Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/cHsBeWPt8qScWDqHzBQYOxQ_FrU.roa
File: cHsBeWPt8qScWDqHzBQYOxQ_FrU.roa (raw, json)
Hash identifier: QoHF1YtcCGt8BHqWXuHR/i4CJF5zx4mWj6M1+i4dueo=
Subject key identifier: 70:7B:01:79:63:ED:F2:A4:9C:58:3A:87:CC:14:18:3B:14:3F:16:B5
Certificate issuer: /CN=93a229e266b2558899f3547ee63d84ed6594768b
Certificate serial: 018CC2DB4D0065177198A007D2E8299F0F7B
Authority key identifier: 93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/cHsBeWPt8qScWDqHzBQYOxQ_FrU.roa
Signing time: Mon 01 Jan 2024 02:30:01 +0000
ROA not before: Mon 01 Jan 2024 02:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48357
IP address blocks: 45.88.202.0/24 maxlen: 24
2a0c:2c41:1000::/48 maxlen: 48
2a0c:2c40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:4d:00:65:17:71:98:a0:07:d2:e8:29:9f:0f:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93a229e266b2558899f3547ee63d84ed6594768b
Validity
Not Before: Jan 1 02:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=707b017963edf2a49c583a87cc14183b143f16b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:54:a8:f0:ad:2b:d8:44:92:f2:9c:2a:bb:e8:
7a:f4:cc:b5:3f:ad:a4:d3:2e:f8:84:83:a6:f3:77:
d7:fc:8d:b0:98:02:a6:d7:02:6c:50:fe:18:77:f5:
8c:ca:18:ef:4b:53:93:0e:d6:b0:d3:25:3e:a9:93:
98:ec:c8:b1:a1:9e:84:85:23:51:02:67:a0:fe:69:
e5:58:f8:13:f8:12:55:09:3c:36:f4:98:68:4f:7d:
b5:6b:3d:46:db:69:66:59:b7:d2:8d:09:0a:d7:1c:
e7:4c:37:63:8f:7e:13:14:c1:6e:2c:bc:b3:e3:30:
26:a6:94:8a:f8:c3:b6:9a:ac:51:26:09:62:2b:74:
36:98:71:89:a8:eb:ea:43:2d:a4:54:d3:95:13:46:
b8:90:0c:e5:13:4c:f4:45:72:ad:df:95:fb:e9:1a:
62:25:34:71:9c:36:03:d2:2a:3b:34:20:6b:d1:dd:
ee:a5:7c:ce:29:39:21:93:4e:3a:4e:3a:4c:d7:45:
0e:32:62:d9:a6:44:dd:f3:2a:13:ed:fb:66:38:89:
b2:be:ed:7b:e3:fd:9e:97:d1:f1:2d:e5:b6:d1:8d:
f5:16:18:c3:6f:fd:d7:a3:9d:90:9b:87:44:21:d2:
49:a9:7d:34:6a:f4:a9:64:8e:5f:ed:3b:6a:cc:f0:
41:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:7B:01:79:63:ED:F2:A4:9C:58:3A:87:CC:14:18:3B:14:3F:16:B5
X509v3 Authority Key Identifier:
keyid:93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/cHsBeWPt8qScWDqHzBQYOxQ_FrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/k6Ip4mayVYiZ81R-5j2E7WWUdos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.202.0/24
IPv6:
2a0c:2c40::/32
2a0c:2c41:1000::/48
Signature Algorithm: sha256WithRSAEncryption
49:ab:5e:cd:98:09:93:28:58:dd:6b:1e:4d:f6:d7:21:2b:17:
0b:a7:e8:5d:a9:a9:7c:50:aa:fa:5a:b5:32:1e:95:ea:32:21:
0b:c6:ed:62:e7:fd:b0:c4:90:71:12:8f:e5:e4:8f:da:0e:05:
ec:15:07:c4:10:fc:d6:79:f6:d6:9c:f9:95:09:61:b3:af:9f:
93:60:02:c7:aa:74:15:04:65:2b:c0:11:ae:7d:5b:39:b0:cb:
6b:7f:a3:2d:99:54:df:a4:88:e0:37:0c:c0:9f:04:aa:9e:60:
ad:fe:00:3d:c7:23:ae:d0:cf:00:bc:cd:73:f6:56:7b:75:6d:
88:d7:ca:db:15:5e:34:56:b3:71:12:7c:82:78:df:0d:51:61:
97:a6:a0:92:11:4b:c4:2d:74:b5:cd:56:99:cf:38:df:07:17:
36:43:ae:14:9f:a8:47:a0:2b:cb:ed:1f:42:f1:2f:65:fc:3d:
1d:71:22:a2:0f:bc:09:43:f3:7c:1d:d5:95:dd:2c:5e:39:8c:
18:37:f8:dd:99:20:c3:a1:d6:ac:26:2d:06:5d:55:0e:7b:1f:
b0:c7:56:40:04:b3:f3:34:dd:af:08:34:61:b1:fd:0d:33:87:
5e:9f:78:46:77:f4:de:a4:e3:38:e9:6d:02:06:7f:45:01:0d:
eb:ea:31:e9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzC200AZRdxmKAH0ugpnw97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYTIyOWUyNjZiMjU1ODg5OWYzNTQ3ZWU2M2Q4NGVkNjU5
NDc2OGIwHhcNMjQwMTAxMDIzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDdiMDE3OTYzZWRmMmE0OWM1ODNhODdjYzE0MTgzYjE0M2YxNmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFSo8K0r2ESS8pwqu+h69My1P62k
0y74hIOm83fX/I2wmAKm1wJsUP4Yd/WMyhjvS1OTDtaw0yU+qZOY7MixoZ6EhSNR
Ameg/mnlWPgT+BJVCTw29JhoT321az1G22lmWbfSjQkK1xznTDdjj34TFMFuLLyz
4zAmppSK+MO2mqxRJgliK3Q2mHGJqOvqQy2kVNOVE0a4kAzlE0z0RXKt35X76Rpi
JTRxnDYD0io7NCBr0d3upXzOKTkhk046TjpM10UOMmLZpkTd8yoT7ftmOImyvu17
4/2el9HxLeW20Y31FhjDb/3Xo52Qm4dEIdJJqX00avSpZI5f7TtqzPBBOQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHB7AXlj7fKknFg6h8wUGDsUPxa1MB8GA1UdIwQY
MBaAFJOiKeJmslWImfNUfuY9hO1llHaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazZJcDRtYXlWWWlaODFSLTVqMkU3V1dVZG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jNDA3M2EtOTIzYi00ZWNmLTk1NjYt
NGQ3NzdjYWNkOWE0LzEvY0hzQmVXUHQ4cVNjV0RxSHpCUVlPeFFfRnJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jNDA3M2EtOTIzYi00ZWNmLTk1NjYtNGQ3NzdjYWNkOWE0
LzEvazZJcDRtYXlWWWlaODFSLTVqMkU3V1dVZG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQALVjKMBYE
AgACMBADBQAqDCxAAwcAKgwsQRAAMA0GCSqGSIb3DQEBCwUAA4IBAQBJq17NmAmT
KFjdax5N9tchKxcLp+hdqal8UKr6WrUyHpXqMiELxu1i5/2wxJBxEo/l5I/aDgXs
FQfEEPzWefbWnPmVCWGzr5+TYALHqnQVBGUrwBGufVs5sMtrf6MtmVTfpIjgNwzA
nwSqnmCt/gA9xyOu0M8AvM1z9lZ7dW2I18rbFV40VrNxEnyCeN8NUWGXpqCSEUvE
LXS1zVaZzzjfBxc2Q64Un6hHoCvL7R9C8S9l/D0dcSKiD7wJQ/N8HdWV3SxeOYwY
N/jdmSDDodasJi0GXVUOex+wx1ZABLPzNN2vCDRhsf0NM4den3hGd/TepOM46W0C
Bn9FAQ3r6jHp
-----END CERTIFICATE-----
Generated at Mon Jul 8 14:04:15 2024 by rpki-client on console-ams.rpki-client.org