Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/_cai8wtVYWcI_g3aa1hGe6yfljc.roa
File: _cai8wtVYWcI_g3aa1hGe6yfljc.roa (raw, json)
Hash identifier: gDnMBlBAClWYSnumijtIjFuzGIYQuHNTRlUtbFDDozM=
Subject key identifier: FD:C6:A2:F3:0B:55:61:67:08:FE:0D:DA:6B:58:46:7B:AC:9F:96:37
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 0186054EFD47F652A96BF7B88302DCDD6BA6
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/_cai8wtVYWcI_g3aa1hGe6yfljc.roa
Signing time: Tue 31 Jan 2023 00:51:48 +0000
ROA not before: Tue 31 Jan 2023 00:51:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207645
IP address blocks: 45.137.18.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:05:4e:fd:47:f6:52:a9:6b:f7:b8:83:02:dc:dd:6b:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Jan 31 00:51:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdc6a2f30b55616708fe0dda6b58467bac9f9637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:84:d6:6e:b7:b2:ef:4e:cc:31:26:0c:15:db:
0b:23:47:0c:28:bd:54:eb:fa:19:8b:1d:0c:13:23:
7d:3d:07:17:c3:db:19:fc:6d:1a:3f:ee:e0:af:24:
88:51:ab:80:83:20:12:9c:0a:2b:3d:ee:ac:8c:75:
45:b8:7d:9a:38:24:36:93:75:23:20:93:ae:6c:6c:
d0:b3:50:7f:96:6c:23:0a:40:c8:f6:db:06:d0:9c:
e1:a4:71:94:ca:0d:c8:91:c0:91:c8:db:dd:04:ec:
59:f5:7b:58:f0:1f:4c:bb:bb:fe:14:dc:08:85:1c:
34:7a:98:3a:26:c5:2f:4d:3d:e6:2b:9e:17:7f:4b:
d8:05:81:cb:4d:77:d6:dd:87:5a:78:11:99:13:d0:
d6:e4:04:dd:04:e7:94:fd:b3:e4:1f:1d:e0:d1:8f:
da:7a:f7:b3:c5:93:77:ea:06:ed:e4:52:10:d4:2b:
56:5d:aa:f3:ce:a1:ec:17:b0:a2:4f:40:cc:0d:57:
f9:15:3d:e2:62:c1:ac:58:99:4b:a6:32:be:b3:9a:
ba:cd:ac:17:a5:08:c7:19:2a:1b:30:4b:55:0d:39:
cd:de:f7:20:96:2e:d2:51:b0:55:d1:5f:04:89:aa:
42:21:17:6a:0d:f0:dd:91:c2:0c:bf:6a:da:37:d2:
18:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C6:A2:F3:0B:55:61:67:08:FE:0D:DA:6B:58:46:7B:AC:9F:96:37
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/_cai8wtVYWcI_g3aa1hGe6yfljc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.18.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:52:a2:2a:15:ae:72:d1:ae:d9:15:59:fe:84:b9:12:2f:07:
14:1d:a0:e0:ba:ea:c6:51:76:83:49:c8:c3:ae:05:fc:d7:6b:
b5:aa:93:0a:d6:8a:0c:0d:a8:a7:32:10:c0:f7:2e:65:d3:49:
84:2c:6e:2b:8c:2b:2a:42:12:c1:6c:51:ab:79:e7:b2:12:c3:
df:1d:0b:b5:2c:e1:4e:9e:c4:a5:55:4d:14:ec:16:ac:56:b7:
64:42:f0:dc:77:0c:01:69:73:72:de:05:06:6b:e7:cd:98:c3:
6f:52:c5:26:f5:2c:71:48:d1:ea:28:80:25:55:3e:f7:a4:7d:
1f:8a:4b:9f:0f:6f:e0:aa:46:3e:6c:65:b8:6a:7b:90:47:30:
f0:fa:d6:b1:3b:0e:ca:47:f1:50:3f:32:8d:29:1d:4f:9d:9e:
b9:22:a2:b7:67:71:16:10:1d:bc:7e:85:b6:0f:c7:37:59:b2:
bf:d0:f3:66:39:1f:75:cf:9d:b4:9e:51:81:3a:e8:a8:a7:35:
8a:8a:33:74:b1:f9:51:8c:ea:ce:32:52:9f:ce:17:b3:6c:ff:
50:a5:fc:86:83:63:bd:c2:c2:16:41:ee:e2:3d:7f:7c:72:3f:
fe:ef:b0:8e:a0:0b:72:9a:ba:b8:b4:e9:8e:29:57:e2:64:54:
a9:1f:f1:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYFTv1H9lKpa/e4gwLc3WumMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjMwMTMxMDA1MTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGM2YTJmMzBiNTU2MTY3MDhmZTBkZGE2YjU4NDY3YmFjOWY5NjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgITWbrey707MMSYMFdsLI0cMKL1U
6/oZix0MEyN9PQcXw9sZ/G0aP+7grySIUauAgyASnAorPe6sjHVFuH2aOCQ2k3Uj
IJOubGzQs1B/lmwjCkDI9tsG0JzhpHGUyg3IkcCRyNvdBOxZ9XtY8B9Mu7v+FNwI
hRw0epg6JsUvTT3mK54Xf0vYBYHLTXfW3YdaeBGZE9DW5ATdBOeU/bPkHx3g0Y/a
evezxZN36gbt5FIQ1CtWXarzzqHsF7CiT0DMDVf5FT3iYsGsWJlLpjK+s5q6zawX
pQjHGSobMEtVDTnN3vcgli7SUbBV0V8EiapCIRdqDfDdkcIMv2raN9IYQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP3GovMLVWFnCP4N2mtYRnusn5Y3MB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvX2NhaTh3dFZZV2NJX2czYWExaEdlNnlmbGpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYkSMA0G
CSqGSIb3DQEBCwUAA4IBAQDPUqIqFa5y0a7ZFVn+hLkSLwcUHaDguurGUXaDScjD
rgX812u1qpMK1ooMDainMhDA9y5l00mELG4rjCsqQhLBbFGreeeyEsPfHQu1LOFO
nsSlVU0U7BasVrdkQvDcdwwBaXNy3gUGa+fNmMNvUsUm9SxxSNHqKIAlVT73pH0f
ikufD2/gqkY+bGW4anuQRzDw+taxOw7KR/FQPzKNKR1PnZ65IqK3Z3EWEB28foW2
D8c3WbK/0PNmOR91z520nlGBOuiopzWKijN0sflRjOrOMlKfzhezbP9QpfyGg2O9
wsIWQe7iPX98cj/+77COoAtymrq4tOmOKVfiZFSpH/Hl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:43 2024 by rpki-client on console-ams.rpki-client.org