Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/KSOxnBAqGxyCx8ekfb2iZB61WFc.roa
File: KSOxnBAqGxyCx8ekfb2iZB61WFc.roa (raw, json)
Hash identifier: LSRPObrw1HHKvLfnbFgAXrNQ3pWDx7SolNs0ls5yxic=
Subject key identifier: 29:23:B1:9C:10:2A:1B:1C:82:C7:C7:A4:7D:BD:A2:64:1E:B5:58:57
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0186B0C0A6C9CA70B78BC293E254854CABE5
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/KSOxnBAqGxyCx8ekfb2iZB61WFc.roa
Signing time: Sun 05 Mar 2023 07:51:00 +0000
ROA not before: Sun 05 Mar 2023 07:51:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 45.149.73.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b0:c0:a6:c9:ca:70:b7:8b:c2:93:e2:54:85:4c:ab:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Mar 5 07:51:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2923b19c102a1b1c82c7c7a47dbda2641eb55857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ba:82:c4:0a:f6:19:a8:ab:41:c7:d5:a2:1e:
3a:32:1c:db:c2:20:1f:54:2f:82:37:54:8e:ba:b3:
db:a6:73:a8:c9:56:91:32:3a:b0:bc:f1:88:77:4d:
ad:e3:7b:91:8e:57:d9:57:6b:e2:75:3e:be:e0:17:
bc:7e:d0:2b:31:59:84:c3:7e:09:24:07:75:e2:47:
a5:2c:95:20:4c:a3:fb:09:cd:de:5d:08:ab:d4:da:
4d:a5:7b:2f:67:8c:af:3a:f0:02:88:51:53:79:1c:
ba:c0:dc:83:3e:7a:6d:cf:20:ec:bd:d3:31:ab:bf:
fa:d9:a3:d0:ae:53:a5:f9:23:87:46:45:12:62:05:
0c:04:27:93:5a:f3:33:dd:a5:dc:9e:68:8b:2d:5f:
e1:a5:03:52:92:81:a6:12:59:f0:80:78:78:19:76:
63:da:29:fc:80:73:28:1d:07:f2:9f:bc:91:e0:ce:
a6:f8:a2:e7:f8:d2:28:e7:ae:c8:8d:47:23:d5:63:
99:aa:e2:4b:16:b3:bc:0a:d2:56:b5:cf:ae:93:87:
a0:d7:56:0d:4b:76:a5:7f:50:41:a5:4a:16:61:a7:
7c:cc:84:2f:86:ec:87:c6:47:f9:de:b8:3f:c3:65:
ab:ef:a8:66:37:a4:3e:66:df:16:8d:f9:16:ad:2b:
92:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:23:B1:9C:10:2A:1B:1C:82:C7:C7:A4:7D:BD:A2:64:1E:B5:58:57
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/KSOxnBAqGxyCx8ekfb2iZB61WFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.73.0/24
Signature Algorithm: sha256WithRSAEncryption
24:87:23:8c:f0:fc:52:46:29:3a:16:19:80:d7:96:30:d8:92:
78:59:3f:6f:79:6f:29:15:5e:d0:c5:b6:77:d5:9a:7e:90:54:
b4:c2:fb:5a:98:7a:63:24:bc:0c:82:ef:46:90:e3:73:5b:de:
c8:46:a7:41:eb:6b:a6:70:82:fd:4e:4b:32:92:b4:55:70:a9:
6e:43:4f:1a:33:3c:38:57:d2:fe:9a:2d:70:59:e4:94:e6:b9:
64:74:1e:a5:2e:24:a7:bf:be:0c:70:e6:90:56:8b:cd:76:4a:
9b:c0:d2:7e:b9:ae:a9:61:da:1e:1a:21:7b:20:24:8e:47:5a:
fe:39:7c:f9:6a:94:59:cf:de:6e:9d:ff:f3:f5:3a:cc:e7:ed:
ad:97:73:82:70:df:90:ad:5e:36:0e:ac:7b:2a:9a:2e:3b:50:
3f:ee:d0:c7:57:4c:21:47:72:49:e5:34:28:99:a0:e5:39:9b:
25:0c:e0:e9:48:ea:28:28:47:05:ec:c9:94:bb:03:2a:e8:88:
0e:b9:14:ca:aa:9e:17:2f:af:70:c8:10:99:7c:50:c5:b2:a5:
09:75:2e:7c:30:fc:d9:02:d2:6f:07:1a:6d:95:18:f2:33:52:
72:aa:50:30:19:9b:d8:1d:c3:19:81:6f:a4:8f:00:6f:ac:5e:
71:9a:31:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYawwKbJynC3i8KT4lSFTKvlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMzA1MDc1MTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTIzYjE5YzEwMmExYjFjODJjN2M3YTQ3ZGJkYTI2NDFlYjU1ODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7qCxAr2GairQcfVoh46MhzbwiAf
VC+CN1SOurPbpnOoyVaRMjqwvPGId02t43uRjlfZV2vidT6+4Be8ftArMVmEw34J
JAd14kelLJUgTKP7Cc3eXQir1NpNpXsvZ4yvOvACiFFTeRy6wNyDPnptzyDsvdMx
q7/62aPQrlOl+SOHRkUSYgUMBCeTWvMz3aXcnmiLLV/hpQNSkoGmElnwgHh4GXZj
2in8gHMoHQfyn7yR4M6m+KLn+NIo567IjUcj1WOZquJLFrO8CtJWtc+uk4eg11YN
S3alf1BBpUoWYad8zIQvhuyHxkf53rg/w2Wr76hmN6Q+Zt8WjfkWrSuSnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCkjsZwQKhscgsfHpH29omQetVhXMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvS1NPeG5CQXFHeHlDeDhla2ZiMmlaQjYxV0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZVJMA0G
CSqGSIb3DQEBCwUAA4IBAQAkhyOM8PxSRik6FhmA15Yw2JJ4WT9veW8pFV7QxbZ3
1Zp+kFS0wvtamHpjJLwMgu9GkONzW97IRqdB62umcIL9TksykrRVcKluQ08aMzw4
V9L+mi1wWeSU5rlkdB6lLiSnv74McOaQVovNdkqbwNJ+ua6pYdoeGiF7ICSOR1r+
OXz5apRZz95unf/z9TrM5+2tl3OCcN+QrV42Dqx7KpouO1A/7tDHV0whR3JJ5TQo
maDlOZslDODpSOooKEcF7MmUuwMq6IgOuRTKqp4XL69wyBCZfFDFsqUJdS58MPzZ
AtJvBxptlRjyM1JyqlAwGZvYHcMZgW+kjwBvrF5xmjEg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org