Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/FwxjATG8cpa_eFId6af9SnlVrHo.roa
File: FwxjATG8cpa_eFId6af9SnlVrHo.roa (raw, json)
Hash identifier: PxJsyY5+tG3FTMNQYs7skcHCcVwXqzZmdFRpqvg34nE=
Subject key identifier: 17:0C:63:01:31:BC:72:96:BF:78:52:1D:E9:A7:FD:4A:79:55:AC:7A
Certificate issuer: /CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Certificate serial: 018B176376C5D4580B417A747CE9CDB17CC7
Authority key identifier: B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/FwxjATG8cpa_eFId6af9SnlVrHo.roa
Signing time: Tue 10 Oct 2023 02:21:16 +0000
ROA not before: Tue 10 Oct 2023 02:21:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58026
IP address blocks: 65.111.0.0/19 maxlen: 19
104.167.16.0/20 maxlen: 20
104.207.32.0/19 maxlen: 19
45.78.80.0/20 maxlen: 20
217.114.35.0/24 maxlen: 24
45.3.32.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:17:63:76:c5:d4:58:0b:41:7a:74:7c:e9:cd:b1:7c:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Validity
Not Before: Oct 10 02:21:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=170c630131bc7296bf78521de9a7fd4a7955ac7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b6:a4:27:b0:73:1d:aa:ba:99:fb:b1:fe:05:
f0:89:50:2f:2e:c6:ab:20:bc:91:93:17:52:fc:83:
8e:eb:ef:d9:1a:09:59:0f:91:08:3c:2d:ed:50:cd:
e5:c0:80:4b:99:4c:82:eb:80:0b:0e:b0:09:0a:65:
40:42:4d:c6:77:2b:2c:cb:6c:0b:3f:96:64:1f:47:
70:c5:bf:d5:07:1e:41:31:52:10:9e:ef:dc:d1:26:
3d:49:7b:b2:1e:0c:3d:97:d9:bd:1d:a9:8c:87:0e:
4f:65:37:89:7a:36:91:41:e9:84:1e:52:b5:d8:34:
66:02:21:48:8f:95:14:fb:bc:ad:8b:1e:96:f0:51:
0e:72:5d:9d:b5:83:4b:6b:d0:09:3a:a7:d7:0d:df:
5a:02:57:e9:91:cb:1d:dc:a7:31:14:fd:c3:56:c9:
90:cd:94:02:5e:bc:cf:a0:24:43:52:fe:50:5c:83:
18:e7:3e:dc:4b:24:f2:34:7a:6f:d0:42:dc:09:92:
a2:51:ac:9d:47:76:21:37:cd:93:45:39:99:3a:01:
31:73:d7:32:ea:ce:15:23:bc:59:a9:97:e9:e9:30:
03:21:83:ba:40:09:99:da:03:f2:ab:1e:ea:97:6c:
23:98:b5:ec:7c:2b:6c:3b:ce:e2:a6:ba:f7:99:2f:
5f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:0C:63:01:31:BC:72:96:BF:78:52:1D:E9:A7:FD:4A:79:55:AC:7A
X509v3 Authority Key Identifier:
keyid:B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/FwxjATG8cpa_eFId6af9SnlVrHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.3.32.0/19
45.78.80.0/20
65.111.0.0/19
104.167.16.0/20
104.207.32.0/19
217.114.35.0/24
Signature Algorithm: sha256WithRSAEncryption
46:f9:96:ae:88:61:13:4a:2d:64:76:a3:1c:de:04:31:39:97:
0a:66:0a:ab:2c:6d:cc:9c:8b:00:47:2b:28:bb:2a:fa:c3:cf:
b2:6a:40:fd:93:44:b7:c6:b4:a5:26:46:b9:7f:e5:f2:74:96:
76:eb:14:da:5c:3c:14:a2:f9:3e:7c:b0:83:d5:b0:2a:9a:9e:
45:ac:d7:66:46:90:67:70:62:9c:8f:50:f7:f5:55:7b:a5:c8:
e7:96:c7:db:57:93:d5:a9:4d:9d:1e:a5:61:ca:cc:05:a1:5a:
15:52:db:b7:42:35:a3:8b:8b:66:f3:4e:1a:b8:66:7c:eb:d1:
29:50:95:e4:fe:5e:e1:eb:80:b4:25:6b:d1:10:32:6a:30:e8:
a0:12:72:1e:6e:eb:85:06:36:33:3e:db:a9:6e:2f:a0:50:ba:
6d:fa:d1:0d:50:1d:20:17:4a:41:f0:aa:e7:bc:ab:8e:05:03:
1a:1e:4a:3c:88:e0:f7:96:af:1f:48:48:c4:4c:34:74:94:d9:
dd:1f:91:34:6c:fd:dd:8f:dd:af:b4:99:a7:6c:33:88:13:a9:
32:7c:56:de:1f:07:05:1f:53:cd:1d:a0:31:37:1c:37:ec:a4:
2d:5e:41:fc:fa:52:01:cb:20:99:7d:4d:c2:44:2b:eb:83:75:
5f:b5:67:3d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYsXY3bF1FgLQXp0fOnNsXzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDRjYzBlMDM4ZWIwZTY5N2VjNmU3YWU0OWQwMjg2MTQ2
ZTBjMWEwHhcNMjMxMDEwMDIyMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzBjNjMwMTMxYmM3Mjk2YmY3ODUyMWRlOWE3ZmQ0YTc5NTVhYzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLakJ7BzHaq6mfux/gXwiVAvLsar
ILyRkxdS/IOO6+/ZGglZD5EIPC3tUM3lwIBLmUyC64ALDrAJCmVAQk3Gdyssy2wL
P5ZkH0dwxb/VBx5BMVIQnu/c0SY9SXuyHgw9l9m9HamMhw5PZTeJejaRQemEHlK1
2DRmAiFIj5UU+7ytix6W8FEOcl2dtYNLa9AJOqfXDd9aAlfpkcsd3KcxFP3DVsmQ
zZQCXrzPoCRDUv5QXIMY5z7cSyTyNHpv0ELcCZKiUaydR3YhN82TRTmZOgExc9cy
6s4VI7xZqZfp6TADIYO6QAmZ2gPyqx7ql2wjmLXsfCtsO87iprr3mS9fPQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBcMYwExvHKWv3hSHemn/Up5Vax6MB8GA1UdIwQY
MBaAFLQEzA4DjrDml+xueuSdAoYUbgwaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1Yjkt
ODZhMmYwNjdiNGU4LzEvRnd4akFURzhjcGFfZUZJZDZhZjlTbmxWckhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1YjktODZhMmYwNjdiNGU4
LzEvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFLQMgAwQE
LU5QAwQFQW8AAwQEaKcQAwQFaM8gAwQA2XIjMA0GCSqGSIb3DQEBCwUAA4IBAQBG
+ZauiGETSi1kdqMc3gQxOZcKZgqrLG3MnIsARysouyr6w8+yakD9k0S3xrSlJka5
f+XydJZ26xTaXDwUovk+fLCD1bAqmp5FrNdmRpBncGKcj1D39VV7pcjnlsfbV5PV
qU2dHqVhyswFoVoVUtu3QjWji4tm804auGZ869EpUJXk/l7h64C0JWvREDJqMOig
EnIebuuFBjYzPtupbi+gULpt+tENUB0gF0pB8KrnvKuOBQMaHko8iOD3lq8fSEjE
TDR0lNndH5E0bP3dj92vtJmnbDOIE6kyfFbeHwcFH1PNHaAxNxw37KQtXkH8+lIB
yyCZfU3CRCvrg3VftWc9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:55 2024 by rpki-client on console-ams.rpki-client.org