32:38 +0000
ROA not before: Wed 20 Dec 2023 15:32:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 45.132.131.0/24 maxlen: 24
45.132.130.0/24 maxlen: 24
2a0e:4bc6::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:87:db:81:04:b1:98:a4:3c:c2:61:9c:7b:20:20:ba:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Dec 20 15:32:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8dfb175f0e8ed7931391d067e39cce1b31a3d632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f2:be:1c:e0:39:ff:7d:60:0e:06:3a:3f:a8:
b8:51:f1:9d:cd:16:b0:3c:c6:ff:20:35:58:0b:b0:
16:42:71:4e:ed:68:b1:f6:e5:0a:63:ea:2f:a2:5e:
d4:02:10:83:63:0d:eb:9b:78:2a:de:5d:ea:90:0a:
39:25:b2:38:5f:fd:45:3f:04:6a:5e:f5:38:ab:43:
d4:cd:8b:a6:1b:18:e8:20:f3:20:13:85:90:22:38:
f1:49:15:4a:fa:de:e7:10:cd:9c:81:64:16:a6:47:
0a:35:3d:7f:96:5f:09:f9:81:df:f0:8f:11:86:b1:
71:82:4f:a1:f1:32:ac:8c:d9:81:7d:20:79:9f:d7:
9a:03:d9:d9:a4:b9:93:7c:6a:40:82:51:5c:9a:44:
0a:8e:22:b4:82:bc:31:71:5d:98:c5:b1:b3:02:64:
4f:86:32:99:00:1d:fc:4a:d1:60:6f:47:ff:58:a5:
ec:fc:de:35:0d:25:c9:40:da:6f:48:5f:80:81:6c:
dc:30:d2:85:4c:0d:fd:fe:b0:b0:6e:1b:48:3d:fa:
39:d3:29:6c:c9:ac:67:92:8d:ff:13:bf:26:a3:f1:
6d:be:4e:50:a0:63:3d:7f:e1:34:4e:ca:fa:1b:b4:
d5:40:f8:74:9a:f3:85:cb:b7:40:ef:49:3e:bd:e2:
b5:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:FB:17:5F:0E:8E:D7:93:13:91:D0:67:E3:9C:CE:1B:31:A3:D6:32
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/jfsXXw6O15MTkdBn45zOGzGj1jI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.130.0/23
IPv6:
2a0e:4bc6::/32
Signature Algorithm: sha256WithRSAEncryption
a2:8e:02:5c:23:c3:9c:84:f9:f9:1e:81:22:90:01:dd:2c:c5:
01:cd:f8:97:68:71:ff:e8:ad:46:80:59:97:77:0c:20:07:b6:
3f:da:db:74:27:d8:0e:37:44:78:00:fa:36:95:24:b3:3b:77:
0a:c2:69:63:57:1d:45:dd:49:c7:ff:32:7b:89:d3:10:17:7c:
7e:8c:55:67:ce:17:cc:eb:41:8b:31:52:14:98:fb:1a:b3:6d:
87:c8:b5:1d:e6:6a:00:6a:d6:12:ab:c0:5e:92:fe:64:76:05:
4c:9c:ab:a7:5d:04:3e:d2:09:36:49:16:23:2f:ca:fb:56:5f:
c0:c1:8d:44:da:2c:96:a7:44:85:bb:cb:f1:12:c1:45:b2:bf:
e9:09:e1:f8:48:fe:bb:42:58:21:8f:ce:54:5c:c3:7c:85:62:
0e:cb:a8:c7:03:d0:62:4b:b6:dd:2e:86:63:66:89:11:e7:32:
51:73:8f:fb:b7:14:c5:5e:cf:23:ef:f7:b0:c6:73:63:63:28:
5f:62:71:7d:45:5a:d2:0b:0d:89:b5:25:e9:f1:80:13:ab:ae:
c0:50:78:cc:62:e7:4b:e2:6e:4a:73:7b:0f:ac:f5:5d:a7:9b:
54:99:6a:06:51:49:f8:8e:8d:e9:8e:64:ff:58:81:c1:39:08:
ae:e0:8b:29
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYyH24EEsZikPMJhnHsgILoDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMxMjIwMTUzMjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGZiMTc1ZjBlOGVkNzkzMTM5MWQwNjdlMzljY2UxYjMxYTNkNjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvK+HOA5/31gDgY6P6i4UfGdzRaw
PMb/IDVYC7AWQnFO7Wix9uUKY+ovol7UAhCDYw3rm3gq3l3qkAo5JbI4X/1FPwRq
XvU4q0PUzYumGxjoIPMgE4WQIjjxSRVK+t7nEM2cgWQWpkcKNT1/ll8J+YHf8I8R
hrFxgk+h8TKsjNmBfSB5n9eaA9nZpLmTfGpAglFcmkQKjiK0grwxcV2YxbGzAmRP
hjKZAB38StFgb0f/WKXs/N41DSXJQNpvSF+AgWzcMNKFTA39/rCwbhtIPfo50yls
yaxnko3/E78mo/Ftvk5QoGM9f+E0Tsr6G7TVQPh0mvOFy7dA70k+veK13wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI37F18OjteTE5HQZ+Oczhsxo9YyMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvamZzWFh3Nk8xNU1Ua2RCbjQ1ek9HekdqMWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBLYSCMA0E
AgACMAcDBQAqDkvGMA0GCSqGSIb3DQEBCwUAA4IBAQCijgJcI8OchPn5HoEikAHd
LMUBzfiXaHH/6K1GgFmXdwwgB7Y/2tt0J9gON0R4APo2lSSzO3cKwmljVx1F3UnH
/zJ7idMQF3x+jFVnzhfM60GLMVIUmPsas22HyLUd5moAatYSq8Bekv5kdgVMnKun
XQQ+0gk2SRYjL8r7Vl/AwY1E2iyWp0SFu8vxEsFFsr/pCeH4SP67Qlghj85UXMN8
hWIOy6jHA9BiS7bdLoZjZokR5zJRc4/7txTFXs8j7/ewxnNjYyhfYnF9RVrSCw2J
tSXp8YATq67AUHjMYudL4m5Kc3sPrPVdp5tUmWoGUUn4jo3pjmT/WIHBOQiu4Isp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org