Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/zTsyiFSUYvg-1-QThs5p73M9W98.roa
File: zTsyiFSUYvg-1-QThs5p73M9W98.roa (raw, json)
Hash identifier: 8Efta0curW613MoUJSMRzKvUsF7tajuDGOcVJycLuUM=
Subject key identifier: CD:3B:32:88:54:94:62:F8:3E:D7:E4:13:86:CE:69:EF:73:3D:5B:DF
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 0530B568
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/zTsyiFSUYvg-1-QThs5p73M9W98.roa
Signing time: Tue 07 Jun 2022 14:52:03 +0000
ROA not before: Tue 07 Jun 2022 14:52:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51789
IP address blocks: 45.149.128.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87078248 (0x530b568)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jun 7 14:52:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd3b3288549462f83ed7e41386ce69ef733d5bdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:51:01:fd:a8:5f:ea:81:58:fa:10:fd:8a:c9:
03:1a:dc:00:d4:c0:be:1e:4c:74:dc:27:80:cf:6b:
55:f6:23:e4:a2:be:38:60:da:94:19:f8:76:12:c2:
da:7e:5f:07:54:d5:aa:75:9e:5d:6c:8f:3c:3e:47:
a7:f6:7e:4a:79:37:34:b8:1e:23:43:12:89:af:38:
9d:e5:52:1a:dd:ea:08:f1:ad:b5:5e:d9:22:14:88:
90:67:fc:14:d6:f6:89:d3:d3:cd:5e:c7:b0:23:40:
93:22:d2:b9:df:dc:81:aa:bf:60:3c:31:1c:e8:0d:
7a:99:6e:ba:7d:1b:a2:5b:73:ba:f3:12:63:f7:22:
b3:01:55:bf:ed:0f:2e:6d:a2:1a:fd:31:e7:0e:ac:
f4:e9:5f:b0:39:f3:89:65:2c:61:ed:4e:51:0a:db:
6c:db:a0:22:51:68:1b:93:61:01:0f:c7:1e:3e:38:
65:86:51:03:f8:3f:b8:d9:7c:fe:4d:d3:9b:a5:63:
1e:30:5a:a0:08:e0:8f:39:7d:65:42:b9:f9:e1:6e:
d6:2d:d2:30:6f:bd:f1:67:92:39:dc:9a:af:fe:08:
0b:3b:7a:e8:62:ad:fb:9c:e1:40:48:3f:f9:ad:0b:
3e:54:f2:da:cb:2d:58:44:08:7a:38:c1:21:8a:cc:
0b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:3B:32:88:54:94:62:F8:3E:D7:E4:13:86:CE:69:EF:73:3D:5B:DF
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/zTsyiFSUYvg-1-QThs5p73M9W98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.128.0/24
Signature Algorithm: sha256WithRSAEncryption
04:1d:a9:23:54:56:91:47:ed:c8:78:d6:83:b2:f1:84:fd:1f:
2e:d9:56:66:b0:c1:ac:53:1e:73:b0:14:67:5b:40:c9:14:7f:
b7:37:4d:b2:75:d6:30:3b:60:2b:3e:c7:ba:27:6e:58:92:08:
65:0f:8f:e6:30:4f:0e:b1:9d:b8:da:33:ad:77:78:34:a5:52:
f6:a1:a3:f1:1f:0f:82:a5:ba:21:b1:ac:2f:07:3f:84:ac:7b:
c6:af:99:d2:dc:d2:d1:38:78:26:68:c0:fc:69:71:38:6f:41:
7e:20:77:6c:72:c4:6a:7a:c8:fa:ac:bd:2d:dd:fa:77:19:df:
ce:db:73:04:0e:65:50:8a:69:41:ca:8b:af:81:f1:af:c1:ba:
86:10:af:40:82:48:5e:36:c6:22:49:87:84:be:be:c7:e7:92:
a1:ef:a4:8a:65:b4:80:ca:51:43:3a:51:d8:40:41:90:f2:52:
06:dd:2e:77:39:05:b4:83:23:29:a0:d9:75:5e:dd:c7:7a:47:
e4:d8:b1:5e:7d:06:aa:ab:ff:3e:fb:6b:58:ae:99:96:b6:c2:
bb:f2:99:c4:94:05:3a:a9:d7:4b:f8:74:43:24:e4:1c:f6:c7:
27:24:6f:bb:b6:a3:f9:f1:53:4d:6b:71:ab:35:a1:f0:48:ee:
31:a4:5f:82
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBTC1aDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGEzOTQxYzI3Y2ZlNWMyMzRjNGJmMjIxZWNiMmE1NzliMmRlYWFiMB4XDTIyMDYw
NzE0NTIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2QzYjMyODg1NDk0
NjJmODNlZDdlNDEzODZjZTY5ZWY3MzNkNWJkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMRRAf2oX+qBWPoQ/YrJAxrcANTAvh5MdNwngM9rVfYj5KK+
OGDalBn4dhLC2n5fB1TVqnWeXWyPPD5Hp/Z+Snk3NLgeI0MSia84neVSGt3qCPGt
tV7ZIhSIkGf8FNb2idPTzV7HsCNAkyLSud/cgaq/YDwxHOgNepluun0boltzuvMS
Y/ciswFVv+0PLm2iGv0x5w6s9OlfsDnziWUsYe1OUQrbbNugIlFoG5NhAQ/HHj44
ZYZRA/g/uNl8/k3Tm6VjHjBaoAjgjzl9ZUK5+eFu1i3SMG+98WeSOdyar/4ICzt6
6GKt+5zhQEg/+a0LPlTy2sstWEQIejjBIYrMCy8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTNOzKIVJRi+D7X5BOGzmnvcz1b3zAfBgNVHSMEGDAWgBRdo5QcJ8/lwjTE
vyIeyypXmy3qqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hhT1VIQ2ZQNWNJMHhMOGlIc3NxVjVzdDZxcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvMzBlZDNlLWM0YzQtNGRlOC1iNGYxLWYxMWEzOWYyNmMzYi8x
L3pUc3lpRlNVWXZnLTEtUVRoczVwNzNNOVc5OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
MzBlZDNlLWM0YzQtNGRlOC1iNGYxLWYxMWEzOWYyNmMzYi8xL1hhT1VIQ2ZQNWNJ
MHhMOGlIc3NxVjVzdDZxcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2VgDANBgkqhkiG9w0BAQsFAAOC
AQEABB2pI1RWkUftyHjWg7LxhP0fLtlWZrDBrFMec7AUZ1tAyRR/tzdNsnXWMDtg
Kz7HuiduWJIIZQ+P5jBPDrGduNozrXd4NKVS9qGj8R8PgqW6IbGsLwc/hKx7xq+Z
0tzS0Th4JmjA/GlxOG9BfiB3bHLEanrI+qy9Ld36dxnfzttzBA5lUIppQcqLr4Hx
r8G6hhCvQIJIXjbGIkmHhL6+x+eSoe+kimW0gMpRQzpR2EBBkPJSBt0udzkFtIMj
KaDZdV7dx3pH5NixXn0Gqqv/PvtrWK6ZlrbCu/KZxJQFOqnXS/h0QyTkHPbHJyRv
u7aj+fFTTWtxqzWh8EjuMaRfgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org