Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/226996-4b3f-4f5f-8a7e-0b1b6641b8a2/1/sbRHj1xJjmJPc7_1ZeA1bl9MMe4.roa
File: sbRHj1xJjmJPc7_1ZeA1bl9MMe4.roa (raw, json)
Hash identifier: MezVmMMesJH0zVpobTFDJf/LiAGs6AwdmEUlG3DNq7c=
Subject key identifier: B1:B4:47:8F:5C:49:8E:62:4F:73:BF:F5:65:E0:35:6E:5F:4C:31:EE
Certificate issuer: /CN=f97a546b66e2449ce628432dd80ad6d4d00cd03e
Certificate serial: 018CC49396F47367E2D947DF2D7CDDE06969
Authority key identifier: F9:7A:54:6B:66:E2:44:9C:E6:28:43:2D:D8:0A:D6:D4:D0:0C:D0:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-XpUa2biRJzmKEMt2ArW1NAM0D4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/226996-4b3f-4f5f-8a7e-0b1b6641b8a2/1/sbRHj1xJjmJPc7_1ZeA1bl9MMe4.roa
Signing time: Mon 01 Jan 2024 10:30:55 +0000
ROA not before: Mon 01 Jan 2024 10:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209984
IP address blocks: 45.132.48.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:96:f4:73:67:e2:d9:47:df:2d:7c:dd:e0:69:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f97a546b66e2449ce628432dd80ad6d4d00cd03e
Validity
Not Before: Jan 1 10:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1b4478f5c498e624f73bff565e0356e5f4c31ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:29:39:13:08:a8:31:61:45:e2:8c:0d:51:44:
98:5a:1c:86:92:9f:3b:24:ab:1d:18:d9:74:c9:3d:
18:33:7b:ee:32:8e:20:4c:74:7a:a6:fa:83:8c:85:
12:5f:ad:b0:c9:9c:34:cb:ef:d2:a6:d3:41:e3:f8:
50:64:34:4a:80:d1:95:07:2f:89:96:2b:58:6f:ec:
ea:25:f4:5e:d8:2e:63:ad:37:22:ee:b0:e7:c3:fe:
1c:dd:d5:7b:c4:25:52:b9:ee:3e:7c:07:c2:4b:d8:
e8:79:3b:7d:cf:dc:66:01:d7:d3:b8:e4:50:72:52:
a2:8e:79:c9:bf:c4:d8:ec:4d:e2:b4:f9:53:37:fe:
87:0f:38:f6:1f:d3:0c:45:87:91:88:01:e0:4b:3a:
12:3c:da:70:5d:15:79:df:80:9b:ab:dc:40:c0:05:
2b:1f:39:ca:82:96:4c:9e:72:9f:ef:09:02:fc:b6:
df:06:f9:e8:d5:f3:26:f0:44:04:56:64:8d:3b:90:
6a:6f:db:6e:fa:2f:c7:57:af:67:a5:f5:e6:e5:8f:
b6:57:cc:30:b0:7f:9b:a1:de:d0:29:d3:a4:11:a0:
eb:43:50:c7:01:02:e8:1c:eb:71:8a:46:d7:e9:ad:
fd:a9:af:8c:e6:bc:31:f8:09:b7:91:47:f0:ee:50:
05:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B4:47:8F:5C:49:8E:62:4F:73:BF:F5:65:E0:35:6E:5F:4C:31:EE
X509v3 Authority Key Identifier:
keyid:F9:7A:54:6B:66:E2:44:9C:E6:28:43:2D:D8:0A:D6:D4:D0:0C:D0:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-XpUa2biRJzmKEMt2ArW1NAM0D4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/226996-4b3f-4f5f-8a7e-0b1b6641b8a2/1/sbRHj1xJjmJPc7_1ZeA1bl9MMe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/226996-4b3f-4f5f-8a7e-0b1b6641b8a2/1/1-XpUa2biRJzmKEMt2ArW1NAM0D4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.48.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:0e:f1:7b:2a:7a:19:7c:d3:80:3f:8a:e9:f6:90:6b:1b:c4:
6d:e5:15:6d:af:e7:3c:aa:b0:2b:82:7c:2f:bb:49:eb:99:f4:
60:fd:3d:6f:05:f5:6c:73:85:ae:aa:83:cf:3d:07:e2:b8:68:
cf:55:5d:5f:1e:c9:49:9f:7b:6f:d0:83:aa:33:71:48:5a:eb:
13:a3:1b:4b:53:ca:8e:07:07:2d:dd:fc:e5:0c:d0:0c:e9:b3:
76:6f:87:ac:bd:b0:a6:4f:3f:3d:58:af:6a:b6:b8:e9:ec:c3:
df:b9:eb:16:75:8e:b9:36:a4:ac:4a:b6:49:7b:25:de:af:d8:
0b:3f:33:69:dc:84:c3:e7:0b:fd:64:e8:78:0b:50:4b:c3:6a:
89:5d:b1:bb:e2:11:85:20:87:5b:8c:4c:93:eb:5d:ac:1a:43:
29:61:a6:be:65:56:4a:79:8a:14:f7:73:7b:5e:d2:73:ff:51:
21:88:12:56:5e:da:32:85:2e:6f:74:dd:fb:89:6d:06:c3:1b:
27:a5:82:40:e6:12:af:33:e8:bc:68:fb:0f:78:15:a2:e6:8b:
af:03:f0:9b:9f:00:80:0e:b5:98:10:db:f6:ff:47:5b:c2:38:
ef:95:b8:9f:91:a5:9d:38:07:0e:96:2a:c8:d1:71:81:31:b0:
9c:87:53:63
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzEk5b0c2fi2UffLXzd4GlpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5N2E1NDZiNjZlMjQ0OWNlNjI4NDMyZGQ4MGFkNmQ0ZDAw
Y2QwM2UwHhcNMjQwMTAxMTAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWI0NDc4ZjVjNDk4ZTYyNGY3M2JmZjU2NWUwMzU2ZTVmNGMzMWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCk5EwioMWFF4owNUUSYWhyGkp87
JKsdGNl0yT0YM3vuMo4gTHR6pvqDjIUSX62wyZw0y+/SptNB4/hQZDRKgNGVBy+J
litYb+zqJfRe2C5jrTci7rDnw/4c3dV7xCVSue4+fAfCS9joeTt9z9xmAdfTuORQ
clKijnnJv8TY7E3itPlTN/6HDzj2H9MMRYeRiAHgSzoSPNpwXRV534Cbq9xAwAUr
HznKgpZMnnKf7wkC/LbfBvno1fMm8EQEVmSNO5Bqb9tu+i/HV69npfXm5Y+2V8ww
sH+bod7QKdOkEaDrQ1DHAQLoHOtxikbX6a39qa+M5rwx+Am3kUfw7lAFpQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLG0R49cSY5iT3O/9WXgNW5fTDHuMB8GA1UdIwQY
MBaAFPl6VGtm4kSc5ihDLdgK1tTQDNA+MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1YcFVhMmJpUkp6bUtFTXQyQXJXMU5BTTBENC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQvMjI2OTk2LTRiM2YtNGY1Zi04YTdl
LTBiMWI2NjQxYjhhMi8xL3NiUkhqMXhKam1KUGM3XzFaZUExYmw5TU1lNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWQvMjI2OTk2LTRiM2YtNGY1Zi04YTdlLTBiMWI2NjQxYjhh
Mi8xLzEtWHBVYTJiaVJKem1LRU10MkFyVzFOQU0wRDQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEthDAw
DQYJKoZIhvcNAQELBQADggEBAH8O8Xsqehl804A/iun2kGsbxG3lFW2v5zyqsCuC
fC+7SeuZ9GD9PW8F9Wxzha6qg889B+K4aM9VXV8eyUmfe2/Qg6ozcUha6xOjG0tT
yo4HBy3d/OUM0Azps3Zvh6y9sKZPPz1Yr2q2uOnsw9+56xZ1jrk2pKxKtkl7Jd6v
2As/M2nchMPnC/1k6HgLUEvDaoldsbviEYUgh1uMTJPrXawaQylhpr5lVkp5ihT3
c3te0nP/USGIElZe2jKFLm903fuJbQbDGyelgkDmEq8z6Lxo+w94FaLmi68D8Juf
AIAOtZgQ2/b/R1vCOO+VuJ+RpZ04Bw6WKsjRcYExsJyHU2M=
-----END CERTIFICATE-----
Generated at Mon Feb 5 20:13:12 2024 by rpki-client on console-ams.rpki-client.org