Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/JeT59S_rO7HEtPD4AHmseZ_15As.roa
File: JeT59S_rO7HEtPD4AHmseZ_15As.roa (raw, json)
Hash identifier: Ssr0kmBx2u9+9TnZGSyOE92xUii4rmFMKRDb5+R5Ppw=
Subject key identifier: 25:E4:F9:F5:2F:EB:3B:B1:C4:B4:F0:F8:00:79:AC:79:9F:F5:E4:0B
Certificate issuer: /CN=27c007e5082b8e8d8289018718cfd527a7893e5e
Certificate serial: 018DB1194D3C23FE5B7B8784F86575D2B092
Authority key identifier: 27:C0:07:E5:08:2B:8E:8D:82:89:01:87:18:CF:D5:27:A7:89:3E:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/JeT59S_rO7HEtPD4AHmseZ_15As.roa
Signing time: Fri 16 Feb 2024 08:47:21 +0000
ROA not before: Fri 16 Feb 2024 08:47:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21618
IP address blocks: 45.10.24.0/24 maxlen: 24
45.133.9.0/24 maxlen: 24
152.89.239.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b1:19:4d:3c:23:fe:5b:7b:87:84:f8:65:75:d2:b0:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27c007e5082b8e8d8289018718cfd527a7893e5e
Validity
Not Before: Feb 16 08:47:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25e4f9f52feb3bb1c4b4f0f80079ac799ff5e40b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:10:3f:f2:ea:24:30:59:81:78:f7:7a:b5:74:
e2:bd:d9:1b:be:ee:cb:9b:db:c9:bc:84:5b:02:18:
6d:27:fe:81:90:5d:8d:e0:a6:7d:c9:ab:3f:42:8b:
8c:9a:b6:68:2f:7b:39:ee:34:6e:6b:14:0d:08:13:
3c:39:24:7d:45:f4:36:d7:e5:f2:06:33:a0:fb:fa:
f1:ed:d7:49:a0:15:46:98:b6:61:5e:1e:6c:07:67:
7e:39:04:35:38:fd:be:05:49:bc:74:a6:5c:60:3a:
81:41:48:84:59:61:89:1c:7b:0d:d1:0e:62:73:33:
d8:b5:88:7f:0a:4d:75:80:98:54:5c:0f:6b:bf:84:
fc:c9:c4:3f:1b:37:f5:4f:cf:f7:30:56:93:49:a2:
35:70:75:98:49:f0:d4:c7:f2:2c:eb:d8:77:fa:2d:
b7:23:af:0d:55:4f:55:19:0b:0c:14:67:b8:39:22:
0e:c4:37:81:d1:c1:e7:5e:b1:4c:d9:ce:ac:15:a7:
12:05:ec:04:fe:6c:79:07:cf:db:44:01:9a:bf:aa:
45:c1:89:07:59:bc:ec:8b:f2:ea:4d:71:c2:78:a7:
e3:c0:19:24:ba:1e:b0:c7:b0:6b:e7:d3:2f:75:de:
69:ef:4b:d6:3c:b0:b1:19:93:c9:e3:d3:4a:d8:78:
d8:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:E4:F9:F5:2F:EB:3B:B1:C4:B4:F0:F8:00:79:AC:79:9F:F5:E4:0B
X509v3 Authority Key Identifier:
keyid:27:C0:07:E5:08:2B:8E:8D:82:89:01:87:18:CF:D5:27:A7:89:3E:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/JeT59S_rO7HEtPD4AHmseZ_15As.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/06fe14-d146-4e66-a841-2c64c291353e/1/J8AH5Qgrjo2CiQGHGM_VJ6eJPl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.24.0/24
45.133.9.0/24
152.89.239.0/24
Signature Algorithm: sha256WithRSAEncryption
32:a0:af:97:a0:4c:d7:4e:b3:69:23:20:df:d4:fa:40:1a:3a:
29:08:64:82:65:1e:2c:15:07:df:93:f4:66:38:7e:bc:7a:93:
7f:5a:9f:db:8a:92:71:18:c0:e0:37:cb:78:00:89:89:82:ad:
21:c5:4f:53:ab:cf:c2:6c:01:03:15:6d:62:b8:3f:58:eb:af:
86:e3:f0:a6:c6:b6:59:08:cb:a7:e6:3b:aa:6a:a7:b2:60:bb:
7e:77:cb:4c:02:ce:46:2c:6a:02:f2:f9:dc:47:51:eb:5d:53:
3d:a5:5a:ca:af:63:23:17:28:eb:fc:19:3d:34:07:bb:e1:58:
52:9d:b5:95:39:0f:aa:ff:81:b9:c6:fe:42:c4:dd:19:aa:29:
c9:57:f4:9e:0f:96:9b:3c:7b:78:e6:c6:79:1b:61:7b:75:d0:
69:1c:61:1c:58:4f:9f:06:43:71:fd:4d:9c:01:63:55:a9:6e:
32:09:bd:f2:9b:ed:15:54:f1:29:18:28:3e:35:32:ff:dd:4a:
a5:1f:d1:72:47:1e:2d:26:0d:e7:2a:82:de:ac:71:c4:00:f5:
44:94:6b:99:a6:24:05:89:e8:97:1e:50:68:90:5f:e1:51:20:
b4:0a:60:e3:65:ca:99:45:04:42:d0:97:20:f2:f3:32:c8:ac:
d2:8a:03:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2xGU08I/5be4eE+GV10rCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzAwN2U1MDgyYjhlOGQ4Mjg5MDE4NzE4Y2ZkNTI3YTc4
OTNlNWUwHhcNMjQwMjE2MDg0NzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWU0ZjlmNTJmZWIzYmIxYzRiNGYwZjgwMDc5YWM3OTlmZjVlNDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRA/8uokMFmBePd6tXTivdkbvu7L
m9vJvIRbAhhtJ/6BkF2N4KZ9yas/QouMmrZoL3s57jRuaxQNCBM8OSR9RfQ21+Xy
BjOg+/rx7ddJoBVGmLZhXh5sB2d+OQQ1OP2+BUm8dKZcYDqBQUiEWWGJHHsN0Q5i
czPYtYh/Ck11gJhUXA9rv4T8ycQ/Gzf1T8/3MFaTSaI1cHWYSfDUx/Is69h3+i23
I68NVU9VGQsMFGe4OSIOxDeB0cHnXrFM2c6sFacSBewE/mx5B8/bRAGav6pFwYkH
Wbzsi/LqTXHCeKfjwBkkuh6wx7Br59Mvdd5p70vWPLCxGZPJ49NK2HjYbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCXk+fUv6zuxxLTw+AB5rHmf9eQLMB8GA1UdIwQY
MBaAFCfAB+UIK46NgokBhxjP1SeniT5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhBSDVRZ3JqbzJDaVFHSEdNX1ZKNmVKUGw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8wNmZlMTQtZDE0Ni00ZTY2LWE4NDEt
MmM2NGMyOTEzNTNlLzEvSmVUNTlTX3JPN0hFdFBENEFIbXNlWl8xNUFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8wNmZlMTQtZDE0Ni00ZTY2LWE4NDEtMmM2NGMyOTEzNTNl
LzEvSjhBSDVRZ3JqbzJDaVFHSEdNX1ZKNmVKUGw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQoYAwQA
LYUJAwQAmFnvMA0GCSqGSIb3DQEBCwUAA4IBAQAyoK+XoEzXTrNpIyDf1PpAGjop
CGSCZR4sFQffk/RmOH68epN/Wp/bipJxGMDgN8t4AImJgq0hxU9Tq8/CbAEDFW1i
uD9Y66+G4/CmxrZZCMun5juqaqeyYLt+d8tMAs5GLGoC8vncR1HrXVM9pVrKr2Mj
Fyjr/Bk9NAe74VhSnbWVOQ+q/4G5xv5CxN0ZqinJV/SeD5abPHt45sZ5G2F7ddBp
HGEcWE+fBkNx/U2cAWNVqW4yCb3ym+0VVPEpGCg+NTL/3UqlH9FyRx4tJg3nKoLe
rHHEAPVElGuZpiQFieiXHlBokF/hUSC0CmDjZcqZRQRC0Jcg8vMyyKzSigMC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:51 2024 by rpki-client on console-fra.rpki-client.org