Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/jd90B8h6aMboUibsLo5ALyaUdsE.roa
File: jd90B8h6aMboUibsLo5ALyaUdsE.roa (raw, json)
Hash identifier: dd8K0GcGiSq2xZTUACrwp61cO58AYiQOHyTLyB1zfS4=
Subject key identifier: 8D:DF:74:07:C8:7A:68:C6:E8:52:26:EC:2E:8E:40:2F:26:94:76:C1
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01877A9CB8830D22C2F0F9000916128AE7D6
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/jd90B8h6aMboUibsLo5ALyaUdsE.roa
Signing time: Thu 13 Apr 2023 12:35:03 +0000
ROA not before: Thu 13 Apr 2023 12:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.149.75.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7a:9c:b8:83:0d:22:c2:f0:f9:00:09:16:12:8a:e7:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Apr 13 12:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ddf7407c87a68c6e85226ec2e8e402f269476c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d7:58:89:34:5d:c6:32:4c:ee:9e:87:d0:21:
3c:d0:6b:07:cd:56:e5:a2:00:22:d0:1a:de:2b:0d:
2e:d5:6d:ba:61:58:75:b4:72:da:da:fe:4d:5a:03:
8e:09:76:b7:bf:56:ae:4a:ca:4f:f3:60:5f:ee:4c:
d6:72:bf:cb:f1:09:c9:03:67:f0:74:f6:70:2f:01:
70:33:01:39:64:24:d2:02:8e:74:1d:4b:a8:d4:6e:
d1:5a:e1:93:23:21:14:4a:08:25:eb:1f:8e:12:4e:
56:d1:4e:eb:f0:c6:8d:47:00:ae:32:c3:b6:cb:13:
00:37:9e:25:bf:b5:52:28:d9:07:db:9a:a9:09:57:
1a:dc:cc:55:7c:f9:c5:20:1f:a8:80:0c:63:51:fd:
28:03:a7:19:fc:07:4d:99:f1:f5:d2:71:1f:63:ed:
fd:46:ae:13:da:af:f2:91:c8:5f:79:90:20:b8:7a:
00:69:18:35:ec:c8:30:65:f4:f8:6e:08:db:f4:59:
f4:38:1f:20:75:a2:d9:ff:eb:0d:95:b7:4c:ef:3f:
26:1e:24:0d:f9:a2:9c:c0:48:34:74:2f:ab:e1:fd:
d0:66:0d:05:4e:d3:d7:a8:5f:a2:02:e7:98:82:1a:
7c:e5:d2:14:43:5f:4c:01:90:a6:3f:9c:d0:ac:89:
3e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:DF:74:07:C8:7A:68:C6:E8:52:26:EC:2E:8E:40:2F:26:94:76:C1
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/jd90B8h6aMboUibsLo5ALyaUdsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.75.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:a3:42:83:0b:6f:e8:88:bf:1c:f1:e8:52:f2:b9:9b:bd:20:
30:18:93:cc:b2:ef:99:2f:79:4d:62:35:75:47:63:43:67:ad:
fb:00:48:33:7a:d5:05:a5:f8:37:32:52:ec:31:85:02:04:54:
56:c1:2a:c5:df:6c:20:dd:70:dc:2e:1f:4d:10:83:ba:3f:a4:
ca:4d:14:a3:dd:d9:69:18:fe:e0:e5:f8:56:3a:c2:c3:a4:6b:
d5:ac:52:54:84:78:b7:be:d3:81:e3:cd:5d:8c:b0:bb:7c:04:
86:c0:45:f3:04:a5:c0:6e:77:77:e8:69:00:01:6b:3a:be:03:
e1:9e:ea:9b:49:74:d2:45:22:8a:46:52:dd:31:54:89:28:a8:
8c:db:27:66:53:bf:0d:2b:a9:c3:c7:5d:c6:4f:46:7f:e7:20:
ab:c9:a2:d0:7e:90:b2:d1:e4:cd:c4:7e:d2:41:7d:10:c2:6e:
5d:0d:24:b5:90:73:b7:34:1d:f7:98:93:1f:10:e7:04:b3:00:
d9:72:b5:a9:fe:16:92:8a:4e:86:ad:9f:d2:3a:6b:18:81:c6:
9a:1b:75:29:75:a1:5d:bc:ec:7a:99:0c:09:d2:91:63:3f:52:
4f:ca:48:3c:1f:57:32:0c:c7:33:33:4e:98:28:75:1f:50:25:
d4:a5:97:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd6nLiDDSLC8PkACRYSiufWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwNDEzMTIzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGRmNzQwN2M4N2E2OGM2ZTg1MjI2ZWMyZThlNDAyZjI2OTQ3NmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwddYiTRdxjJM7p6H0CE80GsHzVbl
ogAi0BreKw0u1W26YVh1tHLa2v5NWgOOCXa3v1auSspP82Bf7kzWcr/L8QnJA2fw
dPZwLwFwMwE5ZCTSAo50HUuo1G7RWuGTIyEUSggl6x+OEk5W0U7r8MaNRwCuMsO2
yxMAN54lv7VSKNkH25qpCVca3MxVfPnFIB+ogAxjUf0oA6cZ/AdNmfH10nEfY+39
Rq4T2q/ykchfeZAguHoAaRg17MgwZfT4bgjb9Fn0OB8gdaLZ/+sNlbdM7z8mHiQN
+aKcwEg0dC+r4f3QZg0FTtPXqF+iAueYghp85dIUQ19MAZCmP5zQrIk+4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI3fdAfIemjG6FIm7C6OQC8mlHbBMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvamQ5MEI4aDZhTWJvVWlic0xvNUFMeWFVZHNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZVLMA0G
CSqGSIb3DQEBCwUAA4IBAQAro0KDC2/oiL8c8ehS8rmbvSAwGJPMsu+ZL3lNYjV1
R2NDZ637AEgzetUFpfg3MlLsMYUCBFRWwSrF32wg3XDcLh9NEIO6P6TKTRSj3dlp
GP7g5fhWOsLDpGvVrFJUhHi3vtOB481djLC7fASGwEXzBKXAbnd36GkAAWs6vgPh
nuqbSXTSRSKKRlLdMVSJKKiM2ydmU78NK6nDx13GT0Z/5yCryaLQfpCy0eTNxH7S
QX0Qwm5dDSS1kHO3NB33mJMfEOcEswDZcrWp/haSik6GrZ/SOmsYgcaaG3UpdaFd
vOx6mQwJ0pFjP1JPykg8H1cyDMczM06YKHUfUCXUpZd5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:52 2024 by rpki-client on console-ams.rpki-client.org