Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8rRNC7gk7Lm8rtozHTXzgy3THHU.roa
File: 8rRNC7gk7Lm8rtozHTXzgy3THHU.roa (raw, json)
Hash identifier: avx55omyV/gdGQABwHNFilagme4AGssSm1tzt9M1bUU=
Subject key identifier: F2:B4:4D:0B:B8:24:EC:B9:BC:AE:DA:33:1D:35:F3:83:2D:D3:1C:75
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018924C938D628B27DAD532A9DD47E127D4B
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8rRNC7gk7Lm8rtozHTXzgy3THHU.roa
Signing time: Wed 05 Jul 2023 06:41:54 +0000
ROA not before: Wed 05 Jul 2023 06:41:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39521
IP address blocks: 45.132.138.0/24 maxlen: 24
45.132.139.0/24 maxlen: 24
45.132.136.0/24 maxlen: 24
45.132.137.0/24 maxlen: 24
45.132.140.0/24 maxlen: 24
45.132.141.0/24 maxlen: 24
45.132.142.0/24 maxlen: 24
45.132.143.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:24:c9:38:d6:28:b2:7d:ad:53:2a:9d:d4:7e:12:7d:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jul 5 06:41:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2b44d0bb824ecb9bcaeda331d35f3832dd31c75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:31:ce:66:e0:14:f2:b4:9d:9d:b2:2e:1b:0d:
94:78:dd:97:38:0a:c6:5e:d2:2f:4c:69:e1:45:b4:
8c:34:e8:af:f9:73:4d:01:a6:4e:80:88:6c:cb:25:
da:b2:14:7b:c6:39:b8:4a:22:b8:26:d5:62:7c:cc:
c1:45:0b:e3:45:34:d7:b3:af:47:f9:71:b3:09:e2:
b6:37:b9:c9:3a:6f:98:99:14:e4:9d:11:5a:0b:65:
44:e4:26:c0:04:4d:99:97:e4:ed:98:20:b0:70:15:
aa:76:e2:49:af:27:0e:b5:16:dd:da:ba:4f:8f:18:
8c:d5:f1:6d:64:45:9f:a6:ce:8b:81:6c:5f:e0:3d:
0d:c1:d4:90:74:99:cb:89:54:f9:b3:da:31:c8:97:
d0:70:8e:6f:67:38:5a:f0:3c:41:62:4c:82:36:d9:
81:69:df:99:de:6f:19:b0:34:c4:39:ce:4d:69:b0:
0c:3c:ba:58:83:12:23:26:8e:af:7f:7c:b5:cb:b0:
a6:bc:5f:4e:82:5f:fd:a7:66:0a:01:1b:cd:64:2c:
90:12:28:0d:6d:28:58:48:3e:d1:e9:8e:13:63:68:
63:e0:d7:35:05:28:11:e5:42:b2:45:f8:32:1f:60:
ab:5b:71:52:c1:a5:13:32:b3:1e:7c:2c:cd:2d:8d:
2b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:B4:4D:0B:B8:24:EC:B9:BC:AE:DA:33:1D:35:F3:83:2D:D3:1C:75
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/8rRNC7gk7Lm8rtozHTXzgy3THHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.136.0/21
Signature Algorithm: sha256WithRSAEncryption
b6:26:82:2f:67:d7:fe:41:58:c9:b2:b0:1f:9e:3e:b9:cd:f3:
9f:c7:92:b3:8b:07:50:ab:86:97:81:f4:f2:d1:90:f1:ad:3f:
e9:9f:70:fe:f8:c9:2a:78:ed:9c:5c:df:5b:e1:f9:20:49:dc:
62:d2:f9:b0:d7:56:eb:56:a5:68:41:32:0a:36:f6:21:c2:29:
de:6e:45:c9:ae:2f:23:37:30:b2:48:c9:db:3f:b2:47:4f:6f:
1a:a5:e8:a5:e4:0c:cc:f7:bb:52:fc:74:a5:77:4a:07:82:34:
40:5d:a1:b3:a1:ac:a9:12:61:56:91:fc:11:bb:27:62:44:aa:
bc:19:00:4c:88:87:f3:06:92:3c:c9:0c:80:54:6b:bd:3b:eb:
ed:e3:b5:49:f3:c3:dc:2a:df:99:78:20:76:af:88:09:d4:c6:
82:46:6a:8e:bc:73:07:f0:46:ef:62:3c:05:b4:ed:35:b3:a9:
5b:11:f6:76:50:91:b7:eb:79:c2:9f:1d:ab:4f:14:6a:2b:26:
1c:49:44:94:30:59:b1:d6:56:69:10:7e:bb:c2:bf:58:0e:45:
13:8e:cc:60:79:fa:65:f8:e1:ff:5f:3d:2a:b8:25:d7:02:89:
e6:cc:52:2f:26:a2:27:e4:f9:f7:e0:a9:8c:51:d5:f8:17:2b:
4a:f4:c0:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkkyTjWKLJ9rVMqndR+En1LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwNzA1MDY0MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmI0NGQwYmI4MjRlY2I5YmNhZWRhMzMxZDM1ZjM4MzJkZDMxYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjHOZuAU8rSdnbIuGw2UeN2XOArG
XtIvTGnhRbSMNOiv+XNNAaZOgIhsyyXashR7xjm4SiK4JtVifMzBRQvjRTTXs69H
+XGzCeK2N7nJOm+YmRTknRFaC2VE5CbABE2Zl+TtmCCwcBWqduJJrycOtRbd2rpP
jxiM1fFtZEWfps6LgWxf4D0NwdSQdJnLiVT5s9oxyJfQcI5vZzha8DxBYkyCNtmB
ad+Z3m8ZsDTEOc5NabAMPLpYgxIjJo6vf3y1y7CmvF9Ogl/9p2YKARvNZCyQEigN
bShYSD7R6Y4TY2hj4Nc1BSgR5UKyRfgyH2CrW3FSwaUTMrMefCzNLY0rzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPK0TQu4JOy5vK7aMx0184Mt0xx1MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvOHJSTkM3Z2s3TG04cnRvekhUWHpneTNUSEhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLYSIMA0G
CSqGSIb3DQEBCwUAA4IBAQC2JoIvZ9f+QVjJsrAfnj65zfOfx5KziwdQq4aXgfTy
0ZDxrT/pn3D++MkqeO2cXN9b4fkgSdxi0vmw11brVqVoQTIKNvYhwinebkXJri8j
NzCySMnbP7JHT28apeil5AzM97tS/HSld0oHgjRAXaGzoaypEmFWkfwRuydiRKq8
GQBMiIfzBpI8yQyAVGu9O+vt47VJ88PcKt+ZeCB2r4gJ1MaCRmqOvHMH8EbvYjwF
tO01s6lbEfZ2UJG363nCnx2rTxRqKyYcSUSUMFmx1lZpEH67wr9YDkUTjsxgefpl
+OH/Xz0quCXXAonmzFIvJqIn5Pn34KmMUdX4FytK9MAZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:51 2024 by rpki-client on console-fra.rpki-client.org