Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/pSsRJCVDnAg5PHr6Tn-9aF07yAo.roa
File: pSsRJCVDnAg5PHr6Tn-9aF07yAo.roa (raw, json)
Hash identifier: Hi2JXB/0aSn5g8P6+AnM45A7Hry4WfY9Yhj8+PYyBIY=
Subject key identifier: A5:2B:11:24:25:43:9C:08:39:3C:7A:FA:4E:7F:BD:68:5D:3B:C8:0A
Certificate issuer: /CN=d895fa70e3f7df361151d55379d4d9b85dadfd3d
Certificate serial: 060772DA
Authority key identifier: D8:95:FA:70:E3:F7:DF:36:11:51:D5:53:79:D4:D9:B8:5D:AD:FD:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JX6cOP33zYRUdVTedTZuF2t_T0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/pSsRJCVDnAg5PHr6Tn-9aF07yAo.roa
Signing time: Sat 01 Jan 2022 02:55:20 +0000
ROA not before: Sat 01 Jan 2022 02:55:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208436
IP address blocks: 45.137.24.0/22 maxlen: 22
2a0e:9f40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101151450 (0x60772da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d895fa70e3f7df361151d55379d4d9b85dadfd3d
Validity
Not Before: Jan 1 02:55:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a52b112425439c08393c7afa4e7fbd685d3bc80a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b8:90:d2:c6:40:28:d5:c4:6a:0c:e9:fa:f9:
88:3b:76:24:e3:9c:d7:1b:a9:dd:44:21:8d:85:56:
a9:43:b7:a3:9e:5d:15:dd:b0:99:28:2e:dc:38:08:
f0:0d:09:23:0a:aa:77:13:0d:ca:06:b9:07:b6:6a:
b1:fa:1f:89:f1:51:41:05:d3:42:3c:b8:99:9d:59:
73:a5:39:75:be:cf:7d:24:82:95:8d:cd:8c:69:d8:
72:4f:16:4a:4a:07:f5:4b:ab:1c:b0:ea:d0:b2:42:
49:09:90:4e:48:bc:52:02:c5:c2:48:67:d1:cd:71:
37:bf:33:ad:66:85:35:13:5e:0c:af:01:96:8c:01:
9a:53:dd:52:ad:11:e8:bd:45:38:c2:a2:24:bd:07:
aa:ba:39:5a:b0:d2:6a:ed:77:17:36:59:33:5f:07:
e8:53:9e:f5:23:29:e1:61:02:ad:63:d2:ac:ce:0b:
b7:8e:85:75:6c:a4:a9:d2:72:b8:9e:62:46:03:9f:
11:57:09:8f:cb:d3:dd:26:ed:c5:7c:26:02:8c:28:
30:de:21:66:cf:ab:b2:93:f9:f0:75:1f:80:84:af:
c3:f9:ea:95:4c:2c:ba:de:31:a4:82:a8:fa:31:49:
c2:e5:cf:23:32:d6:c2:45:5d:43:80:80:84:b9:f2:
cb:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:2B:11:24:25:43:9C:08:39:3C:7A:FA:4E:7F:BD:68:5D:3B:C8:0A
X509v3 Authority Key Identifier:
keyid:D8:95:FA:70:E3:F7:DF:36:11:51:D5:53:79:D4:D9:B8:5D:AD:FD:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JX6cOP33zYRUdVTedTZuF2t_T0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/pSsRJCVDnAg5PHr6Tn-9aF07yAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/2JX6cOP33zYRUdVTedTZuF2t_T0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.24.0/22
IPv6:
2a0e:9f40::/29
Signature Algorithm: sha256WithRSAEncryption
8d:8a:0d:33:10:5c:20:10:b8:8b:1c:33:68:52:4e:a8:e4:72:
e7:9c:a7:89:75:db:a6:8a:02:09:62:d3:2d:07:87:3c:5f:3b:
cf:79:02:9e:a7:c0:26:6f:c8:b3:fd:10:65:0d:5a:1a:ed:93:
92:c7:26:99:79:39:84:0c:e1:87:b6:98:23:10:64:da:09:9e:
06:55:ff:7e:2b:33:0a:12:0c:0d:c1:d0:e1:e7:b1:e3:fd:80:
73:21:68:4c:e9:d3:a9:fe:32:9a:c7:ce:72:d0:76:d2:93:9c:
7f:51:5c:48:5e:95:10:2e:e5:9a:eb:bb:57:be:72:1e:da:e4:
5a:a0:97:39:ba:00:23:24:18:b0:34:33:08:c8:92:ca:e6:6c:
03:7d:ff:66:6f:4f:65:31:1a:61:3a:fe:22:55:84:d1:b9:3e:
9e:8d:1e:0b:86:90:72:0c:fc:dc:ba:b4:12:f6:fb:98:7b:7f:
2a:32:84:fc:af:ae:e3:72:e6:b4:96:99:0f:cf:39:23:18:4f:
25:c7:18:2e:bf:5e:a8:e8:4a:9b:69:19:ee:6b:8a:0c:7a:c6:
46:63:b2:4a:c4:22:4d:78:44:3f:50:ae:72:31:5a:98:57:55:
99:f3:5c:c4:a7:50:34:62:fa:7d:0c:7a:91:58:95:38:55:38:
b1:7d:71:cd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBgdy2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ODk1ZmE3MGUzZjdkZjM2MTE1MWQ1NTM3OWQ0ZDliODVkYWRmZDNkMB4XDTIyMDEw
MTAyNTUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTUyYjExMjQyNTQz
OWMwODM5M2M3YWZhNGU3ZmJkNjg1ZDNiYzgwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK64kNLGQCjVxGoM6fr5iDt2JOOc1xup3UQhjYVWqUO3o55d
Fd2wmSgu3DgI8A0JIwqqdxMNyga5B7ZqsfofifFRQQXTQjy4mZ1Zc6U5db7PfSSC
lY3NjGnYck8WSkoH9UurHLDq0LJCSQmQTki8UgLFwkhn0c1xN78zrWaFNRNeDK8B
lowBmlPdUq0R6L1FOMKiJL0Hqro5WrDSau13FzZZM18H6FOe9SMp4WECrWPSrM4L
t46FdWykqdJyuJ5iRgOfEVcJj8vT3SbtxXwmAowoMN4hZs+rspP58HUfgISvw/nq
lUwsut4xpIKo+jFJwuXPIzLWwkVdQ4CAhLnyy+0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSlKxEkJUOcCDk8evpOf71oXTvICjAfBgNVHSMEGDAWgBTYlfpw4/ffNhFR
1VN51Nm4Xa39PTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJKWDZjT1AzM3pZUlVkVlRlZFRadUYydF9UMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvNzBiNTA0LWMyZDQtNDM4Ny05Yjc1LWY0NWI4ZGJlMmY5Ny8x
L3BTc1JKQ1ZEbkFnNVBIcjZUbi05YUYwN3lBby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
NzBiNTA0LWMyZDQtNDM4Ny05Yjc1LWY0NWI4ZGJlMmY5Ny8xLzJKWDZjT1AzM3pZ
UlVkVlRlZFRadUYydF9UMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2JGDANBAIAAjAHAwUDKg6fQDAN
BgkqhkiG9w0BAQsFAAOCAQEAjYoNMxBcIBC4ixwzaFJOqORy55yniXXbpooCCWLT
LQeHPF87z3kCnqfAJm/Is/0QZQ1aGu2TkscmmXk5hAzhh7aYIxBk2gmeBlX/fisz
ChIMDcHQ4eex4/2AcyFoTOnTqf4ymsfOctB20pOcf1FcSF6VEC7lmuu7V75yHtrk
WqCXOboAIyQYsDQzCMiSyuZsA33/Zm9PZTEaYTr+IlWE0bk+no0eC4aQcgz83Lq0
Evb7mHt/KjKE/K+u43LmtJaZD885IxhPJccYLr9eqOhKm2kZ7muKDHrGRmOySsQi
TXhEP1CucjFamFdVmfNcxKdQNGL6fQx6kViVOFU4sX1xzQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:26 2023 by rpki-client on console-ams.rpki-client.org