Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/mzmS241YP1YSqlX2skrAuZXSnTM.roa
File: mzmS241YP1YSqlX2skrAuZXSnTM.roa (raw, json)
Hash identifier: 8xyTB1g3Mp/gaourSrphUKIh3BpryhHy/EtnXeKmTos=
Subject key identifier: 9B:39:92:DB:8D:58:3F:56:12:AA:55:F6:B2:4A:C0:B9:95:D2:9D:33
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01877E2FE93D307A6546B9D26C33F8D5A1A7
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/mzmS241YP1YSqlX2skrAuZXSnTM.roa
Signing time: Fri 14 Apr 2023 05:14:41 +0000
ROA not before: Fri 14 Apr 2023 05:14:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.149.75.0/24 maxlen: 24
45.149.74.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7e:2f:e9:3d:30:7a:65:46:b9:d2:6c:33:f8:d5:a1:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Apr 14 05:14:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b3992db8d583f5612aa55f6b24ac0b995d29d33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:bd:a9:74:67:93:3e:3e:2a:44:5b:0e:c0:48:
d1:db:bd:05:05:26:38:92:8c:b0:a7:ec:5e:48:f3:
93:87:64:3f:11:34:5c:34:bf:84:a2:46:75:56:9e:
51:59:bd:3f:99:7d:7d:d9:b9:f9:9b:5f:08:c1:ec:
21:b2:23:68:ad:4b:64:ae:fd:f0:28:39:2e:70:bd:
b1:83:a8:f1:77:c6:f1:db:15:83:3c:9f:b2:d4:e6:
8c:c3:fc:fe:92:e5:5e:5e:07:1d:19:02:fc:af:d8:
01:63:35:d6:33:62:3e:65:69:6d:26:1c:f1:bf:3e:
1b:04:f0:ab:69:3c:a0:5b:50:e6:61:cc:5c:81:79:
fe:cb:da:db:26:c1:ea:ac:77:cd:c3:a5:8d:f2:60:
15:15:d0:38:7f:b8:45:7d:ca:82:94:eb:d0:1e:49:
92:af:c1:87:85:d3:7c:4b:1e:f0:13:db:cd:a6:ab:
b6:a6:0d:0d:f6:28:a8:a7:a3:43:8c:d0:29:ef:78:
89:3f:40:bf:fd:3e:11:9e:8f:cc:87:27:96:db:12:
bb:a5:46:7a:ff:26:c9:02:3c:cb:3b:c7:2f:55:69:
4b:58:9e:b5:a9:83:d6:0a:ce:f9:1b:3d:b0:43:a4:
ce:c6:df:7e:65:a6:3e:77:ce:e9:d0:55:ef:d0:34:
b9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:39:92:DB:8D:58:3F:56:12:AA:55:F6:B2:4A:C0:B9:95:D2:9D:33
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/mzmS241YP1YSqlX2skrAuZXSnTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.74.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:d5:68:7e:02:15:c5:49:a8:4f:58:d4:c3:95:7f:51:d7:be:
65:19:75:e0:fb:3e:1c:e1:d9:0e:87:dc:53:59:0f:33:e0:67:
bf:5c:e0:a0:74:a2:09:97:03:53:d3:36:27:47:7c:bf:f2:2b:
0c:0c:68:aa:8b:aa:14:2a:08:f8:a6:8f:a1:4c:be:f5:3e:61:
4b:30:01:3a:3e:22:6d:46:61:4e:91:ae:f1:2f:89:98:bd:7a:
d6:7e:64:76:ff:e5:0f:67:5e:1e:e5:d0:56:f6:07:91:e0:82:
3d:06:c9:b4:c6:3d:5d:4c:e5:d9:d0:92:f2:48:fb:23:22:06:
c3:ea:16:18:69:21:b6:a6:94:ca:1a:9f:9d:23:3a:56:e6:0e:
37:c7:84:e4:c3:09:6d:d6:c4:5e:1c:6f:a7:75:66:5a:87:0a:
89:ba:f5:d2:17:0d:38:3f:cc:8b:57:c7:74:ee:74:bc:23:de:
9f:15:a6:6c:9a:21:e5:e3:a0:19:a5:50:92:63:17:48:04:51:
ab:b0:d9:ff:75:c9:f9:0d:75:d6:a3:02:cd:af:45:d4:af:25:
0a:c5:40:da:df:ad:e5:e4:ac:ce:1d:9c:8c:d3:4a:98:18:9f:
2c:7c:a0:fa:ba:00:91:a3:ed:25:d2:d1:c4:84:bc:19:56:6e:
1d:b8:63:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd+L+k9MHplRrnSbDP41aGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwNDE0MDUxNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjM5OTJkYjhkNTgzZjU2MTJhYTU1ZjZiMjRhYzBiOTk1ZDI5ZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnL2pdGeTPj4qRFsOwEjR270FBSY4
koywp+xeSPOTh2Q/ETRcNL+EokZ1Vp5RWb0/mX192bn5m18IwewhsiNorUtkrv3w
KDkucL2xg6jxd8bx2xWDPJ+y1OaMw/z+kuVeXgcdGQL8r9gBYzXWM2I+ZWltJhzx
vz4bBPCraTygW1DmYcxcgXn+y9rbJsHqrHfNw6WN8mAVFdA4f7hFfcqClOvQHkmS
r8GHhdN8Sx7wE9vNpqu2pg0N9iiop6NDjNAp73iJP0C//T4Rno/MhyeW2xK7pUZ6
/ybJAjzLO8cvVWlLWJ61qYPWCs75Gz2wQ6TOxt9+ZaY+d87p0FXv0DS5cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJs5ktuNWD9WEqpV9rJKwLmV0p0zMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvbXptUzI0MVlQMVlTcWxYMnNrckF1WlhTblRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZVKMA0G
CSqGSIb3DQEBCwUAA4IBAQCg1Wh+AhXFSahPWNTDlX9R175lGXXg+z4c4dkOh9xT
WQ8z4Ge/XOCgdKIJlwNT0zYnR3y/8isMDGiqi6oUKgj4po+hTL71PmFLMAE6PiJt
RmFOka7xL4mYvXrWfmR2/+UPZ14e5dBW9geR4II9Bsm0xj1dTOXZ0JLySPsjIgbD
6hYYaSG2ppTKGp+dIzpW5g43x4Tkwwlt1sReHG+ndWZahwqJuvXSFw04P8yLV8d0
7nS8I96fFaZsmiHl46AZpVCSYxdIBFGrsNn/dcn5DXXWowLNr0XUryUKxUDa363l
5KzOHZyM00qYGJ8sfKD6ugCRo+0l0tHEhLwZVm4duGOZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org