Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/u07v9GMDs0CG-iOGiBTleE6O6lU.roa
File: u07v9GMDs0CG-iOGiBTleE6O6lU.roa (raw, json)
Hash identifier: CU6QwiXvddT1wmqVjOFE6KSo83KesS03xmXq97PNHEI=
Subject key identifier: BB:4E:EF:F4:63:03:B3:40:86:FA:23:86:88:14:E5:78:4E:8E:EA:55
Certificate issuer: /CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Certificate serial: 018CC9BC3B97A2A8696DA631C9DB7425A6EE
Authority key identifier: A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/u07v9GMDs0CG-iOGiBTleE6O6lU.roa
Signing time: Tue 02 Jan 2024 10:33:25 +0000
ROA not before: Tue 02 Jan 2024 10:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206455
IP address blocks: 45.85.185.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:3b:97:a2:a8:69:6d:a6:31:c9:db:74:25:a6:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Validity
Not Before: Jan 2 10:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb4eeff46303b34086fa23868814e5784e8eea55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:40:7f:71:a6:65:06:4e:2b:8f:84:f4:1a:69:
56:24:ef:e7:a1:b5:1e:6e:a3:51:e7:5e:ef:18:87:
86:ec:5c:e8:1b:54:87:65:9d:fb:b7:2c:44:2c:02:
5a:a2:71:53:70:8f:5a:fb:08:44:14:3f:30:1b:bf:
e1:50:7c:78:94:de:3e:8f:52:5b:d5:4d:bb:4a:54:
1e:e1:1e:1f:50:17:e0:46:b7:3f:eb:c4:55:5c:86:
64:63:42:d2:fc:39:98:32:59:b6:01:59:b4:62:6a:
04:02:8f:4c:84:4e:00:7e:60:29:41:c4:4e:76:2b:
e8:94:55:87:d7:9f:48:8a:a7:2d:f3:47:3b:d6:ae:
ae:f7:dc:57:8f:fd:30:93:87:43:65:4f:ab:98:c9:
e1:55:65:03:90:f5:18:9b:f4:fb:ba:7b:fd:bc:ec:
57:b6:d1:66:76:c2:03:2b:62:bc:2a:74:a4:cf:38:
4a:f8:bf:be:9b:f7:9f:5f:bf:64:af:0d:04:ae:c3:
21:70:ea:ef:9c:82:7e:e1:3e:ae:d9:c9:0a:b9:65:
1b:a2:ba:ae:ea:39:fe:06:c7:8f:77:62:91:ff:b3:
d2:1b:d8:21:43:2f:13:31:d8:30:2b:93:03:c6:06:
08:fe:c8:67:86:a4:00:40:bf:8f:8e:94:40:69:b5:
ac:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:4E:EF:F4:63:03:B3:40:86:FA:23:86:88:14:E5:78:4E:8E:EA:55
X509v3 Authority Key Identifier:
keyid:A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/u07v9GMDs0CG-iOGiBTleE6O6lU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.185.0/24
Signature Algorithm: sha256WithRSAEncryption
48:a8:5b:38:ec:ab:c1:cd:55:72:81:99:6f:15:50:ef:17:67:
4e:80:3d:39:ca:bd:56:55:17:2c:30:25:8d:ac:d6:1e:1c:63:
1c:d4:18:e0:c0:46:c3:d9:64:10:a5:e5:0f:d2:3d:14:1a:1f:
9f:88:db:c3:63:5d:1d:4c:07:da:f2:8b:ea:31:14:e9:d2:1b:
77:e0:34:f1:ee:31:c9:45:6e:97:cc:4e:48:67:cd:27:9a:c3:
3a:97:d5:37:49:df:be:36:c5:91:bd:8a:76:1e:83:31:bb:07:
43:5f:3f:ea:e1:d3:bb:49:26:77:ec:17:55:8c:55:ca:af:cd:
7e:cb:05:50:9c:13:10:f5:ae:19:d6:58:72:b6:62:11:1d:86:
a9:27:5f:92:72:d6:39:50:7b:3f:07:39:67:45:1a:d9:bc:82:
d4:bb:08:19:db:11:9c:07:73:ae:c0:18:b4:9a:d5:8d:e8:61:
15:28:d0:7e:61:b6:b7:63:a4:03:c5:a5:c1:8d:f0:74:27:73:
27:ff:34:92:f1:28:78:f3:59:88:6b:d0:e9:09:5d:e4:29:58:
cf:e2:4a:a7:f5:3a:8b:9e:f0:e3:64:bc:b5:f1:74:7b:61:3a:
6d:11:e1:4f:e0:6c:18:3a:97:48:0b:74:28:77:94:18:11:15:
ac:35:72:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvDuXoqhpbaYxydt0JabuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MTFhMmM5ZmM4ZGU5Njc5YmIxNTg1ODFiMTBjZWFlZTkx
ZmY3OTEwHhcNMjQwMTAyMTAzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjRlZWZmNDYzMDNiMzQwODZmYTIzODY4ODE0ZTU3ODRlOGVlYTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EB/caZlBk4rj4T0GmlWJO/nobUe
bqNR517vGIeG7FzoG1SHZZ37tyxELAJaonFTcI9a+whEFD8wG7/hUHx4lN4+j1Jb
1U27SlQe4R4fUBfgRrc/68RVXIZkY0LS/DmYMlm2AVm0YmoEAo9MhE4AfmApQcRO
divolFWH159Iiqct80c71q6u99xXj/0wk4dDZU+rmMnhVWUDkPUYm/T7unv9vOxX
ttFmdsIDK2K8KnSkzzhK+L++m/efX79krw0ErsMhcOrvnIJ+4T6u2ckKuWUborqu
6jn+BsePd2KR/7PSG9ghQy8TMdgwK5MDxgYI/shnhqQAQL+PjpRAabWsXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtO7/RjA7NAhvojhogU5XhOjupVMB8GA1UdIwQY
MBaAFKgRosn8jelnm7FYWBsQzq7pH/eRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYt
MGNjNGMwMDAwODU4LzEvdTA3djlHTURzMENHLWlPR2lCVGxlRTZPNmxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8xZGVjYjMtMTU5My00NWRiLWFmNTYtMGNjNGMwMDAwODU4
LzEvcUJHaXlmeU42V2Vic1ZoWUd4RE9ydWtmOTVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVW5MA0G
CSqGSIb3DQEBCwUAA4IBAQBIqFs47KvBzVVygZlvFVDvF2dOgD05yr1WVRcsMCWN
rNYeHGMc1BjgwEbD2WQQpeUP0j0UGh+fiNvDY10dTAfa8ovqMRTp0ht34DTx7jHJ
RW6XzE5IZ80nmsM6l9U3Sd++NsWRvYp2HoMxuwdDXz/q4dO7SSZ37BdVjFXKr81+
ywVQnBMQ9a4Z1lhytmIRHYapJ1+SctY5UHs/BzlnRRrZvILUuwgZ2xGcB3OuwBi0
mtWN6GEVKNB+Yba3Y6QDxaXBjfB0J3Mn/zSS8Sh481mIa9DpCV3kKVjP4kqn9TqL
nvDjZLy18XR7YTptEeFP4GwYOpdIC3Qod5QYERWsNXKw
-----END CERTIFICATE-----
Generated at Wed Jul 31 16:56:12 2024 by rpki-client on console-ams.rpki-client.org