Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/213b9a-08b8-4ec6-9a4d-3caed94d99d5/1/viq7z2VM1n6yLWC7oJoiK0-gQzs.roa
File: viq7z2VM1n6yLWC7oJoiK0-gQzs.roa (raw, json)
Hash identifier: MwPiOEN7K9V2L+TZr5kJS6CCidzuqo80uF8vuRqF7yM=
Subject key identifier: BE:2A:BB:CF:65:4C:D6:7E:B2:2D:60:BB:A0:9A:22:2B:4F:A0:43:3B
Certificate issuer: /CN=c684b099a8a6e5262bf4b55049d50e7fcc40a73d
Certificate serial: 018853248F53728092B0D4BA07BF98E9ADE1
Authority key identifier: C6:84:B0:99:A8:A6:E5:26:2B:F4:B5:50:49:D5:0E:7F:CC:40:A7:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xoSwmaim5SYr9LVQSdUOf8xApz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/213b9a-08b8-4ec6-9a4d-3caed94d99d5/1/viq7z2VM1n6yLWC7oJoiK0-gQzs.roa
Signing time: Thu 25 May 2023 13:41:24 +0000
ROA not before: Thu 25 May 2023 13:41:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48146
IP address blocks: 45.13.168.0/24 maxlen: 24
45.13.169.0/24 maxlen: 24
45.13.170.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:53:24:8f:53:72:80:92:b0:d4:ba:07:bf:98:e9:ad:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c684b099a8a6e5262bf4b55049d50e7fcc40a73d
Validity
Not Before: May 25 13:41:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be2abbcf654cd67eb22d60bba09a222b4fa0433b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8a:bf:44:08:5e:7c:9f:f6:64:d6:1a:4b:f3:
1a:f6:85:4a:df:59:9b:cb:27:73:02:77:ed:53:0f:
b2:42:26:5d:ac:f0:f3:2a:c2:fa:cc:f7:f3:b6:04:
92:68:63:2e:c6:52:c4:6f:7d:90:04:3c:6b:ad:8e:
b2:0d:c9:09:d1:de:14:8c:bc:f9:81:2e:0c:d7:82:
97:7c:63:4e:5d:03:b9:96:fa:9a:f6:43:b5:2a:21:
ab:37:ec:a3:eb:3d:ca:45:d6:89:b5:13:87:9d:21:
1d:13:44:ee:5d:04:7d:77:57:10:3f:fb:ec:65:7d:
93:0a:30:41:0b:ec:b6:bf:1d:72:b7:af:a5:13:4d:
91:04:dd:46:9d:6b:ee:bb:68:0b:08:b4:d2:f6:61:
80:da:f0:ae:68:7c:64:75:a7:4d:1b:a2:e4:f6:43:
d1:72:92:aa:c9:da:ba:15:04:33:d6:78:97:9a:71:
1d:bc:b3:83:98:26:7c:3a:f9:4d:1b:7f:24:a1:a7:
b8:86:64:34:85:fa:0c:9a:7c:08:f6:41:12:b0:cb:
49:2e:a6:83:cb:17:8b:c9:b7:d3:f8:1e:2b:14:57:
f5:fe:ff:9c:c6:7d:4d:31:5f:0c:f3:5c:23:d0:05:
74:b0:42:46:87:96:a6:a6:94:b3:d2:b9:bd:a6:a0:
1c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:2A:BB:CF:65:4C:D6:7E:B2:2D:60:BB:A0:9A:22:2B:4F:A0:43:3B
X509v3 Authority Key Identifier:
keyid:C6:84:B0:99:A8:A6:E5:26:2B:F4:B5:50:49:D5:0E:7F:CC:40:A7:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xoSwmaim5SYr9LVQSdUOf8xApz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/213b9a-08b8-4ec6-9a4d-3caed94d99d5/1/viq7z2VM1n6yLWC7oJoiK0-gQzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/213b9a-08b8-4ec6-9a4d-3caed94d99d5/1/xoSwmaim5SYr9LVQSdUOf8xApz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.168.0-45.13.170.255
Signature Algorithm: sha256WithRSAEncryption
79:b8:93:d8:24:1c:ea:79:25:fd:ec:78:d5:05:20:28:0f:c6:
09:8a:ee:e6:1d:7f:f7:77:67:7d:df:b3:05:3b:fc:8b:d3:a6:
ea:95:00:4c:99:d1:50:3a:61:d1:e8:ac:9c:b1:4b:65:55:5f:
e9:bb:ac:18:55:1d:42:0c:a6:09:48:ad:67:03:9d:df:6a:cc:
31:5b:90:21:58:fe:57:51:c9:98:54:02:20:1e:57:46:d3:02:
92:f0:11:fa:7c:69:7b:c8:ec:ea:a9:c2:4a:1d:08:70:55:ea:
66:1a:c3:24:00:91:30:85:9d:c7:b5:0c:c4:66:4d:1b:6c:f6:
bc:ea:a2:96:f9:0d:9a:cf:de:0e:5e:b2:be:35:77:76:a8:6f:
fa:a1:57:f6:99:dc:92:ca:2d:2d:6e:6d:28:25:b2:e5:62:22:
8b:ae:7d:3f:44:10:83:70:de:9d:f3:7b:d7:c8:8a:bc:86:74:
b2:db:5f:57:46:0d:cb:d8:0e:f3:ac:31:ab:37:ec:b2:ff:c5:
9f:68:36:14:67:75:2e:97:ca:d5:f3:c6:e2:50:19:f7:51:89:
06:55:0b:29:25:09:e3:0e:85:0c:f2:68:b4:42:33:af:1a:5d:
a8:4a:8f:81:28:d6:13:88:27:38:18:aa:07:b7:66:c6:ea:05:
61:c5:1d:db
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYhTJI9TcoCSsNS6B7+Y6a3hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ODRiMDk5YThhNmU1MjYyYmY0YjU1MDQ5ZDUwZTdmY2M0
MGE3M2QwHhcNMjMwNTI1MTM0MTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTJhYmJjZjY1NGNkNjdlYjIyZDYwYmJhMDlhMjIyYjRmYTA0MzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYq/RAhefJ/2ZNYaS/Ma9oVK31mb
yydzAnftUw+yQiZdrPDzKsL6zPfztgSSaGMuxlLEb32QBDxrrY6yDckJ0d4UjLz5
gS4M14KXfGNOXQO5lvqa9kO1KiGrN+yj6z3KRdaJtROHnSEdE0TuXQR9d1cQP/vs
ZX2TCjBBC+y2vx1yt6+lE02RBN1GnWvuu2gLCLTS9mGA2vCuaHxkdadNG6Lk9kPR
cpKqydq6FQQz1niXmnEdvLODmCZ8OvlNG38koae4hmQ0hfoMmnwI9kESsMtJLqaD
yxeLybfT+B4rFFf1/v+cxn1NMV8M81wj0AV0sEJGh5amppSz0rm9pqAcgwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFL4qu89lTNZ+si1gu6CaIitPoEM7MB8GA1UdIwQY
MBaAFMaEsJmopuUmK/S1UEnVDn/MQKc9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG9Td21haW01U1lyOUxWUVNkVU9mOHhBcHowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi8yMTNiOWEtMDhiOC00ZWM2LTlhNGQt
M2NhZWQ5NGQ5OWQ1LzEvdmlxN3oyVk0xbjZ5TFdDN29Kb2lLMC1nUXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi8yMTNiOWEtMDhiOC00ZWM2LTlhNGQtM2NhZWQ5NGQ5OWQ1
LzEveG9Td21haW01U1lyOUxWUVNkVU9mOHhBcHowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMtDagD
BAAtDaowDQYJKoZIhvcNAQELBQADggEBAHm4k9gkHOp5Jf3seNUFICgPxgmK7uYd
f/d3Z33fswU7/IvTpuqVAEyZ0VA6YdHorJyxS2VVX+m7rBhVHUIMpglIrWcDnd9q
zDFbkCFY/ldRyZhUAiAeV0bTApLwEfp8aXvI7OqpwkodCHBV6mYawyQAkTCFnce1
DMRmTRts9rzqopb5DZrP3g5esr41d3aob/qhV/aZ3JLKLS1ubSglsuViIouufT9E
EINw3p3ze9fIiryGdLLbX1dGDcvYDvOsMas37LL/xZ9oNhRndS6XytXzxuJQGfdR
iQZVCyklCeMOhQzyaLRCM68aXahKj4Eo1hOIJzgYqge3ZsbqBWHFHds=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:16 2024 by rpki-client on console-ams.rpki-client.org