Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/dja8c1BOpZpMZ3CbVM_UqZZ7FdA.roa
File: dja8c1BOpZpMZ3CbVM_UqZZ7FdA.roa (raw, json)
Hash identifier: WzyJtt0AnQAPTStaxcxtU522mMqZNj1K2XDm+qCnK7E=
Subject key identifier: 76:36:BC:73:50:4E:A5:9A:4C:67:70:9B:54:CF:D4:A9:96:7B:15:D0
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01869DEAE939D14AF3D0CDA752E6C6D517E9
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/dja8c1BOpZpMZ3CbVM_UqZZ7FdA.roa
Signing time: Wed 01 Mar 2023 16:04:23 +0000
ROA not before: Wed 01 Mar 2023 16:04:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200010
IP address blocks: 45.149.74.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9d:ea:e9:39:d1:4a:f3:d0:cd:a7:52:e6:c6:d5:17:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Mar 1 16:04:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7636bc73504ea59a4c67709b54cfd4a9967b15d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:53:8d:6a:65:80:8c:21:28:a4:87:ec:52:f6:
3d:80:03:2d:33:2c:05:b9:c7:88:6d:47:80:e5:4a:
1a:d6:c0:49:f5:fb:7a:71:90:80:21:11:99:2d:15:
00:86:bf:22:d0:bd:00:7c:84:46:87:ea:3b:04:a7:
3e:79:fa:10:4a:0d:b1:0d:90:88:85:78:e3:63:62:
67:94:23:03:f7:cc:52:fc:51:f2:a1:19:e9:f7:d8:
48:42:dc:79:89:11:36:c4:45:60:80:83:e3:9a:86:
cf:8f:4d:38:58:66:49:b6:89:e2:8d:f7:6c:50:3b:
13:e8:db:78:fb:1c:9f:30:34:67:34:dd:d7:47:19:
f4:ef:0d:e7:28:8e:87:8f:83:ae:a0:51:37:04:07:
cf:fb:c0:95:cd:b2:98:40:18:b7:67:81:70:36:7f:
07:e8:68:63:39:59:83:43:b5:7e:f0:b2:8d:42:2b:
db:cb:12:62:37:51:d0:d5:b6:01:19:ec:e8:e8:23:
b4:a0:82:a6:ff:17:89:a0:b4:95:08:76:47:7c:3c:
3e:5f:82:ca:b4:0f:08:8d:39:9b:60:7d:40:50:ca:
a6:be:15:fc:6e:5c:bb:16:91:55:1a:d4:fb:d2:71:
85:81:ca:3f:1a:ea:af:96:3b:b1:3c:51:d7:91:66:
4f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:36:BC:73:50:4E:A5:9A:4C:67:70:9B:54:CF:D4:A9:96:7B:15:D0
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/dja8c1BOpZpMZ3CbVM_UqZZ7FdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.74.0/24
Signature Algorithm: sha256WithRSAEncryption
27:bd:12:f7:b7:a4:0a:90:c8:82:fd:46:4f:0b:e5:36:ce:91:
a9:c6:1c:44:64:05:d3:c0:d2:c0:b2:36:8e:a3:9b:9a:b9:cd:
af:b8:66:13:a4:12:f8:1e:f0:73:86:62:1e:3f:fd:40:01:c9:
8c:42:c5:d9:fc:ca:2a:3f:f2:f0:3a:c1:67:94:91:a7:d2:0e:
8f:82:01:87:bb:20:90:87:70:a3:66:4b:9c:3a:e5:9f:ff:f7:
2d:d2:7c:e2:aa:83:fd:5b:b3:71:11:ad:32:92:83:f0:fa:65:
be:a3:e7:5c:dd:c8:a4:82:d9:b8:68:cd:dd:45:f9:6e:95:7c:
54:da:62:d3:b0:15:ca:02:29:a5:04:1d:2f:7b:60:78:81:8c:
72:a4:c2:8e:8a:32:27:64:bd:37:de:d5:91:0e:77:2b:e6:5e:
d9:9f:c2:aa:da:4a:12:05:29:3b:45:ef:dc:2c:78:80:00:06:
d6:dc:59:1b:a0:96:39:f1:26:da:5d:94:80:cd:5d:ae:d4:86:
60:65:89:a6:a1:92:07:77:30:5c:f9:3e:42:30:5a:c0:4b:c7:
16:ab:a0:ea:0d:fa:e2:36:9b:0b:79:c2:3d:26:1e:32:a8:19:
b0:05:ba:f6:6e:8a:d2:90:8a:10:58:af:31:3b:2d:1f:28:bd:
39:ee:e9:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYad6uk50Urz0M2nUubG1RfpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMzAxMTYwNDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjM2YmM3MzUwNGVhNTlhNGM2NzcwOWI1NGNmZDRhOTk2N2IxNWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFONamWAjCEopIfsUvY9gAMtMywF
uceIbUeA5Uoa1sBJ9ft6cZCAIRGZLRUAhr8i0L0AfIRGh+o7BKc+efoQSg2xDZCI
hXjjY2JnlCMD98xS/FHyoRnp99hIQtx5iRE2xEVggIPjmobPj004WGZJtonijfds
UDsT6Nt4+xyfMDRnNN3XRxn07w3nKI6Hj4OuoFE3BAfP+8CVzbKYQBi3Z4FwNn8H
6GhjOVmDQ7V+8LKNQivbyxJiN1HQ1bYBGezo6CO0oIKm/xeJoLSVCHZHfDw+X4LK
tA8IjTmbYH1AUMqmvhX8bly7FpFVGtT70nGFgco/GuqvljuxPFHXkWZPmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHY2vHNQTqWaTGdwm1TP1KmWexXQMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvZGphOGMxQk9wWnBNWjNDYlZNX1VxWlo3RmRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZVKMA0G
CSqGSIb3DQEBCwUAA4IBAQAnvRL3t6QKkMiC/UZPC+U2zpGpxhxEZAXTwNLAsjaO
o5uauc2vuGYTpBL4HvBzhmIeP/1AAcmMQsXZ/MoqP/LwOsFnlJGn0g6PggGHuyCQ
h3CjZkucOuWf//ct0nziqoP9W7NxEa0ykoPw+mW+o+dc3cikgtm4aM3dRflulXxU
2mLTsBXKAimlBB0ve2B4gYxypMKOijInZL033tWRDncr5l7Zn8Kq2koSBSk7Re/c
LHiAAAbW3FkboJY58SbaXZSAzV2u1IZgZYmmoZIHdzBc+T5CMFrAS8cWq6DqDfri
NpsLecI9Jh4yqBmwBbr2borSkIoQWK8xOy0fKL057umj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:52 2024 by rpki-client on console-ams.rpki-client.org