Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4996RPvJ8r7HEMRigvg-E9qJrv8.roa
File: 4996RPvJ8r7HEMRigvg-E9qJrv8.roa (raw, json)
Hash identifier: SzS3g1E/KFv3aFSxlQFJuwmObG9vwDBBGtsXyd2/K1Y=
Subject key identifier: E3:DF:7A:44:FB:C9:F2:BE:C7:10:C4:62:82:F8:3E:13:DA:89:AE:FF
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018571D72E3682E0B68DF7C7B8D94C4937E0
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4996RPvJ8r7HEMRigvg-E9qJrv8.roa
Signing time: Mon 02 Jan 2023 09:36:45 +0000
ROA not before: Mon 02 Jan 2023 09:36:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202513
IP address blocks: 45.90.237.0/24 maxlen: 24
45.90.239.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:2e:36:82:e0:b6:8d:f7:c7:b8:d9:4c:49:37:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 09:36:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3df7a44fbc9f2bec710c46282f83e13da89aeff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:23:09:7b:bb:30:82:9b:6b:47:c0:20:71:41:
d6:54:62:6c:63:06:e7:97:81:7a:ab:53:68:9a:e1:
00:87:3a:9e:e2:f0:c6:c3:27:4c:73:1d:62:41:04:
77:c1:25:74:f6:6d:db:ec:d4:fc:95:e9:cb:31:3d:
fb:1b:d5:06:41:e8:73:e0:6e:9d:02:34:de:37:48:
9b:03:c1:90:7e:f1:f8:01:79:74:c9:d4:bf:13:15:
1e:61:6e:2a:15:b6:b5:f1:c2:16:89:ab:68:b7:82:
b4:9f:66:19:ef:7d:e8:a6:5e:62:bb:a3:b7:1d:bc:
39:7d:41:b6:ac:c7:51:96:7e:fc:e0:7b:00:16:0a:
7e:95:05:ac:8f:c6:e1:ab:18:13:44:7d:05:45:fd:
17:14:15:d8:a1:c3:90:7b:65:79:9d:82:b7:32:01:
d4:fc:78:26:73:cd:ac:ae:ef:1d:f0:53:81:cb:23:
5e:96:a5:e8:81:18:9f:4c:c4:35:dd:24:c6:79:2a:
6d:b3:ea:a9:38:59:de:11:1d:6b:1e:21:6e:c1:da:
c2:f9:70:58:51:c7:fd:05:de:fa:6c:62:a9:ae:0d:
ce:ea:24:7d:52:e1:2f:43:34:bd:bd:90:79:cf:28:
78:a5:e6:5f:80:2c:cc:b0:50:e1:48:00:5b:68:57:
c0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:DF:7A:44:FB:C9:F2:BE:C7:10:C4:62:82:F8:3E:13:DA:89:AE:FF
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/4996RPvJ8r7HEMRigvg-E9qJrv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.237.0/24
45.90.239.0/24
Signature Algorithm: sha256WithRSAEncryption
53:a6:3c:f5:45:50:49:5f:41:04:e0:f2:c2:c9:3c:5a:3b:cb:
44:4e:5d:08:91:9e:44:58:fb:25:bd:7e:f7:66:3e:f7:98:ea:
f7:2c:69:89:59:4b:0a:29:a0:96:bc:fc:2e:7a:8b:e3:77:49:
78:d8:0c:cc:d8:39:f7:36:6b:91:a1:7e:4e:d8:26:8c:fd:77:
52:e7:dc:19:f9:6c:bd:9b:e1:b9:04:68:81:e5:e0:d1:6a:e6:
85:a4:6c:77:f4:3d:de:18:22:42:1b:10:4a:84:b8:ce:0d:40:
49:5d:47:ef:67:6e:ea:e2:fa:76:ee:85:61:f2:e9:4b:61:10:
cf:09:fb:17:68:b4:b2:84:ec:b6:60:0d:85:12:78:07:08:ce:
04:16:66:3f:ab:35:42:bd:6c:52:6a:a5:a4:95:16:54:cf:9a:
b9:42:12:e6:a8:ba:7f:b3:97:96:2e:eb:10:61:c0:64:e8:43:
20:e1:35:48:d5:74:97:22:e2:25:ff:e0:9a:4c:d1:bd:ee:ff:
19:03:c0:67:53:a9:81:d3:a1:8f:dd:d0:ab:7e:ee:d6:3e:0d:
1c:14:f9:6e:14:b7:28:ec:f4:39:00:54:63:95:32:d9:55:5d:
1e:3b:08:d6:91:1f:c6:55:ed:de:d1:08:4f:57:56:8e:08:80:
a3:bd:bd:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx1y42guC2jffHuNlMSTfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTAyMDkzNjQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2RmN2E0NGZiYzlmMmJlYzcxMGM0NjI4MmY4M2UxM2RhODlhZWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CMJe7swgptrR8AgcUHWVGJsYwbn
l4F6q1NomuEAhzqe4vDGwydMcx1iQQR3wSV09m3b7NT8lenLMT37G9UGQehz4G6d
AjTeN0ibA8GQfvH4AXl0ydS/ExUeYW4qFba18cIWiatot4K0n2YZ733opl5iu6O3
Hbw5fUG2rMdRln784HsAFgp+lQWsj8bhqxgTRH0FRf0XFBXYocOQe2V5nYK3MgHU
/Hgmc82sru8d8FOByyNelqXogRifTMQ13STGeSpts+qpOFneER1rHiFuwdrC+XBY
Ucf9Bd76bGKprg3O6iR9UuEvQzS9vZB5zyh4peZfgCzMsFDhSABbaFfAEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOPfekT7yfK+xxDEYoL4PhPaia7/MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvNDk5NlJQdko4cjdIRU1SaWd2Zy1FOXFKcnY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVrtAwQA
LVrvMA0GCSqGSIb3DQEBCwUAA4IBAQBTpjz1RVBJX0EE4PLCyTxaO8tETl0IkZ5E
WPslvX73Zj73mOr3LGmJWUsKKaCWvPwueovjd0l42AzM2Dn3NmuRoX5O2CaM/XdS
59wZ+Wy9m+G5BGiB5eDRauaFpGx39D3eGCJCGxBKhLjODUBJXUfvZ27q4vp27oVh
8ulLYRDPCfsXaLSyhOy2YA2FEngHCM4EFmY/qzVCvWxSaqWklRZUz5q5QhLmqLp/
s5eWLusQYcBk6EMg4TVI1XSXIuIl/+CaTNG97v8ZA8BnU6mB06GP3dCrfu7WPg0c
FPluFLco7PQ5AFRjlTLZVV0eOwjWkR/GVe3e0QhPV1aOCICjvb2c
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org