Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/213b9a-08b8-4ec6-9a4d-3caed94d99d5/1/BjgY-WmNntdLViwh4WAc6Xu4MKI.roa
File: BjgY-WmNntdLViwh4WAc6Xu4MKI.roa (raw, json)
Hash identifier: B9TReSSsNwoZop4NJNX6HL3TvzfHS3h7AgBBdEx72PE=
Subject key identifier: 06:38:18:F9:69:8D:9E:D7:4B:56:2C:21:E1:60:1C:E9:7B:B8:30:A2
Certificate issuer: /CN=c684b099a8a6e5262bf4b55049d50e7fcc40a73d
Certificate serial: 0188532578DDE9AD6E0C43223AD800AAECF9
Authority key identifier: C6:84:B0:99:A8:A6:E5:26:2B:F4:B5:50:49:D5:0E:7F:CC:40:A7:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xoSwmaim5SYr9LVQSdUOf8xApz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/213b9a-08b8-4ec6-9a4d-3caed94d99d5/1/BjgY-WmNntdLViwh4WAc6Xu4MKI.roa
Signing time: Thu 25 May 2023 13:42:24 +0000
ROA not before: Thu 25 May 2023 13:42:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 45.13.170.0/24 maxlen: 24
45.13.169.0/24 maxlen: 24
45.13.168.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:53:25:78:dd:e9:ad:6e:0c:43:22:3a:d8:00:aa:ec:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c684b099a8a6e5262bf4b55049d50e7fcc40a73d
Validity
Not Before: May 25 13:42:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=063818f9698d9ed74b562c21e1601ce97bb830a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cb:91:43:14:70:77:f1:68:f9:54:52:1e:8c:
9c:cd:55:d3:ca:b0:f7:f0:ba:e1:5b:10:9f:92:17:
42:ca:ce:28:5c:6a:91:d9:70:9d:66:fb:a9:e3:71:
ab:1c:62:78:30:27:47:4f:f0:ca:d8:5a:4c:12:3e:
ae:e5:58:b0:34:4b:c0:fd:e3:aa:86:da:e1:f4:5c:
0a:c7:e0:19:c6:0f:03:22:6b:30:f4:61:40:bd:d9:
cb:b1:de:a8:e1:96:75:f3:79:9f:a6:37:fe:a5:90:
f5:2d:b9:a3:f2:74:7c:ae:91:97:b5:1c:37:1a:91:
43:fa:23:0c:a1:01:cb:32:70:33:f4:5e:78:22:38:
e2:16:3b:4a:28:61:1c:96:4f:47:cf:98:e9:a7:66:
00:ff:30:09:cf:f5:5a:56:57:ce:c2:e3:d4:69:4d:
e3:2c:09:9e:b2:7e:be:c4:af:4e:4a:e4:f0:e2:1c:
a7:02:66:d0:b2:39:02:6e:0f:2c:ec:cc:54:db:a0:
bf:55:c6:68:ab:c5:1a:ae:44:f9:74:8d:e9:e3:04:
6c:05:1d:a6:ab:c4:d4:35:89:04:3b:eb:c2:88:b5:
b8:3f:d0:72:4d:4e:71:29:5e:6f:c0:13:36:05:1e:
2c:1d:c2:34:ec:ac:35:35:dd:96:c4:97:d2:d1:08:
24:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:38:18:F9:69:8D:9E:D7:4B:56:2C:21:E1:60:1C:E9:7B:B8:30:A2
X509v3 Authority Key Identifier:
keyid:C6:84:B0:99:A8:A6:E5:26:2B:F4:B5:50:49:D5:0E:7F:CC:40:A7:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xoSwmaim5SYr9LVQSdUOf8xApz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/213b9a-08b8-4ec6-9a4d-3caed94d99d5/1/BjgY-WmNntdLViwh4WAc6Xu4MKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/213b9a-08b8-4ec6-9a4d-3caed94d99d5/1/xoSwmaim5SYr9LVQSdUOf8xApz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.168.0-45.13.170.255
Signature Algorithm: sha256WithRSAEncryption
65:01:20:fb:a2:5e:4b:cf:e5:0c:69:69:82:6e:ce:b4:63:0d:
1d:1b:da:f1:5a:ea:cb:98:eb:7d:98:09:d8:1f:c0:62:d3:aa:
eb:38:40:24:f4:b9:85:dd:11:45:d1:f5:cf:28:4b:60:c7:8e:
2b:39:b3:fc:da:6a:f4:7c:75:cf:b8:42:42:d6:7d:f7:71:e1:
42:66:67:5a:b3:a9:b0:0b:13:76:96:1c:6e:aa:5d:9d:15:1b:
4a:c1:3d:41:d6:0b:54:8e:f9:9f:1a:d6:95:32:fc:b3:5c:a9:
91:98:ee:ef:70:ee:3c:a2:09:52:88:8f:73:0b:1e:79:4b:35:
8b:68:1c:17:c8:cd:eb:56:d4:76:cd:b5:bf:ea:11:4b:72:07:
f9:92:88:4e:98:87:63:e3:a0:86:df:38:37:66:3d:48:ac:a7:
56:9e:b5:9c:6a:aa:bb:29:85:5d:0e:1b:4c:37:40:5a:c1:78:
9b:0e:da:6d:a1:8f:77:15:e8:29:26:7b:90:17:7d:48:06:4c:
a2:42:5b:32:9e:1f:b1:b6:a2:d5:7e:f0:b3:01:8c:65:c2:6a:
cb:3a:41:8d:dd:a1:dc:86:b9:38:2d:dd:7f:2b:b5:e1:7d:a0:
81:1b:18:24:af:e1:01:f9:bc:2d:75:5f:ee:5d:bc:bd:46:f9:
27:a7:f1:4d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYhTJXjd6a1uDEMiOtgAquz5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ODRiMDk5YThhNmU1MjYyYmY0YjU1MDQ5ZDUwZTdmY2M0
MGE3M2QwHhcNMjMwNTI1MTM0MjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjM4MThmOTY5OGQ5ZWQ3NGI1NjJjMjFlMTYwMWNlOTdiYjgzMGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsuRQxRwd/Fo+VRSHoyczVXTyrD3
8LrhWxCfkhdCys4oXGqR2XCdZvup43GrHGJ4MCdHT/DK2FpMEj6u5ViwNEvA/eOq
htrh9FwKx+AZxg8DImsw9GFAvdnLsd6o4ZZ183mfpjf+pZD1Lbmj8nR8rpGXtRw3
GpFD+iMMoQHLMnAz9F54IjjiFjtKKGEclk9Hz5jpp2YA/zAJz/VaVlfOwuPUaU3j
LAmesn6+xK9OSuTw4hynAmbQsjkCbg8s7MxU26C/VcZoq8UarkT5dI3p4wRsBR2m
q8TUNYkEO+vCiLW4P9ByTU5xKV5vwBM2BR4sHcI07Kw1Nd2WxJfS0QgkeQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAY4GPlpjZ7XS1YsIeFgHOl7uDCiMB8GA1UdIwQY
MBaAFMaEsJmopuUmK/S1UEnVDn/MQKc9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG9Td21haW01U1lyOUxWUVNkVU9mOHhBcHowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi8yMTNiOWEtMDhiOC00ZWM2LTlhNGQt
M2NhZWQ5NGQ5OWQ1LzEvQmpnWS1XbU5udGRMVml3aDRXQWM2WHU0TUtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi8yMTNiOWEtMDhiOC00ZWM2LTlhNGQtM2NhZWQ5NGQ5OWQ1
LzEveG9Td21haW01U1lyOUxWUVNkVU9mOHhBcHowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMtDagD
BAAtDaowDQYJKoZIhvcNAQELBQADggEBAGUBIPuiXkvP5QxpaYJuzrRjDR0b2vFa
6suY632YCdgfwGLTqus4QCT0uYXdEUXR9c8oS2DHjis5s/zaavR8dc+4QkLWffdx
4UJmZ1qzqbALE3aWHG6qXZ0VG0rBPUHWC1SO+Z8a1pUy/LNcqZGY7u9w7jyiCVKI
j3MLHnlLNYtoHBfIzetW1HbNtb/qEUtyB/mSiE6Yh2PjoIbfODdmPUisp1aetZxq
qrsphV0OG0w3QFrBeJsO2m2hj3cV6Ckme5AXfUgGTKJCWzKeH7G2otV+8LMBjGXC
ass6QY3dodyGuTgt3X8rteF9oIEbGCSv4QH5vC11X+5dvL1G+Sen8U0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:34 2023 by rpki-client on console-ams.rpki-client.org