Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/6b5f99-2c5f-40b8-9c89-395b0e7702cc/1/d-JxYM1XUJAUu9egaxwCMGrOV1A.roa
File: d-JxYM1XUJAUu9egaxwCMGrOV1A.roa (raw, json)
Hash identifier: A41fp6wFiOdYPZSBFQ8Ig8DRFHOYOxP6ymp+55gzdA8=
Subject key identifier: 77:E2:71:60:CD:57:50:90:14:BB:D7:A0:6B:1C:02:30:6A:CE:57:50
Certificate issuer: /CN=ec11b6d0ee6b9eccfe34ec506a275078c39eccb3
Certificate serial: 018CEEC869A3374DC450792CA186FC3ADD68
Authority key identifier: EC:11:B6:D0:EE:6B:9E:CC:FE:34:EC:50:6A:27:50:78:C3:9E:CC:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7BG20O5rnsz-NOxQaidQeMOezLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/6b5f99-2c5f-40b8-9c89-395b0e7702cc/1/d-JxYM1XUJAUu9egaxwCMGrOV1A.roa
Signing time: Tue 09 Jan 2024 15:12:40 +0000
ROA not before: Tue 09 Jan 2024 15:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197075
IP address blocks: 45.156.60.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ee:c8:69:a3:37:4d:c4:50:79:2c:a1:86:fc:3a:dd:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec11b6d0ee6b9eccfe34ec506a275078c39eccb3
Validity
Not Before: Jan 9 15:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77e27160cd57509014bbd7a06b1c02306ace5750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:13:f0:f6:b7:08:0f:84:ae:1b:17:3d:cd:d7:
20:bb:ff:5e:e4:db:20:72:b6:d0:9e:34:de:d1:1c:
78:a0:e4:6c:2b:ff:47:1d:14:c3:15:60:52:6d:dc:
2a:ea:66:f3:8c:e8:c9:44:41:be:d5:1a:b3:4b:7a:
3a:8f:c3:97:6b:a7:64:8d:fd:82:0f:2b:37:21:7d:
21:6e:46:19:ff:00:0c:92:45:f6:34:44:34:71:fc:
6a:fe:33:64:93:90:a9:7d:fa:0b:ab:85:d3:d9:85:
d2:24:e4:d9:6b:29:ba:d9:8e:ef:b7:d5:7b:61:75:
b0:29:e5:59:c9:b3:f9:fe:03:6d:e7:e7:26:09:fe:
1b:83:70:83:23:81:2d:63:41:01:48:3b:97:ca:22:
a9:76:ba:cd:ec:a9:a7:e2:67:c0:1d:bd:61:aa:68:
9f:7f:e7:b6:8c:fd:61:5c:93:89:63:1b:15:45:2a:
c6:6e:3b:a8:e9:b6:b9:9d:b0:b8:75:c3:d1:40:ad:
7f:cd:ee:9d:26:c9:0f:2e:09:a7:32:89:af:5f:f5:
b7:95:cf:19:66:e5:f2:45:22:59:8d:fe:41:d3:87:
eb:7a:b7:ad:f6:94:b0:98:b0:89:f0:d9:28:d0:63:
bd:f4:be:d6:9b:ad:46:54:64:6e:8b:a9:aa:b3:fe:
d1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:E2:71:60:CD:57:50:90:14:BB:D7:A0:6B:1C:02:30:6A:CE:57:50
X509v3 Authority Key Identifier:
keyid:EC:11:B6:D0:EE:6B:9E:CC:FE:34:EC:50:6A:27:50:78:C3:9E:CC:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7BG20O5rnsz-NOxQaidQeMOezLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/6b5f99-2c5f-40b8-9c89-395b0e7702cc/1/d-JxYM1XUJAUu9egaxwCMGrOV1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/6b5f99-2c5f-40b8-9c89-395b0e7702cc/1/7BG20O5rnsz-NOxQaidQeMOezLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.60.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:8a:63:7d:68:5d:7a:fa:ee:d8:49:b6:89:15:b2:53:65:ba:
e5:69:c2:b6:1a:7e:f0:92:d0:c6:cd:2b:68:24:12:ed:66:dc:
93:91:f3:89:22:41:64:8b:24:96:55:fd:6a:39:30:40:3b:86:
fe:da:26:c8:4f:57:be:6f:f5:c5:c1:9b:d1:25:f9:d5:8c:11:
f2:2b:94:3e:82:f3:44:b8:0b:4f:73:d7:8c:30:8c:d4:a2:02:
88:7f:af:c4:26:96:9f:7c:13:a5:47:cb:50:48:32:1c:1a:84:
d6:6a:c3:14:ec:d7:cd:a2:62:a6:29:1a:44:6a:f5:d6:2b:92:
c8:58:11:f7:3b:5b:93:34:7d:6a:f8:69:98:04:62:85:c9:8e:
0f:53:cd:3b:07:c6:c0:41:fa:c6:02:e1:33:58:9a:b5:2f:bd:
f5:8e:8c:c1:62:16:85:6c:32:97:dc:58:51:c5:bc:52:95:88:
2c:3c:ec:56:9e:73:30:b1:f1:0b:35:2c:01:fc:9c:1d:d4:c1:
19:d2:10:0b:75:7d:90:0b:be:97:be:5b:d9:56:8e:e5:83:4b:
93:92:96:c5:2c:b1:5a:d4:57:ad:54:e2:9d:eb:41:22:59:e6:
b6:b3:62:b8:d1:81:71:bf:9a:f1:05:0a:92:c9:2b:51:c3:1a:
61:e2:c4:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzuyGmjN03EUHksoYb8Ot1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjMTFiNmQwZWU2YjllY2NmZTM0ZWM1MDZhMjc1MDc4YzM5
ZWNjYjMwHhcNMjQwMTA5MTUxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2UyNzE2MGNkNTc1MDkwMTRiYmQ3YTA2YjFjMDIzMDZhY2U1NzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhPw9rcID4SuGxc9zdcgu/9e5Nsg
crbQnjTe0Rx4oORsK/9HHRTDFWBSbdwq6mbzjOjJREG+1RqzS3o6j8OXa6dkjf2C
Dys3IX0hbkYZ/wAMkkX2NEQ0cfxq/jNkk5CpffoLq4XT2YXSJOTZaym62Y7vt9V7
YXWwKeVZybP5/gNt5+cmCf4bg3CDI4EtY0EBSDuXyiKpdrrN7Kmn4mfAHb1hqmif
f+e2jP1hXJOJYxsVRSrGbjuo6ba5nbC4dcPRQK1/ze6dJskPLgmnMomvX/W3lc8Z
ZuXyRSJZjf5B04freret9pSwmLCJ8Nko0GO99L7Wm61GVGRui6mqs/7RUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHficWDNV1CQFLvXoGscAjBqzldQMB8GA1UdIwQY
MBaAFOwRttDua57M/jTsUGonUHjDnsyzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0JHMjBPNXJuc3otTk94UWFpZFFlTU9lekxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS82YjVmOTktMmM1Zi00MGI4LTljODkt
Mzk1YjBlNzcwMmNjLzEvZC1KeFlNMVhVSkFVdTllZ2F4d0NNR3JPVjFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS82YjVmOTktMmM1Zi00MGI4LTljODktMzk1YjBlNzcwMmNj
LzEvN0JHMjBPNXJuc3otTk94UWFpZFFlTU9lekxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZw8MA0G
CSqGSIb3DQEBCwUAA4IBAQAtimN9aF16+u7YSbaJFbJTZbrlacK2Gn7wktDGzSto
JBLtZtyTkfOJIkFkiySWVf1qOTBAO4b+2ibIT1e+b/XFwZvRJfnVjBHyK5Q+gvNE
uAtPc9eMMIzUogKIf6/EJpaffBOlR8tQSDIcGoTWasMU7NfNomKmKRpEavXWK5LI
WBH3O1uTNH1q+GmYBGKFyY4PU807B8bAQfrGAuEzWJq1L731jozBYhaFbDKX3FhR
xbxSlYgsPOxWnnMwsfELNSwB/Jwd1MEZ0hALdX2QC76XvlvZVo7lg0uTkpbFLLFa
1FetVOKd60EiWea2s2K40YFxv5rxBQqSyStRwxph4sQD
-----END CERTIFICATE-----
Generated at Tue Feb 20 12:20:07 2024 by rpki-client on console-ams.rpki-client.org