Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/DEVSqusPWhTaQeUBJgWLyCbMYaU.roa
File: DEVSqusPWhTaQeUBJgWLyCbMYaU.roa (raw, json)
Hash identifier: 0mvOXGIhUu08Hd+Glg+tLdvUYzga1gh92ziKvwfS6bY=
Subject key identifier: 0C:45:52:AA:EB:0F:5A:14:DA:41:E5:01:26:05:8B:C8:26:CC:61:A5
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0187ACAEAEA25F7813083BE67DB0B8D0D9B0
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/DEVSqusPWhTaQeUBJgWLyCbMYaU.roa
Signing time: Sun 23 Apr 2023 05:55:41 +0000
ROA not before: Sun 23 Apr 2023 05:55:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.149.74.0/23 maxlen: 24
45.149.75.0/24 maxlen: 24
45.149.74.0/24 maxlen: 24
45.133.89.0/24 maxlen: 24
45.133.90.0/24 maxlen: 24
45.133.91.0/24 maxlen: 24
45.133.88.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ac:ae:ae:a2:5f:78:13:08:3b:e6:7d:b0:b8:d0:d9:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Apr 23 05:55:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c4552aaeb0f5a14da41e50126058bc826cc61a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:65:b0:11:3d:e7:11:ee:dd:51:41:07:ca:36:
aa:0e:52:e8:92:84:a3:b1:f2:d0:fe:c9:54:b3:3b:
e6:8e:f1:01:69:93:aa:d1:0d:ad:cc:9f:51:6b:cc:
c4:8f:ac:18:86:2c:6b:ed:90:f2:8c:53:ed:0e:70:
3e:c7:c8:da:5b:04:09:12:18:63:a3:09:cc:cf:6a:
0a:fd:a0:b9:a7:19:a1:65:0b:2d:fe:f7:c2:f0:02:
01:48:27:bc:b6:97:b6:c0:54:ca:c6:3c:bb:93:ed:
6f:00:1d:88:67:73:03:fd:aa:b8:2d:bd:ca:bf:dc:
50:a5:16:e2:52:42:e1:11:67:4c:e0:30:57:a5:78:
39:57:7a:42:7d:12:c8:a9:85:2e:0c:1f:1d:b7:d0:
15:72:c6:da:9b:5b:4d:bf:ac:75:2b:37:60:13:c1:
da:8c:b5:27:ec:9d:27:ac:ab:8b:66:7e:f7:3c:df:
9c:63:8b:fe:60:d0:44:9b:a1:76:00:c7:be:06:34:
4f:0b:6a:b4:6a:41:da:7d:67:51:92:9b:e7:4b:45:
75:c8:a9:88:df:d5:6a:b0:94:6d:71:7e:d8:f3:c9:
eb:5d:49:87:93:a1:9f:7c:e5:f0:02:5d:77:fa:84:
ab:4f:31:52:78:37:a9:87:d5:d7:86:db:75:79:17:
bb:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:45:52:AA:EB:0F:5A:14:DA:41:E5:01:26:05:8B:C8:26:CC:61:A5
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/DEVSqusPWhTaQeUBJgWLyCbMYaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.88.0/22
45.149.74.0/23
Signature Algorithm: sha256WithRSAEncryption
73:9d:0d:1c:07:5c:a0:a9:f6:cc:c6:63:1a:d9:34:7e:33:d2:
f0:b7:9f:76:fc:af:fc:aa:a9:9e:4b:ae:55:f8:9d:44:a5:8e:
4a:67:12:93:34:a2:cb:9f:a9:a8:64:0d:90:f0:d0:0b:bb:a3:
ae:3e:8c:79:00:97:e4:9f:2b:31:8f:51:d3:ba:8b:95:73:0d:
49:fd:a9:a1:b9:51:a1:45:2f:71:12:1b:06:38:44:8a:71:b9:
3f:e8:72:85:2e:eb:5d:c3:ab:ba:a5:bc:e9:91:f6:79:a2:2c:
65:13:2c:2d:b0:38:53:91:70:20:6f:d4:53:c0:d0:d9:78:e7:
b7:6e:a0:03:24:ca:b1:c8:28:f3:c5:5e:8f:1f:57:df:73:65:
ef:bf:b8:4a:66:de:26:74:ff:0a:d5:0f:20:41:0b:4d:22:f3:
c2:d1:40:cd:45:ad:ba:8d:e1:c1:99:a4:27:a1:a0:c7:90:1d:
f8:9f:f6:ef:78:4c:6e:da:8d:96:1e:ae:48:11:cb:2e:f6:32:
fc:25:2a:b1:4a:4e:14:b9:9c:d4:1d:da:bf:48:2c:c9:eb:5a:
be:fa:98:e5:97:70:86:bc:a7:db:ad:30:8d:13:5b:fa:74:f5:
74:25:ae:a5:e1:ee:ad:91:1e:d8:2a:0a:aa:17:8f:56:cb:10:
10:98:e2:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYesrq6iX3gTCDvmfbC40NmwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwNDIzMDU1NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzQ1NTJhYWViMGY1YTE0ZGE0MWU1MDEyNjA1OGJjODI2Y2M2MWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGWwET3nEe7dUUEHyjaqDlLokoSj
sfLQ/slUszvmjvEBaZOq0Q2tzJ9Ra8zEj6wYhixr7ZDyjFPtDnA+x8jaWwQJEhhj
ownMz2oK/aC5pxmhZQst/vfC8AIBSCe8tpe2wFTKxjy7k+1vAB2IZ3MD/aq4Lb3K
v9xQpRbiUkLhEWdM4DBXpXg5V3pCfRLIqYUuDB8dt9AVcsbam1tNv6x1KzdgE8Ha
jLUn7J0nrKuLZn73PN+cY4v+YNBEm6F2AMe+BjRPC2q0akHafWdRkpvnS0V1yKmI
39VqsJRtcX7Y88nrXUmHk6GffOXwAl13+oSrTzFSeDeph9XXhtt1eRe7bQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAxFUqrrD1oU2kHlASYFi8gmzGGlMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvREVWU3F1c1BXaFRhUWVVQkpnV0x5Q2JNWWFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYVYAwQB
LZVKMA0GCSqGSIb3DQEBCwUAA4IBAQBznQ0cB1ygqfbMxmMa2TR+M9Lwt592/K/8
qqmeS65V+J1EpY5KZxKTNKLLn6moZA2Q8NALu6OuPox5AJfknysxj1HTuouVcw1J
/amhuVGhRS9xEhsGOESKcbk/6HKFLutdw6u6pbzpkfZ5oixlEywtsDhTkXAgb9RT
wNDZeOe3bqADJMqxyCjzxV6PH1ffc2Xvv7hKZt4mdP8K1Q8gQQtNIvPC0UDNRa26
jeHBmaQnoaDHkB34n/bveExu2o2WHq5IEcsu9jL8JSqxSk4UuZzUHdq/SCzJ61q+
+pjll3CGvKfbrTCNE1v6dPV0Ja6l4e6tkR7YKgqqF49WyxAQmOJS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:51 2024 by rpki-client on console-fra.rpki-client.org