Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/nGQZLlZPyMNi5JEoM9-enNevk-w.roa
File: nGQZLlZPyMNi5JEoM9-enNevk-w.roa (raw, json)
Hash identifier: oFDrgigQMFd5Z9CsorjgDuabEjY+VcyMAJS90C5wa8E=
Subject key identifier: 9C:64:19:2E:56:4F:C8:C3:62:E4:91:28:33:DF:9E:9C:D7:AF:93:EC
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018682A6D75D305D3A1FF07B9D14736CA821
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/nGQZLlZPyMNi5JEoM9-enNevk-w.roa
Signing time: Fri 24 Feb 2023 09:00:17 +0000
ROA not before: Fri 24 Feb 2023 09:00:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 45.149.72.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:a6:d7:5d:30:5d:3a:1f:f0:7b:9d:14:73:6c:a8:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Feb 24 09:00:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c64192e564fc8c362e4912833df9e9cd7af93ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f6:85:82:5f:09:48:55:e7:25:39:a4:b8:8c:
be:e5:37:1f:e4:21:76:b7:04:50:e8:7b:31:49:23:
d7:79:18:39:93:eb:4b:d8:86:c4:5c:98:a5:47:f5:
aa:33:c9:36:27:5d:95:a4:53:10:69:83:8e:c6:c6:
ad:bc:b3:55:95:19:7b:67:02:5f:8f:10:57:4c:8c:
c8:c6:05:50:f4:98:dc:bd:d9:b5:d2:66:bd:c3:2e:
84:a5:af:c5:4b:6f:2f:77:79:69:98:b8:fb:9a:71:
df:89:02:c2:5d:d4:8e:46:ec:e5:96:0b:a0:e0:c9:
77:22:c8:b2:fd:3c:15:c3:06:27:5d:3e:d1:8a:0e:
9b:ac:c1:ac:9a:a2:35:f6:ed:e6:e3:22:29:fe:a1:
32:bd:54:ed:56:d1:70:fb:29:77:a9:3c:ab:40:28:
0e:25:05:dc:f5:b1:30:2a:14:7d:68:8b:6c:6f:87:
9a:3c:1e:99:91:e3:c9:2b:40:31:43:1e:c4:53:e4:
9c:77:85:54:77:11:7a:76:fd:32:61:85:05:45:7a:
10:81:17:a1:c9:64:88:78:8a:6d:87:2c:61:c1:d6:
33:28:18:8b:fa:ac:ca:8a:3a:c2:1b:f2:70:80:20:
83:2f:bf:df:13:71:02:17:62:65:7d:c4:9c:c5:9b:
b8:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:64:19:2E:56:4F:C8:C3:62:E4:91:28:33:DF:9E:9C:D7:AF:93:EC
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/nGQZLlZPyMNi5JEoM9-enNevk-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.72.0/24
Signature Algorithm: sha256WithRSAEncryption
71:ec:3a:fb:4e:7a:76:5c:f7:d5:17:3e:c6:50:aa:21:43:53:
2d:52:f4:e8:54:c3:58:b4:d1:46:7e:b6:be:eb:36:e9:83:b6:
45:18:af:61:48:88:0d:9e:32:8f:fc:9c:97:b1:c5:3a:b9:b2:
12:0a:31:04:f9:c4:c1:35:8c:a1:18:36:85:b2:1f:c1:9b:ac:
56:d8:fc:f6:ef:a9:4e:10:f6:9d:e3:66:e3:2f:3b:84:54:f2:
9d:aa:47:96:30:ec:bb:44:88:46:c4:1e:7a:5a:73:c3:d2:47:
90:6d:44:67:a8:bd:45:cf:06:ef:53:b9:bb:10:1c:5c:88:5a:
7c:51:61:8e:ee:e8:4d:e3:26:55:10:46:86:13:82:5e:88:b3:
4d:ca:f1:b8:d7:16:62:98:f0:1c:c1:79:fa:b2:c8:01:4d:9e:
ca:c2:52:e2:f9:43:d2:ce:82:5b:8c:97:42:55:0e:2b:8a:35:
6b:c7:9c:d0:7f:b5:7c:60:31:52:3f:eb:5e:8a:ae:97:3e:92:
4f:81:8c:b0:41:ad:9c:c0:a6:10:ab:dd:5b:88:c0:fc:ba:1f:
a8:2c:c5:5f:1a:88:3e:0d:6a:72:ed:ce:da:8f:78:7c:b8:75:
44:e9:f9:00:e8:62:4a:71:19:38:be:47:74:95:96:f0:a6:cd:
eb:3d:28:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaCptddMF06H/B7nRRzbKghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMjI0MDkwMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzY0MTkyZTU2NGZjOGMzNjJlNDkxMjgzM2RmOWU5Y2Q3YWY5M2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/aFgl8JSFXnJTmkuIy+5Tcf5CF2
twRQ6HsxSSPXeRg5k+tL2IbEXJilR/WqM8k2J12VpFMQaYOOxsatvLNVlRl7ZwJf
jxBXTIzIxgVQ9Jjcvdm10ma9wy6Epa/FS28vd3lpmLj7mnHfiQLCXdSORuzllgug
4Ml3Isiy/TwVwwYnXT7Rig6brMGsmqI19u3m4yIp/qEyvVTtVtFw+yl3qTyrQCgO
JQXc9bEwKhR9aItsb4eaPB6ZkePJK0AxQx7EU+Scd4VUdxF6dv0yYYUFRXoQgReh
yWSIeIpthyxhwdYzKBiL+qzKijrCG/JwgCCDL7/fE3ECF2JlfcScxZu4mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJxkGS5WT8jDYuSRKDPfnpzXr5PsMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvbkdRWkxsWlB5TU5pNUpFb005LWVuTmV2ay13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZVIMA0G
CSqGSIb3DQEBCwUAA4IBAQBx7Dr7Tnp2XPfVFz7GUKohQ1MtUvToVMNYtNFGfra+
6zbpg7ZFGK9hSIgNnjKP/JyXscU6ubISCjEE+cTBNYyhGDaFsh/Bm6xW2Pz276lO
EPad42bjLzuEVPKdqkeWMOy7RIhGxB56WnPD0keQbURnqL1FzwbvU7m7EBxciFp8
UWGO7uhN4yZVEEaGE4JeiLNNyvG41xZimPAcwXn6ssgBTZ7KwlLi+UPSzoJbjJdC
VQ4rijVrx5zQf7V8YDFSP+teiq6XPpJPgYywQa2cwKYQq91biMD8uh+oLMVfGog+
DWpy7c7aj3h8uHVE6fkA6GJKcRk4vkd0lZbwps3rPSim
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:52 2024 by rpki-client on console-ams.rpki-client.org