Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/SpSqUXZM9qm2Z2H53E9YPm3JcDc.roa
File: SpSqUXZM9qm2Z2H53E9YPm3JcDc.roa (raw, json)
Hash identifier: 2VH4r2uQqY0VL2c6ovJ40Kuv1gDlLBB3efRRE4nmLQ4=
Subject key identifier: 4A:94:AA:51:76:4C:F6:A9:B6:67:61:F9:DC:4F:58:3E:6D:C9:70:37
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01882086B71B490B715DF8BD5C1DFC9409AC
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/SpSqUXZM9qm2Z2H53E9YPm3JcDc.roa
Signing time: Mon 15 May 2023 17:47:59 +0000
ROA not before: Mon 15 May 2023 17:47:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.149.74.0/23 maxlen: 24
45.149.75.0/24 maxlen: 24
45.149.74.0/24 maxlen: 24
45.133.89.0/24 maxlen: 24
45.133.90.0/24 maxlen: 24
45.133.91.0/24 maxlen: 24
45.133.88.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:20:86:b7:1b:49:0b:71:5d:f8:bd:5c:1d:fc:94:09:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: May 15 17:47:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a94aa51764cf6a9b66761f9dc4f583e6dc97037
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:09:83:aa:1f:1b:81:f3:31:b6:9c:cd:64:cb:
7b:eb:62:8d:49:8b:b0:cd:01:6b:b6:d5:4c:e8:73:
17:47:59:0f:3c:9c:a2:b4:89:d8:cb:b2:3f:2d:14:
3f:a9:7f:d5:c4:8b:f4:1c:8c:1a:af:1a:8a:e2:0a:
0a:0f:5c:fb:87:15:a0:ea:5f:7b:49:7f:41:ca:87:
86:58:76:44:e7:fa:85:b2:5c:b7:ca:63:e7:0f:11:
85:ad:13:93:da:4f:e4:1f:03:26:99:01:d6:db:b7:
f8:e8:c6:b3:79:f5:4f:36:91:06:ea:ca:d3:e7:28:
75:9f:aa:8f:9e:b9:e4:5a:a2:61:7f:08:e4:f2:8e:
0f:2a:8a:d7:a2:e5:db:0c:2e:15:5b:de:a2:4d:ca:
d2:7b:93:0b:9c:50:fe:d5:21:8b:32:c0:eb:12:14:
bc:43:49:f6:e2:3e:e3:78:ac:69:62:84:50:82:a6:
7c:a0:be:13:61:3e:60:94:fe:13:ad:1d:74:80:ce:
aa:7b:53:89:23:d1:1b:a5:e0:a9:db:3f:9e:1d:6e:
78:b2:a9:03:78:e5:cb:ac:77:e5:81:a1:5e:5c:62:
76:5d:72:25:6b:c0:36:a6:9b:69:04:95:1d:55:84:
21:28:18:ee:a1:ba:05:f9:71:bd:86:d0:24:89:0e:
67:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:94:AA:51:76:4C:F6:A9:B6:67:61:F9:DC:4F:58:3E:6D:C9:70:37
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/SpSqUXZM9qm2Z2H53E9YPm3JcDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.88.0/22
45.149.74.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:7d:5f:cb:ff:20:15:15:38:52:c8:62:01:9f:24:bc:dd:e3:
a7:33:29:a8:e2:dc:2e:cc:76:83:00:0a:0b:0e:35:56:f8:fd:
e7:dd:bf:ce:76:55:7c:96:92:58:74:74:39:1e:99:c7:87:90:
76:6f:8f:75:31:ee:a3:5e:e5:13:f7:76:f3:12:31:df:fe:c2:
63:92:ed:8e:f6:25:3c:d8:69:f3:f9:d1:68:dd:10:9a:dd:b5:
65:83:82:cf:b4:61:10:6e:4d:6f:4f:4a:1c:ec:a1:bb:d9:eb:
9b:0c:82:7b:39:75:24:1e:68:06:a4:f7:84:cb:c9:c9:ce:62:
9b:73:1d:e6:77:6a:41:8c:3c:89:10:17:bf:d5:5e:4e:74:90:
6d:2c:42:77:6f:d6:ad:d2:36:3e:ab:0e:4a:30:0b:af:17:70:
e9:37:8c:1c:bb:2f:66:57:f2:ec:c4:56:3c:d1:92:87:2d:d0:
16:c2:d3:43:0e:29:3d:66:b0:22:a9:5a:31:09:e5:1f:45:37:
52:88:de:bf:dc:11:9c:f9:fd:68:30:3c:dc:e4:94:a6:5c:49:
99:df:8e:4d:df:13:c6:8c:f1:a5:30:dc:27:2f:84:91:b2:6f:
da:93:2d:ca:00:0c:6b:d9:e0:16:cd:ac:ad:1c:79:17:bc:5c:
11:3f:d4:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgghrcbSQtxXfi9XB38lAmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwNTE1MTc0NzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTk0YWE1MTc2NGNmNmE5YjY2NzYxZjlkYzRmNTgzZTZkYzk3MDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQmDqh8bgfMxtpzNZMt762KNSYuw
zQFrttVM6HMXR1kPPJyitInYy7I/LRQ/qX/VxIv0HIwarxqK4goKD1z7hxWg6l97
SX9ByoeGWHZE5/qFsly3ymPnDxGFrROT2k/kHwMmmQHW27f46MazefVPNpEG6srT
5yh1n6qPnrnkWqJhfwjk8o4PKorXouXbDC4VW96iTcrSe5MLnFD+1SGLMsDrEhS8
Q0n24j7jeKxpYoRQgqZ8oL4TYT5glP4TrR10gM6qe1OJI9EbpeCp2z+eHW54sqkD
eOXLrHflgaFeXGJ2XXIla8A2pptpBJUdVYQhKBjuoboF+XG9htAkiQ5nFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEqUqlF2TPaptmdh+dxPWD5tyXA3MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvU3BTcVVYWk05cW0yWjJINTNFOVlQbTNKY0RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYVYAwQB
LZVKMA0GCSqGSIb3DQEBCwUAA4IBAQA8fV/L/yAVFThSyGIBnyS83eOnMymo4twu
zHaDAAoLDjVW+P3n3b/OdlV8lpJYdHQ5HpnHh5B2b491Me6jXuUT93bzEjHf/sJj
ku2O9iU82Gnz+dFo3RCa3bVlg4LPtGEQbk1vT0oc7KG72eubDIJ7OXUkHmgGpPeE
y8nJzmKbcx3md2pBjDyJEBe/1V5OdJBtLEJ3b9at0jY+qw5KMAuvF3DpN4wcuy9m
V/LsxFY80ZKHLdAWwtNDDik9ZrAiqVoxCeUfRTdSiN6/3BGc+f1oMDzc5JSmXEmZ
345N3xPGjPGlMNwnL4SRsm/aky3KAAxr2eAWzaytHHkXvFwRP9TB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org