Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/z1x842KTjhD9a83L-VmxNbYMeWo.roa
File: z1x842KTjhD9a83L-VmxNbYMeWo.roa (raw, json)
Hash identifier: LYsH+FvA90axzJYDkj3USQRyC7w1qbY8vwyelniYnmY=
Subject key identifier: CF:5C:7C:E3:62:93:8E:10:FD:6B:CD:CB:F9:59:B1:35:B6:0C:79:6A
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 0188303D75AE957CB73F922139351B8AECD9
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/z1x842KTjhD9a83L-VmxNbYMeWo.roa
Signing time: Thu 18 May 2023 19:01:54 +0000
ROA not before: Thu 18 May 2023 19:01:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202656
IP address blocks: 45.138.7.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:30:3d:75:ae:95:7c:b7:3f:92:21:39:35:1b:8a:ec:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: May 18 19:01:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf5c7ce362938e10fd6bcdcbf959b135b60c796a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d4:93:ef:4e:53:7e:20:b7:67:1b:c2:90:f6:
27:0d:91:2e:7c:fb:be:1f:eb:9e:51:da:32:56:87:
06:1c:4e:85:c8:c9:5d:63:87:40:bf:bc:f6:aa:bc:
1a:49:18:1f:76:41:82:c1:0a:7a:06:fd:28:34:3f:
cd:68:40:58:95:5d:72:c2:86:89:89:f6:e2:14:1b:
6f:d9:9b:b3:b1:31:69:ee:d0:fa:c6:64:32:cb:ef:
9a:f7:b5:4b:36:92:c1:06:28:e3:67:e9:01:ea:40:
f7:b2:93:0e:13:fb:d5:32:a7:e8:a5:ba:06:5c:4a:
78:3f:a5:fd:f2:9d:2c:f8:86:7b:23:aa:a2:31:42:
0b:d7:6e:20:6a:4a:06:2f:7e:cf:8e:7a:5b:6b:60:
fe:06:fa:ca:c3:bc:13:c7:12:04:f7:db:a5:60:29:
b4:97:0f:a4:f6:52:39:f8:66:36:0d:69:11:fa:9b:
4f:88:3d:bf:da:99:7d:1d:9d:90:78:89:94:6c:11:
e7:42:29:96:fb:36:6b:f5:96:28:51:11:e8:f2:06:
70:7a:15:fe:6d:32:90:d2:b6:79:84:e2:68:b5:8e:
b7:8f:a4:c6:0c:f6:c1:cb:53:6b:6b:92:90:85:63:
dd:7c:b4:32:6b:3a:ed:96:40:e9:f9:6c:92:e9:03:
d0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:5C:7C:E3:62:93:8E:10:FD:6B:CD:CB:F9:59:B1:35:B6:0C:79:6A
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/z1x842KTjhD9a83L-VmxNbYMeWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.7.0/24
Signature Algorithm: sha256WithRSAEncryption
03:95:cb:64:21:bb:9a:67:c6:94:79:24:5e:79:6b:5e:de:19:
98:87:1a:2f:2f:6e:1c:c1:75:31:19:8f:85:2c:cf:99:31:b0:
2f:35:86:ba:d8:5b:29:5b:7b:c1:8a:e7:99:0a:ee:88:9e:76:
96:23:92:26:55:04:47:b5:3b:66:c1:33:a3:3d:3d:70:fc:e2:
89:58:42:f5:c8:d7:e2:e4:fe:0e:61:00:20:4b:5c:a7:75:b8:
35:6d:c4:ea:87:7f:3b:4c:2e:8c:33:24:b5:dc:2a:a3:d1:9e:
3b:19:92:61:b3:1f:38:79:19:f2:06:4f:e6:19:76:cc:d7:30:
c8:ac:ee:4d:e3:a3:de:16:f2:d0:c2:a2:1f:be:8e:22:40:57:
cf:77:aa:b6:23:40:a5:9b:9a:05:36:0c:2d:d1:87:ab:75:8d:
28:89:ae:3d:bb:b0:53:55:52:88:fa:37:1c:e2:18:10:bd:48:
a1:d2:bc:b4:2d:bc:11:75:6f:e4:6b:32:fb:4b:07:40:98:37:
9d:56:db:ae:95:85:89:8b:a6:29:d3:4f:2c:c8:51:b2:ad:f5:
46:96:01:70:3e:a4:37:38:b0:b5:fd:f0:0d:eb:fc:3d:b1:a4:
5f:92:47:d3:93:29:54:cd:52:49:f1:c2:20:67:cf:e3:dc:74:
1e:95:2f:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgwPXWulXy3P5IhOTUbiuzZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwNTE4MTkwMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjVjN2NlMzYyOTM4ZTEwZmQ2YmNkY2JmOTU5YjEzNWI2MGM3OTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtST705TfiC3ZxvCkPYnDZEufPu+
H+ueUdoyVocGHE6FyMldY4dAv7z2qrwaSRgfdkGCwQp6Bv0oND/NaEBYlV1ywoaJ
ifbiFBtv2ZuzsTFp7tD6xmQyy++a97VLNpLBBijjZ+kB6kD3spMOE/vVMqfopboG
XEp4P6X98p0s+IZ7I6qiMUIL124gakoGL37Pjnpba2D+BvrKw7wTxxIE99ulYCm0
lw+k9lI5+GY2DWkR+ptPiD2/2pl9HZ2QeImUbBHnQimW+zZr9ZYoURHo8gZwehX+
bTKQ0rZ5hOJotY63j6TGDPbBy1Nra5KQhWPdfLQyazrtlkDp+WyS6QPQ9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9cfONik44Q/WvNy/lZsTW2DHlqMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvejF4ODQyS1RqaEQ5YTgzTC1WbXhOYllNZVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYoHMA0G
CSqGSIb3DQEBCwUAA4IBAQADlctkIbuaZ8aUeSReeWte3hmYhxovL24cwXUxGY+F
LM+ZMbAvNYa62FspW3vBiueZCu6InnaWI5ImVQRHtTtmwTOjPT1w/OKJWEL1yNfi
5P4OYQAgS1yndbg1bcTqh387TC6MMyS13Cqj0Z47GZJhsx84eRnyBk/mGXbM1zDI
rO5N46PeFvLQwqIfvo4iQFfPd6q2I0Clm5oFNgwt0YerdY0oia49u7BTVVKI+jcc
4hgQvUih0ry0LbwRdW/kazL7SwdAmDedVtuulYWJi6Yp008syFGyrfVGlgFwPqQ3
OLC1/fAN6/w9saRfkkfTkylUzVJJ8cIgZ8/j3HQelS8/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org