Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/7Cjj0IEaM2glx6xUrMtrrW_PYXQ.roa
File: 7Cjj0IEaM2glx6xUrMtrrW_PYXQ.roa (raw, json)
Hash identifier: qOLIEspHTFt1MPu49S2D9cgbbFsYbbVkPqsmnF/DoC8=
Subject key identifier: EC:28:E3:D0:81:1A:33:68:25:C7:AC:54:AC:CB:6B:AD:6F:CF:61:74
Certificate issuer: /CN=9cd0758825dd89cfee5fdecc7dcb651f0a5d1018
Certificate serial: 018322F239B70BE328F85600DB68F28D6371
Authority key identifier: 9C:D0:75:88:25:DD:89:CF:EE:5F:DE:CC:7D:CB:65:1F:0A:5D:10:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nNB1iCXdic_uX97MfctlHwpdEBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/7Cjj0IEaM2glx6xUrMtrrW_PYXQ.roa
Signing time: Fri 09 Sep 2022 15:50:43 +0000
ROA not before: Fri 09 Sep 2022 15:50:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48678
IP address blocks: 45.11.98.0/24 maxlen: 24
45.11.97.0/24 maxlen: 24
45.11.96.0/24 maxlen: 24
45.11.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:22:f2:39:b7:0b:e3:28:f8:56:00:db:68:f2:8d:63:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cd0758825dd89cfee5fdecc7dcb651f0a5d1018
Validity
Not Before: Sep 9 15:50:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec28e3d0811a336825c7ac54accb6bad6fcf6174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3d:84:94:c3:8a:48:b5:35:86:85:34:df:07:
f5:64:2f:22:39:c8:a9:fa:f2:cc:be:38:16:aa:d9:
68:75:5b:88:49:9e:2c:c6:18:8d:dd:1a:85:81:e2:
00:ce:41:78:1c:ea:f5:00:2d:6b:dc:ed:37:1f:70:
b9:82:ec:8d:f1:58:fe:0e:d8:e2:5a:28:f7:6c:d3:
60:3a:df:93:20:28:72:c0:28:62:d6:db:41:8c:0a:
24:ec:be:a4:71:ec:9a:9a:40:ce:aa:2c:59:e3:12:
5c:4d:cc:9d:79:2a:33:e6:1e:01:5e:c2:86:66:e3:
db:1c:c7:0d:42:3a:61:60:3e:8d:45:f3:6e:d7:89:
f6:5e:75:d2:9c:35:b9:18:c5:a8:6b:04:21:0f:11:
da:7a:e0:e8:38:5f:a6:89:99:5e:a3:36:39:4d:fb:
2f:ab:a3:0f:9c:ff:5a:5e:c9:c3:ff:2c:6f:27:2f:
b6:64:0c:f9:ec:8a:16:f8:29:3f:5f:6a:08:94:57:
61:4a:30:1d:19:e1:8c:0b:95:de:99:76:df:17:91:
cd:3d:4d:92:87:60:2c:5c:b7:ab:14:4f:d2:46:79:
65:7e:47:04:41:3c:b9:67:07:1f:4a:79:01:6a:37:
18:b2:89:70:89:c7:72:f6:07:36:ea:c6:b4:a1:f7:
c9:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:28:E3:D0:81:1A:33:68:25:C7:AC:54:AC:CB:6B:AD:6F:CF:61:74
X509v3 Authority Key Identifier:
keyid:9C:D0:75:88:25:DD:89:CF:EE:5F:DE:CC:7D:CB:65:1F:0A:5D:10:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nNB1iCXdic_uX97MfctlHwpdEBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/7Cjj0IEaM2glx6xUrMtrrW_PYXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/nNB1iCXdic_uX97MfctlHwpdEBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.96.0/22
Signature Algorithm: sha256WithRSAEncryption
78:83:76:24:bd:31:1a:7f:72:5f:f2:dd:4d:ba:0a:f8:d1:94:
c4:23:e0:66:4f:09:53:5e:01:51:ee:98:5e:91:e1:31:eb:87:
7b:9d:fe:e2:3a:3c:18:17:65:a4:39:3d:76:4b:8b:bd:6e:55:
09:58:7b:8a:74:bd:db:a0:79:be:0b:fd:8c:47:f5:4a:0d:3a:
c5:57:ad:56:2e:8d:ee:b7:11:db:1a:3b:7f:9c:1f:50:29:70:
47:ba:c6:e0:dd:3d:98:27:08:fb:e6:e2:54:36:4c:eb:10:65:
09:dc:38:b7:fc:9c:dd:87:5a:e2:d1:c0:7e:78:d3:24:96:17:
92:a9:ad:b7:c2:a5:7f:0f:de:3f:99:d3:64:db:b8:5e:f2:4a:
69:d8:3b:00:9f:7d:64:c6:36:a0:63:64:cb:44:71:a8:a5:4e:
28:2f:67:cf:60:fb:a4:ae:5c:41:11:2b:d4:21:00:e9:f6:43:
6e:7d:e2:66:a1:aa:96:eb:67:70:51:f2:15:14:94:2e:f0:90:
6e:cd:07:4f:90:7c:f7:70:42:f3:d6:c0:ef:d5:dc:b6:77:ce:
db:35:a2:14:c9:34:76:11:61:ea:30:d6:21:b2:4d:80:cd:11:
ab:dc:d3:d6:6d:fd:62:18:26:d8:10:d7:69:43:a9:f8:90:9b:
db:79:28:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMi8jm3C+Mo+FYA22jyjWNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZDA3NTg4MjVkZDg5Y2ZlZTVmZGVjYzdkY2I2NTFmMGE1
ZDEwMTgwHhcNMjIwOTA5MTU1MDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzI4ZTNkMDgxMWEzMzY4MjVjN2FjNTRhY2NiNmJhZDZmY2Y2MTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlz2ElMOKSLU1hoU03wf1ZC8iOcip
+vLMvjgWqtlodVuISZ4sxhiN3RqFgeIAzkF4HOr1AC1r3O03H3C5guyN8Vj+Dtji
Wij3bNNgOt+TIChywChi1ttBjAok7L6kceyamkDOqixZ4xJcTcydeSoz5h4BXsKG
ZuPbHMcNQjphYD6NRfNu14n2XnXSnDW5GMWoawQhDxHaeuDoOF+miZleozY5Tfsv
q6MPnP9aXsnD/yxvJy+2ZAz57IoW+Ck/X2oIlFdhSjAdGeGMC5XemXbfF5HNPU2S
h2AsXLerFE/SRnllfkcEQTy5ZwcfSnkBajcYsolwicdy9gc26sa0offJewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOwo49CBGjNoJcesVKzLa61vz2F0MB8GA1UdIwQY
MBaAFJzQdYgl3YnP7l/ezH3LZR8KXRAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk5CMWlDWGRpY191WDk3TWZjdGxId3BkRUJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wZTY1MWUtOTBjNy00YWNkLTk3Yjkt
YTU0ZjhlNDgxM2U3LzEvN0NqajBJRWFNMmdseDZ4VXJNdHJyV19QWVhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wZTY1MWUtOTBjNy00YWNkLTk3YjktYTU0ZjhlNDgxM2U3
LzEvbk5CMWlDWGRpY191WDk3TWZjdGxId3BkRUJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQtgMA0G
CSqGSIb3DQEBCwUAA4IBAQB4g3YkvTEaf3Jf8t1Nugr40ZTEI+BmTwlTXgFR7phe
keEx64d7nf7iOjwYF2WkOT12S4u9blUJWHuKdL3boHm+C/2MR/VKDTrFV61WLo3u
txHbGjt/nB9QKXBHusbg3T2YJwj75uJUNkzrEGUJ3Di3/Jzdh1ri0cB+eNMklheS
qa23wqV/D94/mdNk27he8kpp2DsAn31kxjagY2TLRHGopU4oL2fPYPukrlxBESvU
IQDp9kNufeJmoaqW62dwUfIVFJQu8JBuzQdPkHz3cELz1sDv1dy2d87bNaIUyTR2
EWHqMNYhsk2AzRGr3NPWbf1iGCbYENdpQ6n4kJvbeShm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:36 2024 by rpki-client on console-ams.rpki-client.org