Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/mAgBiBK3jLnxbtGcB8Y6Ei7FSuM.roa
File: mAgBiBK3jLnxbtGcB8Y6Ei7FSuM.roa (raw, json)
Hash identifier: XX03uSIRcLxFedT721w2IDgQvLg2qiQ63kMR1SCwUcc=
Subject key identifier: 98:08:01:88:12:B7:8C:B9:F1:6E:D1:9C:07:C6:3A:12:2E:C5:4A:E3
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 018C3EBBF7E844C0B38DB3BBCE3524A9BDF2
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/mAgBiBK3jLnxbtGcB8Y6Ei7FSuM.roa
Signing time: Wed 06 Dec 2023 10:45:55 +0000
ROA not before: Wed 06 Dec 2023 10:45:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 45.153.230.0/24 maxlen: 24
195.246.110.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:bb:f7:e8:44:c0:b3:8d:b3:bb:ce:35:24:a9:bd:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Dec 6 10:45:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9808018812b78cb9f16ed19c07c63a122ec54ae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:65:78:57:24:79:e2:b1:d1:35:04:62:85:23:
1a:d3:d5:49:65:32:9d:f0:72:26:57:28:7a:b7:0a:
32:55:e1:07:e4:b4:ce:0e:8a:85:e0:62:b8:10:cb:
31:10:91:17:b6:a9:c7:54:8f:98:d1:96:41:27:ee:
55:a6:31:ac:cb:6b:46:55:73:c3:4e:13:24:60:4f:
af:45:31:da:56:48:2e:dd:0a:2d:3d:44:8b:75:11:
66:a7:5b:8c:8a:50:51:4c:e8:2f:5e:0a:73:13:3c:
66:e7:6c:f7:d0:15:70:3d:db:d9:2b:d4:76:3c:19:
43:7b:10:a8:79:42:ca:8e:44:ad:d0:d6:f9:9b:fa:
61:0d:07:af:f1:a0:bc:16:c3:05:19:4c:00:27:8b:
47:55:7a:cf:18:c4:19:d2:d3:b2:e5:82:2f:15:e2:
2f:b0:be:d4:0f:90:6f:df:85:e3:7e:d5:fc:c7:77:
e5:5d:af:92:af:77:a6:96:34:55:ed:24:03:1f:9a:
e2:f0:2b:67:d6:02:4a:87:bb:5f:67:f6:15:71:63:
2c:13:7b:c4:9d:24:dd:d3:76:9f:05:27:cc:18:6d:
55:73:2e:41:23:e6:f2:16:00:3c:9e:b9:a4:f9:0e:
c3:ff:5e:19:a5:f6:c4:a5:a8:f1:31:25:ba:bb:ca:
9e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:08:01:88:12:B7:8C:B9:F1:6E:D1:9C:07:C6:3A:12:2E:C5:4A:E3
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/mAgBiBK3jLnxbtGcB8Y6Ei7FSuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.230.0/24
195.246.110.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:fe:4d:23:64:37:b2:56:98:e9:e1:45:8f:f3:bd:ab:70:c8:
d1:b6:5d:57:2d:0e:42:2a:b0:ce:d4:5c:c1:99:6d:59:80:43:
05:11:3d:be:50:71:f5:3e:8a:4f:19:69:5d:d3:7c:30:14:ba:
fd:32:f6:c6:8b:e6:a1:de:7b:3b:d8:3f:45:e5:d4:3b:40:77:
9e:48:35:f5:2e:fa:47:7a:f8:2a:c3:8d:65:8d:a3:f5:79:a2:
7b:b7:9b:27:f4:78:76:22:4a:b9:10:dd:27:62:a8:76:f1:4d:
af:ad:fa:1d:07:36:de:62:fc:e1:4d:e1:d8:2f:88:8e:a4:9d:
72:06:ae:22:88:41:9a:0f:b3:ef:c9:8f:8b:41:7e:dc:1f:82:
5a:6b:09:bf:26:fa:b5:20:1d:65:58:f6:d3:49:2f:f6:b3:77:
d2:e5:85:b2:ab:1e:d9:8c:ad:56:f5:97:a0:c3:e9:f9:d1:0f:
3c:ad:21:88:d3:8b:a1:f5:03:bf:82:99:6f:b2:c2:69:ac:94:
2e:87:f8:af:ee:32:ec:20:0a:00:cc:90:db:e8:6c:4b:73:76:
0f:b3:cc:a4:70:02:23:a6:c8:f9:94:b6:d7:4c:c7:25:c6:af:
92:ef:4e:54:ec:fa:f8:2d:8d:73:d5:6e:cb:6f:d8:8c:f8:05:
01:bf:ff:cc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYw+u/foRMCzjbO7zjUkqb3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMxMjA2MTA0NTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODA4MDE4ODEyYjc4Y2I5ZjE2ZWQxOWMwN2M2M2ExMjJlYzU0YWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGV4VyR54rHRNQRihSMa09VJZTKd
8HImVyh6twoyVeEH5LTODoqF4GK4EMsxEJEXtqnHVI+Y0ZZBJ+5VpjGsy2tGVXPD
ThMkYE+vRTHaVkgu3QotPUSLdRFmp1uMilBRTOgvXgpzEzxm52z30BVwPdvZK9R2
PBlDexCoeULKjkSt0Nb5m/phDQev8aC8FsMFGUwAJ4tHVXrPGMQZ0tOy5YIvFeIv
sL7UD5Bv34XjftX8x3flXa+Sr3emljRV7SQDH5ri8Ctn1gJKh7tfZ/YVcWMsE3vE
nSTd03afBSfMGG1Vcy5BI+byFgA8nrmk+Q7D/14ZpfbEpajxMSW6u8qeYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJgIAYgSt4y58W7RnAfGOhIuxUrjMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvbUFnQmlCSzNqTG54YnRHY0I4WTZFaTdGU3VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZnmAwQA
w/ZuMA0GCSqGSIb3DQEBCwUAA4IBAQB9/k0jZDeyVpjp4UWP872rcMjRtl1XLQ5C
KrDO1FzBmW1ZgEMFET2+UHH1PopPGWld03wwFLr9MvbGi+ah3ns72D9F5dQ7QHee
SDX1LvpHevgqw41ljaP1eaJ7t5sn9Hh2Ikq5EN0nYqh28U2vrfodBzbeYvzhTeHY
L4iOpJ1yBq4iiEGaD7PvyY+LQX7cH4Jaawm/Jvq1IB1lWPbTSS/2s3fS5YWyqx7Z
jK1W9Zegw+n50Q88rSGI04uh9QO/gplvssJprJQuh/iv7jLsIAoAzJDb6GxLc3YP
s8ykcAIjpsj5lLbXTMclxq+S705U7Pr4LY1z1W7Lb9iM+AUBv//M
-----END CERTIFICATE-----
Generated at Wed Dec 20 16:22:58 2023 by rpki-client on console-ams.rpki-client.org