Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_LYCfqJmrS3PoBavXURWQsYjQUo.roa
File: _LYCfqJmrS3PoBavXURWQsYjQUo.roa (raw, json)
Hash identifier: YXCTMdQlQDslE3oFKgzdIqyoZPWWwpH/svb0KMI5tXg=
Subject key identifier: FC:B6:02:7E:A2:66:AD:2D:CF:A0:16:AF:5D:44:56:42:C6:23:41:4A
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0188CC51F84632A605F248B28B789BCC2B85
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_LYCfqJmrS3PoBavXURWQsYjQUo.roa
Signing time: Sun 18 Jun 2023 02:25:03 +0000
ROA not before: Sun 18 Jun 2023 02:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.149.74.0/23 maxlen: 24
45.149.75.0/24 maxlen: 24
45.149.72.0/24 maxlen: 24
45.149.74.0/24 maxlen: 24
45.133.89.0/24 maxlen: 24
45.133.90.0/24 maxlen: 24
45.133.91.0/24 maxlen: 24
45.133.88.0/24 maxlen: 24
45.148.254.0/23 maxlen: 24
45.148.254.0/24 maxlen: 24
45.148.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:cc:51:f8:46:32:a6:05:f2:48:b2:8b:78:9b:cc:2b:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jun 18 02:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcb6027ea266ad2dcfa016af5d445642c623414a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c6:da:3a:17:64:41:32:4f:03:e4:d3:eb:0c:
a5:77:40:72:df:c2:33:dd:64:ed:80:61:9f:57:35:
12:0f:42:69:0b:bc:06:cd:d4:75:7e:1c:d2:10:34:
c3:a6:56:38:73:35:c1:43:a4:89:63:be:6f:98:c3:
b5:03:e4:a0:33:0c:fa:4b:0e:cc:03:a9:74:f2:49:
b2:f8:96:5a:f7:6d:e1:96:5f:18:25:71:54:a2:4e:
89:62:b1:4f:2b:c7:26:fb:69:e4:b1:0d:5c:93:58:
d4:d5:ac:b7:90:2b:5b:d6:fb:29:18:59:ac:25:e8:
cd:05:74:c0:7a:72:42:65:aa:67:64:b3:2c:7a:1e:
66:43:b0:07:f7:1b:10:d9:c6:0e:0b:32:5e:dc:b2:
90:51:1e:2d:01:41:ff:53:de:0b:dd:8a:4a:69:ab:
75:32:18:46:9d:40:f7:9c:95:9f:f8:e8:5a:1c:ca:
dd:37:86:6c:28:c9:54:f3:60:f3:07:df:64:87:3b:
83:09:2b:0d:7e:4b:bc:74:2a:91:37:71:a0:13:b2:
45:3a:aa:00:ea:b7:c7:a6:e8:09:d5:dc:e3:04:0b:
db:55:48:3d:46:f0:9a:a7:20:73:2c:f1:78:8c:02:
97:3c:11:40:60:dd:ba:e9:54:31:4b:14:52:ed:66:
4a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:B6:02:7E:A2:66:AD:2D:CF:A0:16:AF:5D:44:56:42:C6:23:41:4A
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_LYCfqJmrS3PoBavXURWQsYjQUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.88.0/22
45.148.254.0/23
45.149.72.0/24
45.149.74.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:ee:cc:5f:c2:a9:0f:ab:f9:9d:5d:6d:a3:18:b2:bd:80:7c:
5d:22:c2:ea:a1:9c:18:c4:63:16:64:11:5c:0e:28:73:55:33:
9b:f4:bf:c5:b3:7a:aa:31:5e:5d:76:d8:96:0a:cd:9e:ce:37:
91:44:99:c2:fd:07:a8:bc:f3:48:4e:5a:d3:08:7b:2e:3e:72:
32:e4:7b:3f:75:49:e0:59:dd:df:63:3b:36:b9:fe:64:6b:54:
cd:f5:ba:28:e4:0d:aa:a7:03:53:4f:19:ce:b8:6e:5e:f4:50:
bc:59:86:10:7c:00:dd:2b:02:8b:e8:bb:01:38:79:2c:cd:e4:
71:ba:ee:53:c6:5f:57:53:8c:d5:1d:af:37:24:b4:ff:37:10:
e6:4a:63:a5:a6:f1:e6:5c:a5:ea:ee:cc:18:05:0e:b0:af:35:
02:39:2d:26:88:1c:62:a6:2f:00:81:3f:64:fb:8a:f1:74:61:
dc:c7:e7:ac:15:0b:26:8a:d9:d7:33:e8:fb:07:36:0a:53:f5:
74:9d:6e:fb:be:62:f1:b4:0b:df:cc:dd:1f:9b:cf:03:28:83:
b6:0a:72:4a:a2:48:75:19:d5:0d:30:51:91:cd:1e:dc:6b:c2:
fd:95:ea:42:ad:d4:47:ff:50:15:41:88:91:81:59:72:b0:0c:
9b:cd:73:7e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYjMUfhGMqYF8kiyi3ibzCuFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwNjE4MDIyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2I2MDI3ZWEyNjZhZDJkY2ZhMDE2YWY1ZDQ0NTY0MmM2MjM0MTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsbaOhdkQTJPA+TT6wyld0By38Iz
3WTtgGGfVzUSD0JpC7wGzdR1fhzSEDTDplY4czXBQ6SJY75vmMO1A+SgMwz6Sw7M
A6l08kmy+JZa923hll8YJXFUok6JYrFPK8cm+2nksQ1ck1jU1ay3kCtb1vspGFms
JejNBXTAenJCZapnZLMseh5mQ7AH9xsQ2cYOCzJe3LKQUR4tAUH/U94L3YpKaat1
MhhGnUD3nJWf+OhaHMrdN4ZsKMlU82DzB99khzuDCSsNfku8dCqRN3GgE7JFOqoA
6rfHpugJ1dzjBAvbVUg9RvCapyBzLPF4jAKXPBFAYN266VQxSxRS7WZK9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPy2An6iZq0tz6AWr11EVkLGI0FKMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvX0xZQ2ZxSm1yUzNQb0JhdlhVUldRc1lqUVVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLYVYAwQB
LZT+AwQALZVIAwQBLZVKMA0GCSqGSIb3DQEBCwUAA4IBAQB87sxfwqkPq/mdXW2j
GLK9gHxdIsLqoZwYxGMWZBFcDihzVTOb9L/Fs3qqMV5ddtiWCs2ezjeRRJnC/Qeo
vPNITlrTCHsuPnIy5Hs/dUngWd3fYzs2uf5ka1TN9boo5A2qpwNTTxnOuG5e9FC8
WYYQfADdKwKL6LsBOHkszeRxuu5Txl9XU4zVHa83JLT/NxDmSmOlpvHmXKXq7swY
BQ6wrzUCOS0miBxipi8AgT9k+4rxdGHcx+esFQsmitnXM+j7BzYKU/V0nW77vmLx
tAvfzN0fm88DKIO2CnJKokh1GdUNMFGRzR7ca8L9lepCrdRH/1AVQYiRgVlysAyb
zXN+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org