Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/xJEdYCHgKuuiiVytW9g6DUQgEnQ.roa
File: xJEdYCHgKuuiiVytW9g6DUQgEnQ.roa (raw, json)
Hash identifier: jkPYUHC3yMOf8Rt8BtP3agJgazPHuefwVcjsmPQLVAc=
Subject key identifier: C4:91:1D:60:21:E0:2A:EB:A2:89:5C:AD:5B:D8:3A:0D:44:20:12:74
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0187297C5F1FDC2D88E8471B1495C32F2727
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/xJEdYCHgKuuiiVytW9g6DUQgEnQ.roa
Signing time: Tue 28 Mar 2023 18:30:29 +0000
ROA not before: Tue 28 Mar 2023 18:30:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212219
IP address blocks: 45.149.74.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:29:7c:5f:1f:dc:2d:88:e8:47:1b:14:95:c3:2f:27:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Mar 28 18:30:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4911d6021e02aeba2895cad5bd83a0d44201274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:61:71:e1:ff:29:9c:06:88:66:d4:cf:f1:e2:
7e:12:2f:8b:92:89:ce:9f:a5:2c:69:54:58:f9:04:
53:73:d3:10:57:a6:be:d4:91:ab:a4:45:ca:25:7c:
fe:0f:85:bd:d8:93:c4:21:0e:3d:1b:b2:ba:d0:3e:
dd:97:2f:b9:ac:fb:25:e9:45:0b:59:70:6b:ab:70:
5c:aa:9b:e6:1e:11:ee:81:4d:40:97:ad:92:70:29:
1f:b0:dc:84:89:4c:1a:a1:61:8c:a9:3f:01:3f:64:
26:b6:eb:e1:08:c0:93:8e:47:7e:67:9f:8d:bd:83:
a1:e3:1e:ba:57:fc:32:a2:35:52:08:c5:cf:83:fd:
6b:5a:a2:56:3c:c0:57:6e:3e:bc:58:9b:e7:d4:18:
a5:ba:6a:c7:c8:e6:02:c4:22:bf:27:66:f0:8f:00:
19:9e:5b:3e:a0:70:90:77:e5:b8:f5:4f:87:f1:14:
cf:00:44:00:22:67:90:58:ab:26:c5:f0:ab:ab:22:
72:7c:ec:b9:e9:5b:f6:7e:f5:c1:d7:c9:b4:99:96:
59:0a:f8:21:16:ea:ba:bd:c2:3e:8e:95:36:34:4f:
62:96:e9:b9:4c:ff:e8:a0:75:07:25:9f:a8:bc:96:
77:77:67:49:da:d6:65:04:f1:e1:3f:2d:aa:a9:30:
76:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:91:1D:60:21:E0:2A:EB:A2:89:5C:AD:5B:D8:3A:0D:44:20:12:74
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/xJEdYCHgKuuiiVytW9g6DUQgEnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.74.0/24
Signature Algorithm: sha256WithRSAEncryption
98:44:bf:69:8d:12:67:27:1d:6d:eb:15:10:73:b9:a9:a5:d7:
2c:e0:82:30:b4:45:ab:e8:a2:28:0f:2f:b4:f2:f7:08:a2:17:
76:ef:70:60:44:ab:1f:34:27:ae:f3:0e:f9:fa:61:1c:cc:46:
94:07:37:f9:26:d2:78:6d:27:4b:db:f4:70:79:99:15:61:d1:
d2:84:41:f2:b9:a7:82:68:84:f1:61:52:05:3e:33:2e:04:0a:
1e:99:e2:f3:49:7e:51:ea:e8:e7:09:d7:52:86:e9:1c:4c:cd:
f3:b7:da:a2:15:9d:60:d6:fe:82:1c:4d:dd:5b:9d:f3:3f:de:
21:15:1d:48:c5:90:2e:f3:e9:d4:75:04:c6:ae:8d:43:dc:0d:
f7:66:83:91:40:57:6a:e9:1d:de:75:b0:b0:f4:d1:37:aa:77:
91:29:98:97:51:a6:06:3d:14:04:2e:b8:ea:3d:1e:ee:16:90:
2a:05:bc:fa:34:42:ae:87:27:c5:30:c4:a1:86:1c:d4:27:d6:
e5:81:e5:81:c5:ff:b9:02:89:1a:1a:7f:31:f3:31:56:7a:1d:
32:ef:7c:ea:0b:72:77:3f:44:57:09:40:2e:cc:85:7a:13:96:
2a:f7:ab:50:47:7e:30:2a:c1:96:98:8b:a8:97:7e:8b:f8:39:
07:44:9e:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcpfF8f3C2I6EcbFJXDLycnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMzI4MTgzMDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDkxMWQ2MDIxZTAyYWViYTI4OTVjYWQ1YmQ4M2EwZDQ0MjAxMjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGFx4f8pnAaIZtTP8eJ+Ei+LkonO
n6UsaVRY+QRTc9MQV6a+1JGrpEXKJXz+D4W92JPEIQ49G7K60D7dly+5rPsl6UUL
WXBrq3BcqpvmHhHugU1Al62ScCkfsNyEiUwaoWGMqT8BP2QmtuvhCMCTjkd+Z5+N
vYOh4x66V/wyojVSCMXPg/1rWqJWPMBXbj68WJvn1BilumrHyOYCxCK/J2bwjwAZ
nls+oHCQd+W49U+H8RTPAEQAImeQWKsmxfCrqyJyfOy56Vv2fvXB18m0mZZZCvgh
Fuq6vcI+jpU2NE9ilum5TP/ooHUHJZ+ovJZ3d2dJ2tZlBPHhPy2qqTB2VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMSRHWAh4CrroolcrVvYOg1EIBJ0MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEveEpFZFlDSGdLdXVpaVZ5dFc5ZzZEVVFnRW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZVKMA0G
CSqGSIb3DQEBCwUAA4IBAQCYRL9pjRJnJx1t6xUQc7mppdcs4IIwtEWr6KIoDy+0
8vcIohd273BgRKsfNCeu8w75+mEczEaUBzf5JtJ4bSdL2/RweZkVYdHShEHyuaeC
aITxYVIFPjMuBAoemeLzSX5R6ujnCddShukcTM3zt9qiFZ1g1v6CHE3dW53zP94h
FR1IxZAu8+nUdQTGro1D3A33ZoORQFdq6R3edbCw9NE3qneRKZiXUaYGPRQELrjq
PR7uFpAqBbz6NEKuhyfFMMShhhzUJ9blgeWBxf+5AokaGn8x8zFWeh0y73zqC3J3
P0RXCUAuzIV6E5Yq96tQR34wKsGWmIuol36L+DkHRJ6g
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:52 2024 by rpki-client on console-ams.rpki-client.org