Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/f6fee6-c0a2-4a03-a981-f5fda0ea300d/1/cJxbQzovhb2YjGfk6OvVeZWcnLI.roa
File: cJxbQzovhb2YjGfk6OvVeZWcnLI.roa (raw, json)
Hash identifier: 5wTc+pqbf2igfZVg4dOBg0IdhbJj+sDnxgvfym2/WCQ=
Subject key identifier: 70:9C:5B:43:3A:2F:85:BD:98:8C:67:E4:E8:EB:D5:79:95:9C:9C:B2
Certificate issuer: /CN=80ab4c0945b738edda0583a274b63c1b8673a630
Certificate serial: 074E12AE
Authority key identifier: 80:AB:4C:09:45:B7:38:ED:DA:05:83:A2:74:B6:3C:1B:86:73:A6:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKtMCUW3OO3aBYOidLY8G4ZzpjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/f6fee6-c0a2-4a03-a981-f5fda0ea300d/1/cJxbQzovhb2YjGfk6OvVeZWcnLI.roa
Signing time: Sat 01 Jan 2022 12:07:00 +0000
ROA not before: Sat 01 Jan 2022 12:07:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20626
IP address blocks: 45.153.120.0/24 maxlen: 24
2a0f:af00::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122557102 (0x74e12ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80ab4c0945b738edda0583a274b63c1b8673a630
Validity
Not Before: Jan 1 12:07:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=709c5b433a2f85bd988c67e4e8ebd579959c9cb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f3:1f:f7:ab:98:f7:bb:8e:0b:78:f2:3d:4b:
b3:d4:55:1d:29:dd:bc:01:0e:0b:38:cd:6c:ed:26:
02:01:31:8d:33:95:08:0c:65:c9:f4:2b:fc:86:f3:
01:c0:7f:c9:9a:fa:c6:81:bb:4c:3e:09:34:21:b5:
b4:2d:56:62:43:7d:8a:6c:72:93:b5:08:3b:6f:fb:
8b:de:86:9e:08:dd:fe:82:91:a8:3a:fc:ee:88:6a:
b1:02:cd:77:90:c2:cf:fd:6e:98:fb:ff:4e:7f:34:
7a:bb:fe:07:96:77:e8:ba:13:57:33:9f:40:ce:5f:
fa:99:b3:b9:20:e1:e9:b9:e0:de:8f:a6:53:74:89:
53:81:ec:c4:95:bd:1c:89:f6:c4:36:99:ee:5e:9b:
59:0b:52:7a:cf:6f:9d:c7:20:61:85:ef:4f:33:f3:
d7:2d:18:ab:20:f7:39:f3:56:47:d4:57:19:f3:a0:
d4:ed:25:51:d2:c6:99:39:05:ab:32:1f:2f:7e:7a:
30:9b:82:91:61:46:79:d3:3a:9e:df:aa:b3:e9:d4:
95:e6:01:4b:a9:98:0c:dc:e3:cb:69:74:d5:6f:b6:
a9:b3:73:8d:cd:ed:08:13:4f:f8:21:43:eb:a8:83:
73:72:c6:f1:99:60:8c:1e:62:5c:e0:f9:74:07:d0:
ae:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:9C:5B:43:3A:2F:85:BD:98:8C:67:E4:E8:EB:D5:79:95:9C:9C:B2
X509v3 Authority Key Identifier:
keyid:80:AB:4C:09:45:B7:38:ED:DA:05:83:A2:74:B6:3C:1B:86:73:A6:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKtMCUW3OO3aBYOidLY8G4ZzpjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/f6fee6-c0a2-4a03-a981-f5fda0ea300d/1/cJxbQzovhb2YjGfk6OvVeZWcnLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/f6fee6-c0a2-4a03-a981-f5fda0ea300d/1/gKtMCUW3OO3aBYOidLY8G4ZzpjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.120.0/24
IPv6:
2a0f:af00::/32
Signature Algorithm: sha256WithRSAEncryption
18:85:66:fb:6b:09:21:1f:84:8d:4d:f7:98:2c:40:01:3f:a4:
3b:de:1d:51:97:ea:39:6b:d4:a9:51:b1:bf:23:d4:34:8d:53:
79:93:81:b7:dc:96:3c:7e:ec:19:d6:2d:1b:16:53:3a:37:73:
9e:99:b9:82:5e:fe:66:f5:16:90:f7:62:14:e8:33:06:b6:08:
aa:c2:86:4f:34:e0:97:99:e6:2e:24:b8:ff:e9:bb:0d:7b:6a:
d6:2d:0d:0f:57:e2:ee:2e:d7:59:c9:81:b7:ca:7c:6d:a3:c0:
32:6e:66:a1:21:c4:e1:7a:8d:d3:7d:0a:02:36:2a:be:0f:b7:
db:33:a0:d0:dd:d5:64:19:62:1f:12:ac:66:31:4d:bd:f6:38:
98:9c:47:2f:95:05:b4:3b:df:96:18:64:38:42:92:a3:fb:4c:
85:62:3d:9d:8d:43:5c:b4:94:2e:56:86:84:84:3d:cf:f2:82:
59:a1:61:bf:d5:2b:8d:6a:0f:a4:63:0c:37:b9:60:a5:94:02:
20:53:72:39:26:2d:67:6e:c6:20:88:b9:b7:71:4b:cd:e9:98:
cb:ba:ee:3c:2c:5a:74:6d:ad:17:0a:76:c7:2c:78:68:64:07:
cc:cc:dc:39:9c:7b:b6:c6:20:2b:b9:4d:04:71:6f:4b:41:41:
4a:0e:46:6d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB04SrjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MGFiNGMwOTQ1YjczOGVkZGEwNTgzYTI3NGI2M2MxYjg2NzNhNjMwMB4XDTIyMDEw
MTEyMDcwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzA5YzViNDMzYTJm
ODViZDk4OGM2N2U0ZThlYmQ1Nzk5NTljOWNiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMbzH/ermPe7jgt48j1Ls9RVHSndvAEOCzjNbO0mAgExjTOV
CAxlyfQr/IbzAcB/yZr6xoG7TD4JNCG1tC1WYkN9imxyk7UIO2/7i96Gngjd/oKR
qDr87ohqsQLNd5DCz/1umPv/Tn80erv+B5Z36LoTVzOfQM5f+pmzuSDh6bng3o+m
U3SJU4HsxJW9HIn2xDaZ7l6bWQtSes9vnccgYYXvTzPz1y0YqyD3OfNWR9RXGfOg
1O0lUdLGmTkFqzIfL356MJuCkWFGedM6nt+qs+nUleYBS6mYDNzjy2l01W+2qbNz
jc3tCBNP+CFD66iDc3LG8ZlgjB5iXOD5dAfQrjECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRwnFtDOi+FvZiMZ+To69V5lZycsjAfBgNVHSMEGDAWgBSAq0wJRbc47doF
g6J0tjwbhnOmMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dLdE1DVVczT08zYUJZT2lkTFk4RzRaenBqQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvZjZmZWU2LWMwYTItNGEwMy1hOTgxLWY1ZmRhMGVhMzAwZC8x
L2NKeGJRem92aGIyWWpHZms2T3ZWZVpXY25MSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
ZjZmZWU2LWMwYTItNGEwMy1hOTgxLWY1ZmRhMGVhMzAwZC8xL2dLdE1DVVczT08z
YUJZT2lkTFk4RzRaenBqQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAC2ZeDANBAIAAjAHAwUAKg+vADAN
BgkqhkiG9w0BAQsFAAOCAQEAGIVm+2sJIR+EjU33mCxAAT+kO94dUZfqOWvUqVGx
vyPUNI1TeZOBt9yWPH7sGdYtGxZTOjdznpm5gl7+ZvUWkPdiFOgzBrYIqsKGTzTg
l5nmLiS4/+m7DXtq1i0ND1fi7i7XWcmBt8p8baPAMm5moSHE4XqN030KAjYqvg+3
2zOg0N3VZBliHxKsZjFNvfY4mJxHL5UFtDvflhhkOEKSo/tMhWI9nY1DXLSULlaG
hIQ9z/KCWaFhv9UrjWoPpGMMN7lgpZQCIFNyOSYtZ27GIIi5t3FLzemYy7ruPCxa
dG2tFwp2xyx4aGQHzMzcOZx7tsYgK7lNBHFvS0FBSg5GbQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:08 2024 by rpki-client on console-ams.rpki-client.org