Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/YPiGuavZ_PvXu35sdxuvQvu_kys.roa
File: YPiGuavZ_PvXu35sdxuvQvu_kys.roa (raw, json)
Hash identifier: fKegbwkNGA0hE4wmFYUp0ngXNiXvCbQzWjFfSLUp5h0=
Subject key identifier: 60:F8:86:B9:AB:D9:FC:FB:D7:BB:7E:6C:77:1B:AF:42:FB:BF:93:2B
Certificate issuer: /CN=9cd0758825dd89cfee5fdecc7dcb651f0a5d1018
Certificate serial: 018E3781EBC16F4D2A33DF26A108E1784234
Authority key identifier: 9C:D0:75:88:25:DD:89:CF:EE:5F:DE:CC:7D:CB:65:1F:0A:5D:10:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nNB1iCXdic_uX97MfctlHwpdEBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/YPiGuavZ_PvXu35sdxuvQvu_kys.roa
Signing time: Wed 13 Mar 2024 11:10:45 +0000
ROA not before: Wed 13 Mar 2024 11:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47952
IP address blocks: 45.145.21.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:37:81:eb:c1:6f:4d:2a:33:df:26:a1:08:e1:78:42:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cd0758825dd89cfee5fdecc7dcb651f0a5d1018
Validity
Not Before: Mar 13 11:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60f886b9abd9fcfbd7bb7e6c771baf42fbbf932b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:33:67:1d:ea:49:01:0f:af:01:a2:ca:51:ec:
b8:80:ea:94:61:39:e6:bd:10:4c:82:ae:0e:22:0e:
04:33:06:eb:6a:f6:19:27:51:1d:eb:93:9d:ce:2d:
cd:61:3c:66:61:f4:a1:90:ec:8e:e0:63:5b:d0:91:
7b:94:b0:17:5a:3e:30:5f:bd:e4:38:f8:ad:4e:82:
98:17:f0:90:b4:bd:7d:cc:29:78:b2:a8:d4:08:9f:
c6:08:3b:0e:e6:08:cf:67:13:f0:2c:bf:35:fe:63:
4f:25:b5:e5:63:df:c1:50:d0:11:ca:a1:66:0c:43:
64:b7:6d:c4:57:fb:87:8e:63:98:33:a3:94:6c:c0:
49:15:00:fe:79:29:ef:19:4a:8d:0e:09:ff:1d:d4:
46:fd:b9:74:39:09:2e:40:5c:f3:8d:20:ef:78:76:
ef:bf:85:da:9c:40:f5:ec:62:5b:61:26:27:e6:08:
df:65:87:91:95:5e:b9:33:58:e5:47:fb:e3:34:08:
2a:e7:05:01:61:06:0c:a8:c2:4a:22:33:2f:c4:fe:
d5:01:6d:41:9b:26:09:3a:67:56:a6:a8:e3:91:b3:
1a:3a:69:40:a2:5d:c5:16:9b:e6:4a:86:1e:e0:6a:
4d:f7:fa:5a:72:4a:af:1c:78:e8:b6:f3:1d:fc:c0:
1a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F8:86:B9:AB:D9:FC:FB:D7:BB:7E:6C:77:1B:AF:42:FB:BF:93:2B
X509v3 Authority Key Identifier:
keyid:9C:D0:75:88:25:DD:89:CF:EE:5F:DE:CC:7D:CB:65:1F:0A:5D:10:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nNB1iCXdic_uX97MfctlHwpdEBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/YPiGuavZ_PvXu35sdxuvQvu_kys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0e651e-90c7-4acd-97b9-a54f8e4813e7/1/nNB1iCXdic_uX97MfctlHwpdEBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.21.0/24
Signature Algorithm: sha256WithRSAEncryption
36:94:75:00:78:3e:b0:a0:10:48:41:0b:fa:a3:a9:98:da:60:
f1:6a:61:f5:8f:9d:26:7f:ae:da:f6:3f:95:e9:4c:17:99:c7:
64:b2:a0:97:65:04:3e:5c:78:cc:c6:b0:0c:dd:a3:1e:a6:9d:
bf:6c:ea:09:f2:4c:0f:6b:6d:3c:a8:b6:aa:49:4f:7f:37:d1:
7c:5b:00:91:81:ae:38:c1:08:68:41:b2:8d:91:fe:f2:48:b5:
f5:d0:5d:11:21:57:f2:e3:18:35:c6:1b:f8:7c:0a:a5:f4:ac:
bc:6a:4a:bb:5a:cb:90:52:a4:a6:cd:98:2e:0d:7a:f9:96:32:
bb:25:55:0a:7a:41:b9:b8:3f:31:9c:aa:30:cb:5b:74:f7:e8:
23:d1:57:35:60:9a:90:75:3a:43:22:ce:dd:4c:a2:cd:20:eb:
80:37:04:98:db:86:1a:59:fd:e0:2a:69:d6:3c:8c:86:3b:96:
22:4d:a8:99:c2:55:22:91:77:38:c4:28:ad:62:31:87:f9:86:
3c:79:c5:de:d5:b2:26:8e:6c:f0:ae:6e:ff:2a:bf:2c:46:d4:
b2:a9:3f:88:6f:72:ad:a8:6a:1e:a1:61:76:63:40:ef:1a:1a:
bc:e7:d0:f8:be:91:ad:c6:8f:54:99:01:f3:04:32:0d:8e:c6:
77:38:98:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY43gevBb00qM98moQjheEI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljZDA3NTg4MjVkZDg5Y2ZlZTVmZGVjYzdkY2I2NTFmMGE1
ZDEwMTgwHhcNMjQwMzEzMTExMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGY4ODZiOWFiZDlmY2ZiZDdiYjdlNmM3NzFiYWY0MmZiYmY5MzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDNnHepJAQ+vAaLKUey4gOqUYTnm
vRBMgq4OIg4EMwbravYZJ1Ed65Odzi3NYTxmYfShkOyO4GNb0JF7lLAXWj4wX73k
OPitToKYF/CQtL19zCl4sqjUCJ/GCDsO5gjPZxPwLL81/mNPJbXlY9/BUNARyqFm
DENkt23EV/uHjmOYM6OUbMBJFQD+eSnvGUqNDgn/HdRG/bl0OQkuQFzzjSDveHbv
v4XanED17GJbYSYn5gjfZYeRlV65M1jlR/vjNAgq5wUBYQYMqMJKIjMvxP7VAW1B
myYJOmdWpqjjkbMaOmlAol3FFpvmSoYe4GpN9/packqvHHjotvMd/MAaYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGD4hrmr2fz717t+bHcbr0L7v5MrMB8GA1UdIwQY
MBaAFJzQdYgl3YnP7l/ezH3LZR8KXRAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk5CMWlDWGRpY191WDk3TWZjdGxId3BkRUJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wZTY1MWUtOTBjNy00YWNkLTk3Yjkt
YTU0ZjhlNDgxM2U3LzEvWVBpR3VhdlpfUHZYdTM1c2R4dXZRdnVfa3lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wZTY1MWUtOTBjNy00YWNkLTk3YjktYTU0ZjhlNDgxM2U3
LzEvbk5CMWlDWGRpY191WDk3TWZjdGxId3BkRUJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZEVMA0G
CSqGSIb3DQEBCwUAA4IBAQA2lHUAeD6woBBIQQv6o6mY2mDxamH1j50mf67a9j+V
6UwXmcdksqCXZQQ+XHjMxrAM3aMepp2/bOoJ8kwPa208qLaqSU9/N9F8WwCRga44
wQhoQbKNkf7ySLX10F0RIVfy4xg1xhv4fAql9Ky8akq7WsuQUqSmzZguDXr5ljK7
JVUKekG5uD8xnKowy1t09+gj0Vc1YJqQdTpDIs7dTKLNIOuANwSY24YaWf3gKmnW
PIyGO5YiTaiZwlUikXc4xCitYjGH+YY8ecXe1bImjmzwrm7/Kr8sRtSyqT+Ib3Kt
qGoeoWF2Y0DvGhq859D4vpGtxo9UmQHzBDINjsZ3OJjp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:09 2024 by rpki-client on console-fra.rpki-client.org