Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/tTUUMs2MdnjQ-ZrGGOHa11rR0zQ.roa
File: tTUUMs2MdnjQ-ZrGGOHa11rR0zQ.roa (raw, json)
Hash identifier: AZbwvKicZfe+4eFnioGI8/ZE/CZGTPoammyTTylxd5U=
Subject key identifier: B5:35:14:32:CD:8C:76:78:D0:F9:9A:C6:18:E1:DA:D7:5A:D1:D3:34
Certificate issuer: /CN=47312b28074cb8dfad155178ca254bdb4f5e711a
Certificate serial: 0185DE841A0D289FD53AB5393B45537CCD2A
Authority key identifier: 47:31:2B:28:07:4C:B8:DF:AD:15:51:78:CA:25:4B:DB:4F:5E:71:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RzErKAdMuN-tFVF4yiVL209ecRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/tTUUMs2MdnjQ-ZrGGOHa11rR0zQ.roa
Signing time: Mon 23 Jan 2023 12:04:37 +0000
ROA not before: Mon 23 Jan 2023 12:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 45.153.64.0/24 maxlen: 24
45.153.67.0/24 maxlen: 24
45.153.66.0/24 maxlen: 24
45.153.65.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:de:84:1a:0d:28:9f:d5:3a:b5:39:3b:45:53:7c:cd:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47312b28074cb8dfad155178ca254bdb4f5e711a
Validity
Not Before: Jan 23 12:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5351432cd8c7678d0f99ac618e1dad75ad1d334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bf:ef:26:cc:a5:11:27:fc:53:c8:88:15:8b:
12:68:f3:84:d6:d7:ce:4f:61:27:b7:d8:37:0e:9b:
15:1a:b1:a3:79:0b:17:7a:1c:54:1f:ae:42:19:52:
91:1e:63:09:cd:30:9e:f8:f1:94:50:bf:3f:9d:12:
80:99:84:d7:6e:88:7d:5c:a3:08:02:92:32:05:dc:
fa:63:d3:99:01:fb:6b:15:be:de:58:e6:72:36:ed:
f2:61:b8:bd:94:07:2d:04:ad:47:f4:5f:5f:2d:b1:
b3:ca:5d:a2:89:db:3b:b5:10:3e:55:4f:3e:8d:22:
b9:23:36:b7:eb:77:15:96:04:a0:39:49:1e:90:bc:
ab:ec:75:2d:38:c2:fb:17:e8:34:53:45:ee:b4:d6:
ea:cc:bd:71:78:6a:ff:b5:be:be:04:e8:5b:0e:d0:
88:3b:19:bd:e5:4b:fe:81:a5:1a:83:6b:7e:a5:85:
05:10:38:00:81:49:3e:ad:ed:bf:68:2f:ad:51:1c:
8e:5a:fd:9c:86:52:cd:92:3f:4a:43:aa:d8:de:c2:
bc:c4:0b:68:d3:50:1b:9e:4f:0c:a9:fd:10:36:d5:
36:fc:6d:ad:48:1f:a9:52:b7:66:08:ca:c9:24:0c:
c1:78:db:b5:9d:60:57:dd:f8:9d:cb:b8:cf:66:2a:
82:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:35:14:32:CD:8C:76:78:D0:F9:9A:C6:18:E1:DA:D7:5A:D1:D3:34
X509v3 Authority Key Identifier:
keyid:47:31:2B:28:07:4C:B8:DF:AD:15:51:78:CA:25:4B:DB:4F:5E:71:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzErKAdMuN-tFVF4yiVL209ecRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/tTUUMs2MdnjQ-ZrGGOHa11rR0zQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/RzErKAdMuN-tFVF4yiVL209ecRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.64.0/22
Signature Algorithm: sha256WithRSAEncryption
77:09:06:b4:94:56:ba:16:81:e4:eb:1d:0d:58:19:c6:f3:fd:
65:21:f0:72:95:44:31:f1:f4:07:2e:c4:7f:1f:c6:ed:3a:54:
f3:8d:de:58:c7:d5:d9:a8:9d:a4:10:8d:56:9f:b1:6c:98:8c:
a7:d4:3e:9d:58:08:92:c2:37:ec:79:45:01:b2:39:0b:3a:39:
5c:0d:03:32:0a:b0:2c:35:5e:d3:98:fc:4f:35:1a:9b:73:2a:
88:b1:9f:be:40:f1:03:0e:df:c8:7d:af:80:16:d9:43:34:64:
8f:0c:4c:93:a1:aa:0d:0d:b6:0e:15:c8:ab:a4:51:1f:f5:08:
c8:3c:46:f2:d0:a7:6c:9f:c9:64:63:9c:f3:9c:1d:4d:e9:1f:
b0:82:79:19:6b:c1:8f:30:82:91:b6:7b:e5:db:b3:47:d0:3f:
66:1f:ce:5d:1f:9f:91:47:1d:c7:8b:ab:e1:87:7b:a8:40:27:
f1:4b:9d:b0:0a:18:c4:2c:4d:86:d7:94:6b:1b:f7:24:f9:28:
9d:e4:00:2e:16:5a:c2:5a:1d:a5:22:aa:a0:13:33:d2:16:33:
38:f6:42:41:63:a3:ba:e2:95:23:03:c3:c9:a0:29:d4:eb:ca:
40:03:41:d3:82:e9:5f:fc:ef:12:dd:92:68:78:44:db:fa:63:
1d:91:c8:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXehBoNKJ/VOrU5O0VTfM0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MzEyYjI4MDc0Y2I4ZGZhZDE1NTE3OGNhMjU0YmRiNGY1
ZTcxMWEwHhcNMjMwMTIzMTIwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTM1MTQzMmNkOGM3Njc4ZDBmOTlhYzYxOGUxZGFkNzVhZDFkMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsb/vJsylESf8U8iIFYsSaPOE1tfO
T2Ent9g3DpsVGrGjeQsXehxUH65CGVKRHmMJzTCe+PGUUL8/nRKAmYTXboh9XKMI
ApIyBdz6Y9OZAftrFb7eWOZyNu3yYbi9lActBK1H9F9fLbGzyl2iids7tRA+VU8+
jSK5Iza363cVlgSgOUkekLyr7HUtOML7F+g0U0XutNbqzL1xeGr/tb6+BOhbDtCI
Oxm95Uv+gaUag2t+pYUFEDgAgUk+re2/aC+tURyOWv2chlLNkj9KQ6rY3sK8xAto
01Abnk8Mqf0QNtU2/G2tSB+pUrdmCMrJJAzBeNu1nWBX3fidy7jPZiqCtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLU1FDLNjHZ40Pmaxhjh2tda0dM0MB8GA1UdIwQY
MBaAFEcxKygHTLjfrRVReMolS9tPXnEaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpFcktBZE11Ti10RlZGNHlpVkwyMDllY1JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84MjdkY2QtNTY5NS00MWU2LWJiZmIt
ODhlMTVmYjE5Zjc0LzEvdFRVVU1zMk1kbmpRLVpyR0dPSGExMXJSMHpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi84MjdkY2QtNTY5NS00MWU2LWJiZmItODhlMTVmYjE5Zjc0
LzEvUnpFcktBZE11Ti10RlZGNHlpVkwyMDllY1JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZlAMA0G
CSqGSIb3DQEBCwUAA4IBAQB3CQa0lFa6FoHk6x0NWBnG8/1lIfBylUQx8fQHLsR/
H8btOlTzjd5Yx9XZqJ2kEI1Wn7FsmIyn1D6dWAiSwjfseUUBsjkLOjlcDQMyCrAs
NV7TmPxPNRqbcyqIsZ++QPEDDt/Ifa+AFtlDNGSPDEyToaoNDbYOFcirpFEf9QjI
PEby0Kdsn8lkY5zznB1N6R+wgnkZa8GPMIKRtnvl27NH0D9mH85dH5+RRx3Hi6vh
h3uoQCfxS52wChjELE2G15RrG/ck+Sid5AAuFlrCWh2lIqqgEzPSFjM49kJBY6O6
4pUjA8PJoCnU68pAA0HTgulf/O8S3ZJoeETb+mMdkchp
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:31 2023 by rpki-client on console.sobornost.net