Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/DJjW92Pf3wF8ISKSFCQqKm0ojII.roa
File: DJjW92Pf3wF8ISKSFCQqKm0ojII.roa (raw, json)
Hash identifier: ca5f5GhDwXhe6N1b+peXX9O0Gq82BgVckfidW6xYWHs=
Subject key identifier: 0C:98:D6:F7:63:DF:DF:01:7C:21:22:92:14:24:2A:2A:6D:28:8C:82
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01906E9A8468B3002145E145B60469069C2E
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/DJjW92Pf3wF8ISKSFCQqKm0ojII.roa
Signing time: Mon 01 Jul 2024 14:02:18 +0000
ROA not before: Mon 01 Jul 2024 14:02:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215239
IP address blocks: 45.143.0.0/22 maxlen: 32
185.213.151.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6e:9a:84:68:b3:00:21:45:e1:45:b6:04:69:06:9c:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jul 1 14:02:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c98d6f763dfdf017c21229214242a2a6d288c82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:20:27:96:77:03:8a:05:36:92:96:fd:df:5a:
72:ad:b9:3f:31:c7:84:a9:bb:5d:46:cc:e6:82:ab:
9b:9e:05:d6:ef:1e:d2:7b:24:4f:81:0b:de:7b:1c:
10:de:d5:c6:8f:19:d8:1c:9f:fe:65:4c:d1:c1:e8:
45:77:22:95:4e:bb:37:df:2e:e7:54:f1:66:e6:d4:
ad:12:ed:30:94:d0:6a:b2:62:a3:08:6a:a3:27:1a:
07:4c:94:39:2f:b5:16:90:6b:9d:00:07:71:92:2e:
96:87:fa:4c:2b:9d:c5:04:6a:e1:6e:d4:13:c9:1e:
d7:91:95:bc:37:50:5d:87:40:9a:08:35:bf:36:6c:
fc:25:63:3c:6c:96:a5:ca:9b:7f:a0:eb:8c:64:b0:
fc:ed:5f:8f:6b:af:f9:36:64:30:84:33:b8:98:22:
de:08:a1:05:27:21:17:7c:b4:b2:71:96:bb:a8:c5:
96:03:b9:b8:c8:58:41:1a:f3:93:6a:13:c3:90:f7:
8c:03:69:0d:77:e5:41:ff:87:42:22:5d:b7:f6:73:
45:32:67:84:55:b8:9f:75:26:17:8c:7f:4b:0a:cd:
25:fa:4b:17:e3:8e:89:11:b6:a5:d5:03:95:d5:f0:
9e:f9:01:36:41:84:4b:45:37:76:8f:9f:fb:0c:00:
83:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:98:D6:F7:63:DF:DF:01:7C:21:22:92:14:24:2A:2A:6D:28:8C:82
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/DJjW92Pf3wF8ISKSFCQqKm0ojII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.0.0/22
185.213.151.0/24
Signature Algorithm: sha256WithRSAEncryption
88:c6:c4:4d:21:54:eb:1d:63:14:45:dc:08:16:19:87:64:44:
9d:e1:16:b7:27:a4:71:90:db:91:fa:22:53:ac:4c:cf:f5:19:
3c:a3:4e:af:fb:4e:fa:49:83:e0:df:5f:4b:5d:1b:45:88:4a:
a0:99:e5:4c:19:ec:2b:b4:0b:af:e4:7f:45:50:2f:9d:7d:f1:
15:7e:4b:82:ee:13:3a:e2:af:97:71:03:6d:4d:df:89:9d:dc:
33:1f:01:5c:24:1f:fa:56:cd:9a:8c:94:3d:e3:d1:c2:01:92:
c0:fb:4c:71:c8:9f:e6:37:b9:e1:80:cb:23:9d:72:18:b2:1d:
6c:03:db:10:e7:73:e8:dc:98:76:57:12:b8:d1:93:32:e6:32:
e3:89:b0:fd:37:67:6a:b0:88:72:63:af:14:40:4b:0e:20:77:
00:ec:64:2f:c7:1c:0a:7c:79:c3:65:6c:c0:a2:9a:24:b0:a4:
18:a9:d6:3f:f6:6e:0a:4d:b7:3d:b6:6b:82:32:84:2a:4d:2f:
a4:4a:e5:71:a1:72:f1:39:79:a9:fa:ed:65:60:91:b5:5f:b7:
5c:34:d6:71:62:18:17:a5:34:1e:90:17:03:c0:80:33:77:03:
69:96:ff:10:4e:8e:08:37:30:c4:15:ef:21:d6:25:23:d7:5c:
83:6c:30:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZBumoRoswAhReFFtgRpBpwuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwNzAxMTQwMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzk4ZDZmNzYzZGZkZjAxN2MyMTIyOTIxNDI0MmEyYTZkMjg4YzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSAnlncDigU2kpb931pyrbk/MceE
qbtdRszmgqubngXW7x7SeyRPgQveexwQ3tXGjxnYHJ/+ZUzRwehFdyKVTrs33y7n
VPFm5tStEu0wlNBqsmKjCGqjJxoHTJQ5L7UWkGudAAdxki6Wh/pMK53FBGrhbtQT
yR7XkZW8N1Bdh0CaCDW/Nmz8JWM8bJalypt/oOuMZLD87V+Pa6/5NmQwhDO4mCLe
CKEFJyEXfLSycZa7qMWWA7m4yFhBGvOTahPDkPeMA2kNd+VB/4dCIl239nNFMmeE
VbifdSYXjH9LCs0l+ksX446JEbal1QOV1fCe+QE2QYRLRTd2j5/7DACD0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAyY1vdj398BfCEikhQkKiptKIyCMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvREpqVzkyUGYzd0Y4SVNLU0ZDUXFLbTBvaklJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLY8AAwQA
udWXMA0GCSqGSIb3DQEBCwUAA4IBAQCIxsRNIVTrHWMURdwIFhmHZESd4Ra3J6Rx
kNuR+iJTrEzP9Rk8o06v+076SYPg319LXRtFiEqgmeVMGewrtAuv5H9FUC+dffEV
fkuC7hM64q+XcQNtTd+JndwzHwFcJB/6Vs2ajJQ949HCAZLA+0xxyJ/mN7nhgMsj
nXIYsh1sA9sQ53Po3Jh2VxK40ZMy5jLjibD9N2dqsIhyY68UQEsOIHcA7GQvxxwK
fHnDZWzAopoksKQYqdY/9m4KTbc9tmuCMoQqTS+kSuVxoXLxOXmp+u1lYJG1X7dc
NNZxYhgXpTQekBcDwIAzdwNplv8QTo4INzDEFe8h1iUj11yDbDDf
-----END CERTIFICATE-----
Generated at Tue Jul 2 14:30:22 2024 by rpki-client on console-fra.rpki-client.org