Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/213b9a-08b8-4ec6-9a4d-3caed94d99d5/1/YBGs9dtLKJzjbDsYbj9rTcLLoko.roa
File: YBGs9dtLKJzjbDsYbj9rTcLLoko.roa (raw, json)
Hash identifier: 2L4HoY+wmdo6VD90YYROoZPiagGdVp+zOgMuuxRCAnA=
Subject key identifier: 60:11:AC:F5:DB:4B:28:9C:E3:6C:3B:18:6E:3F:6B:4D:C2:CB:A2:4A
Certificate issuer: /CN=c684b099a8a6e5262bf4b55049d50e7fcc40a73d
Certificate serial: 0187FC51278B0AA5804007ED9788FD5A23A7
Authority key identifier: C6:84:B0:99:A8:A6:E5:26:2B:F4:B5:50:49:D5:0E:7F:CC:40:A7:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xoSwmaim5SYr9LVQSdUOf8xApz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/213b9a-08b8-4ec6-9a4d-3caed94d99d5/1/YBGs9dtLKJzjbDsYbj9rTcLLoko.roa
Signing time: Mon 08 May 2023 17:03:09 +0000
ROA not before: Mon 08 May 2023 17:03:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 45.13.168.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fc:51:27:8b:0a:a5:80:40:07:ed:97:88:fd:5a:23:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c684b099a8a6e5262bf4b55049d50e7fcc40a73d
Validity
Not Before: May 8 17:03:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6011acf5db4b289ce36c3b186e3f6b4dc2cba24a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3e:bd:ae:0e:7f:f3:06:cf:b5:5f:f5:9b:99:
4c:86:31:b7:28:6f:56:b2:9e:c4:9b:5d:c4:43:84:
2e:c8:c7:c5:ab:ba:f2:f5:72:d7:06:ac:b2:74:c8:
47:9a:7b:a8:fd:c7:7d:72:7b:d8:f0:1a:62:8e:39:
0d:c2:ff:b6:b3:56:2b:b0:f8:99:a6:96:04:b9:04:
e1:e0:9a:22:47:8e:e3:1f:3e:00:3b:49:73:cb:81:
9c:18:0d:06:e3:ea:cc:93:8d:83:2d:3e:40:b5:9e:
bc:51:c1:dc:d7:93:80:15:e4:94:31:8d:30:01:ea:
0c:53:6f:67:3d:7f:95:17:db:7f:77:f5:75:46:24:
27:13:98:19:f9:21:ae:c6:c9:74:1c:2e:3c:7e:dd:
9a:e3:ea:ec:5a:b2:6d:74:88:78:45:bc:7f:bd:91:
25:97:2e:c8:00:d8:bb:94:72:48:bb:54:11:99:88:
d0:e0:dc:c4:de:fb:4e:6f:9d:b2:d9:f9:3f:6c:8a:
dd:60:45:80:ae:70:48:c1:61:48:1d:63:28:c8:65:
16:bc:f9:ac:83:08:ac:3b:57:5c:6d:bc:76:2c:66:
0f:33:bb:09:6f:7c:ce:b2:30:0c:26:f0:f4:bd:2c:
c1:35:cb:64:e4:c9:11:32:2c:0a:3c:a9:8e:57:ae:
36:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:11:AC:F5:DB:4B:28:9C:E3:6C:3B:18:6E:3F:6B:4D:C2:CB:A2:4A
X509v3 Authority Key Identifier:
keyid:C6:84:B0:99:A8:A6:E5:26:2B:F4:B5:50:49:D5:0E:7F:CC:40:A7:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xoSwmaim5SYr9LVQSdUOf8xApz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/213b9a-08b8-4ec6-9a4d-3caed94d99d5/1/YBGs9dtLKJzjbDsYbj9rTcLLoko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/213b9a-08b8-4ec6-9a4d-3caed94d99d5/1/xoSwmaim5SYr9LVQSdUOf8xApz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.168.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:f3:99:53:11:57:1a:15:ca:9b:f5:a2:81:0c:7e:6f:f0:19:
7d:3f:4d:c3:81:25:73:93:ce:a9:f2:77:64:21:6e:97:1b:e5:
79:be:c9:38:96:d7:a2:49:3e:f0:5a:81:70:35:6c:5b:e9:a1:
d0:50:32:90:3e:99:18:5e:0e:a1:56:83:80:c3:29:60:c5:a7:
c8:ff:bd:2b:0a:26:3f:0a:83:09:f1:ce:28:bf:9f:42:3b:5f:
6f:1d:3f:22:c6:d4:7b:20:f9:3f:0e:e2:83:82:56:23:39:4d:
01:9e:9f:75:83:12:2e:34:02:79:eb:43:d3:2d:33:23:2b:7c:
76:88:e9:c5:1d:1f:41:db:d9:82:20:52:2f:67:ca:21:9c:e2:
87:51:5f:02:c8:cf:6d:3c:c4:5a:31:75:7e:88:68:df:b2:d0:
81:e9:aa:c8:1e:ea:5d:7f:92:a9:eb:00:46:d3:d9:af:6e:7a:
5e:5f:b4:b0:30:94:58:cb:fa:32:60:0f:1f:2e:fb:c7:d5:93:
e4:20:6a:b0:e5:26:a5:e1:1c:2c:c2:a2:b3:2a:dc:5b:bd:90:
e6:d8:a8:91:91:da:2c:c8:5b:fc:9d:6e:a1:f9:54:d2:e1:f1:
ca:f6:6e:98:c8:87:20:ab:23:ec:94:9a:dc:db:8e:66:61:32:
e6:d9:80:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYf8USeLCqWAQAftl4j9WiOnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ODRiMDk5YThhNmU1MjYyYmY0YjU1MDQ5ZDUwZTdmY2M0
MGE3M2QwHhcNMjMwNTA4MTcwMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDExYWNmNWRiNGIyODljZTM2YzNiMTg2ZTNmNmI0ZGMyY2JhMjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkz69rg5/8wbPtV/1m5lMhjG3KG9W
sp7Em13EQ4QuyMfFq7ry9XLXBqyydMhHmnuo/cd9cnvY8BpijjkNwv+2s1YrsPiZ
ppYEuQTh4JoiR47jHz4AO0lzy4GcGA0G4+rMk42DLT5AtZ68UcHc15OAFeSUMY0w
AeoMU29nPX+VF9t/d/V1RiQnE5gZ+SGuxsl0HC48ft2a4+rsWrJtdIh4Rbx/vZEl
ly7IANi7lHJIu1QRmYjQ4NzE3vtOb52y2fk/bIrdYEWArnBIwWFIHWMoyGUWvPms
gwisO1dcbbx2LGYPM7sJb3zOsjAMJvD0vSzBNctk5MkRMiwKPKmOV6426QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGARrPXbSyic42w7GG4/a03Cy6JKMB8GA1UdIwQY
MBaAFMaEsJmopuUmK/S1UEnVDn/MQKc9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG9Td21haW01U1lyOUxWUVNkVU9mOHhBcHowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi8yMTNiOWEtMDhiOC00ZWM2LTlhNGQt
M2NhZWQ5NGQ5OWQ1LzEvWUJHczlkdExLSnpqYkRzWWJqOXJUY0xMb2tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi8yMTNiOWEtMDhiOC00ZWM2LTlhNGQtM2NhZWQ5NGQ5OWQ1
LzEveG9Td21haW01U1lyOUxWUVNkVU9mOHhBcHowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ2oMA0G
CSqGSIb3DQEBCwUAA4IBAQC285lTEVcaFcqb9aKBDH5v8Bl9P03DgSVzk86p8ndk
IW6XG+V5vsk4lteiST7wWoFwNWxb6aHQUDKQPpkYXg6hVoOAwylgxafI/70rCiY/
CoMJ8c4ov59CO19vHT8ixtR7IPk/DuKDglYjOU0Bnp91gxIuNAJ560PTLTMjK3x2
iOnFHR9B29mCIFIvZ8ohnOKHUV8CyM9tPMRaMXV+iGjfstCB6arIHupdf5Kp6wBG
09mvbnpeX7SwMJRYy/oyYA8fLvvH1ZPkIGqw5Sal4RwswqKzKtxbvZDm2KiRkdos
yFv8nW6h+VTS4fHK9m6YyIcgqyPslJrc245mYTLm2YDv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:16 2024 by rpki-client on console-ams.rpki-client.org