Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/_EYUW7rCSnoC8rS80QFEJeHjURs.roa
File: _EYUW7rCSnoC8rS80QFEJeHjURs.roa (raw, json)
Hash identifier: AOdn+0rmxPmiRt+ymR/qslB4RQqICELPxk+MoSbXgVs=
Subject key identifier: FC:46:14:5B:BA:C2:4A:7A:02:F2:B4:BC:D1:01:44:25:E1:E3:51:1B
Certificate issuer: /CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Certificate serial: 018570C2EB17941F15302552E26A48AC5142
Authority key identifier: 31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/_EYUW7rCSnoC8rS80QFEJeHjURs.roa
Signing time: Mon 02 Jan 2023 04:35:00 +0000
ROA not before: Mon 02 Jan 2023 04:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 45.138.145.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:eb:17:94:1f:15:30:25:52:e2:6a:48:ac:51:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Validity
Not Before: Jan 2 04:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc46145bbac24a7a02f2b4bcd1014425e1e3511b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b1:35:20:26:e8:a6:1d:2e:26:8d:f2:aa:b8:
a8:af:bd:c3:f2:0b:46:6e:49:fb:8a:f0:74:ac:10:
6f:0d:8f:e2:6d:70:55:f6:23:41:8d:e5:d9:2b:f3:
ed:c3:7a:4b:89:b4:0f:72:aa:85:e3:3a:af:ab:f8:
79:e0:e3:b8:05:9c:b2:39:ec:6b:f4:f1:e1:84:ba:
3f:34:f2:33:70:14:46:c1:d7:3f:8a:96:2f:4d:8c:
39:89:2d:72:fc:44:a1:a2:67:d5:1f:d7:f3:4a:29:
04:be:8f:d8:1f:c0:92:1e:8e:b9:2b:9b:15:d0:85:
e5:21:2f:65:cb:9d:e7:d6:2e:e0:ff:8c:dc:6e:49:
e4:39:d2:46:4e:fe:29:e2:b2:c6:9b:17:ac:92:c7:
18:f3:02:bd:22:e8:79:9e:df:bb:2f:9f:3c:29:ec:
a3:37:75:18:81:28:f9:89:75:ba:c9:7a:49:3d:55:
99:14:0f:db:97:d3:17:26:a6:39:f4:81:08:8d:c4:
b9:98:13:07:f5:2c:d4:a4:01:57:ec:09:94:1e:25:
c6:3a:c5:4f:5e:5b:59:fc:b7:21:42:26:84:de:fd:
b5:96:33:66:e5:93:ea:22:39:c6:49:32:a0:1b:d2:
81:43:1b:11:14:25:5d:09:02:e0:46:29:21:8a:de:
c1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:46:14:5B:BA:C2:4A:7A:02:F2:B4:BC:D1:01:44:25:E1:E3:51:1B
X509v3 Authority Key Identifier:
keyid:31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/_EYUW7rCSnoC8rS80QFEJeHjURs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MQsFJRN4mUz6gIjSO27u1Onmqwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.145.0/24
Signature Algorithm: sha256WithRSAEncryption
90:e8:fb:a2:47:22:00:12:97:91:6b:36:6f:52:44:ee:b4:da:
c8:36:d1:81:06:f3:0d:15:80:17:7f:27:1d:d6:d2:67:90:36:
b0:6b:15:86:8f:ca:55:87:5d:04:bf:8c:90:4f:f4:3c:61:fb:
18:8b:87:91:90:09:0d:45:55:54:a6:1b:98:6c:13:23:a3:ae:
3a:39:f8:36:c7:94:6b:2c:3a:39:c5:e7:b8:a3:3f:48:77:0a:
e7:e1:a5:ae:40:e1:a9:6c:2d:51:00:b2:62:2b:d2:94:41:0e:
41:df:48:52:6f:33:8f:f5:8d:01:01:8e:51:b2:76:b9:e2:79:
53:13:22:f8:24:dd:53:1d:fb:1b:5f:8a:5f:a1:bf:b1:b9:22:
ea:9e:0a:8a:40:0e:07:37:b4:e0:85:f0:39:a8:b4:a7:c5:fa:
f0:dd:4c:0f:85:c7:3a:d8:39:c2:13:b8:a9:14:84:57:d5:37:
a0:c5:d6:b1:d3:5c:8a:63:b3:58:b4:03:c4:8c:c2:13:93:be:
93:47:c0:a4:31:66:ea:52:54:b4:3e:43:1f:19:88:1e:9d:27:
76:57:9b:73:de:80:4d:de:31:20:3b:a1:67:f3:b8:73:81:83:
af:27:06:27:f9:96:36:20:71:db:56:40:12:1d:bf:8f:9d:79:
dc:6a:75:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwwusXlB8VMCVS4mpIrFFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMGIwNTI1MTM3ODk5NGNmYTgwODhkMjNiNmVlZWQ0ZTll
NmFiMDgwHhcNMjMwMTAyMDQzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzQ2MTQ1YmJhYzI0YTdhMDJmMmI0YmNkMTAxNDQyNWUxZTM1MTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7E1ICboph0uJo3yqrior73D8gtG
bkn7ivB0rBBvDY/ibXBV9iNBjeXZK/Ptw3pLibQPcqqF4zqvq/h54OO4BZyyOexr
9PHhhLo/NPIzcBRGwdc/ipYvTYw5iS1y/EShomfVH9fzSikEvo/YH8CSHo65K5sV
0IXlIS9ly53n1i7g/4zcbknkOdJGTv4p4rLGmxeskscY8wK9Iuh5nt+7L588Keyj
N3UYgSj5iXW6yXpJPVWZFA/bl9MXJqY59IEIjcS5mBMH9SzUpAFX7AmUHiXGOsVP
XltZ/LchQiaE3v21ljNm5ZPqIjnGSTKgG9KBQxsRFCVdCQLgRikhit7BFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPxGFFu6wkp6AvK0vNEBRCXh41EbMB8GA1UdIwQY
MBaAFDELBSUTeJlM+oCI0jtu7tTp5qsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEt
N2NmZGYyZGY2NjMyLzEvX0VZVVc3ckNTbm9DOHJTODBRRkVKZUhqVVJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEtN2NmZGYyZGY2NjMy
LzEvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYqRMA0G
CSqGSIb3DQEBCwUAA4IBAQCQ6PuiRyIAEpeRazZvUkTutNrINtGBBvMNFYAXfycd
1tJnkDawaxWGj8pVh10Ev4yQT/Q8YfsYi4eRkAkNRVVUphuYbBMjo646Ofg2x5Rr
LDo5xee4oz9Idwrn4aWuQOGpbC1RALJiK9KUQQ5B30hSbzOP9Y0BAY5Rsna54nlT
EyL4JN1THfsbX4pfob+xuSLqngqKQA4HN7TghfA5qLSnxfrw3UwPhcc62DnCE7ip
FIRX1Tegxdax01yKY7NYtAPEjMITk76TR8CkMWbqUlS0PkMfGYgenSd2V5tz3oBN
3jEgO6Fn87hzgYOvJwYn+ZY2IHHbVkASHb+PnXncanVZ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:23 2023 by rpki-client on console-ams.rpki-client.org