Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/e87567-6dd8-4a60-921e-2a0722ae1644/1/r82ZiE81-t5iEgilrKR_u9OX2oY.roa
File: r82ZiE81-t5iEgilrKR_u9OX2oY.roa (raw, json)
Hash identifier: ELnSNzlbyKsaSVISg9z9faT5223rfrA+Rb0Efe/HWrU=
Subject key identifier: AF:CD:99:88:4F:35:FA:DE:62:12:08:A5:AC:A4:7F:BB:D3:97:DA:86
Certificate issuer: /CN=cd6bf60eb08f1e23aba8ba797c1172444ce15b71
Certificate serial: 01E71E44
Authority key identifier: CD:6B:F6:0E:B0:8F:1E:23:AB:A8:BA:79:7C:11:72:44:4C:E1:5B:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWv2DrCPHiOrqLp5fBFyREzhW3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/e87567-6dd8-4a60-921e-2a0722ae1644/1/r82ZiE81-t5iEgilrKR_u9OX2oY.roa
Signing time: Sat 01 Jan 2022 15:58:59 +0000
ROA not before: Sat 01 Jan 2022 15:58:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 45.150.144.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31923780 (0x1e71e44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd6bf60eb08f1e23aba8ba797c1172444ce15b71
Validity
Not Before: Jan 1 15:58:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=afcd99884f35fade621208a5aca47fbbd397da86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:1b:56:0e:b8:db:c4:98:50:88:8d:4c:1a:62:
2e:12:13:4a:1e:76:64:16:67:43:75:f1:9d:2b:01:
17:7d:9b:78:a0:c0:b8:6c:ac:3c:b4:b5:d1:03:94:
52:92:30:c1:44:71:47:49:71:ed:82:9d:b1:46:45:
22:a1:25:e1:1c:db:a3:d6:56:f8:21:01:51:e2:c3:
94:da:c4:94:9d:21:be:77:45:c8:0a:2f:15:9f:52:
c0:ea:7a:34:6a:8a:bc:5a:cc:19:7a:d1:c8:6b:e6:
51:09:08:81:1c:25:e4:a1:ae:0c:c2:47:8c:54:44:
65:e0:d9:67:83:b3:67:06:eb:32:6f:ee:c6:d1:89:
4e:39:3e:bc:f3:e7:dc:5e:6b:c4:15:07:fa:0d:0c:
b4:5a:00:a0:c8:bf:91:05:f7:3e:75:2f:03:3e:b5:
30:e3:cc:79:0e:1a:42:0e:aa:90:df:1b:85:53:8f:
4f:fa:15:b9:a1:bd:45:ef:f5:b8:6c:35:aa:b3:5e:
2d:c8:e2:11:3d:1c:4b:27:3e:c0:ce:c9:96:08:7d:
87:5b:d2:07:0c:7c:b7:d2:81:9c:2f:49:89:d1:2c:
4c:44:8e:c1:f0:56:ee:0c:66:bd:af:43:72:56:b8:
52:b1:75:16:9e:63:6a:6f:8d:6e:80:41:8a:52:c0:
5a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:CD:99:88:4F:35:FA:DE:62:12:08:A5:AC:A4:7F:BB:D3:97:DA:86
X509v3 Authority Key Identifier:
keyid:CD:6B:F6:0E:B0:8F:1E:23:AB:A8:BA:79:7C:11:72:44:4C:E1:5B:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWv2DrCPHiOrqLp5fBFyREzhW3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e87567-6dd8-4a60-921e-2a0722ae1644/1/r82ZiE81-t5iEgilrKR_u9OX2oY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e87567-6dd8-4a60-921e-2a0722ae1644/1/zWv2DrCPHiOrqLp5fBFyREzhW3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.144.0/22
Signature Algorithm: sha256WithRSAEncryption
91:21:79:e1:5a:34:73:bd:db:45:66:35:39:63:34:6e:d2:d4:
f4:7d:31:49:4e:4c:23:f0:98:f8:44:bd:ad:3d:1e:43:9e:37:
88:04:d8:13:58:08:bb:6f:18:60:fb:a4:35:0e:b9:95:54:c6:
a8:b7:53:77:34:e7:60:97:48:f7:0f:45:52:dd:ba:4c:1c:6c:
b5:e7:e8:41:1e:1f:4f:c4:aa:b7:9b:0b:c5:00:ae:01:9e:bc:
87:c0:1a:37:21:83:03:26:4b:40:1e:fa:5d:34:14:1a:2f:48:
bf:dd:80:90:aa:35:ff:68:94:23:ba:72:24:34:7c:fb:f9:d8:
44:dd:4a:7a:d1:67:1f:51:f3:b8:15:a7:2f:37:95:dd:32:70:
63:7d:27:7e:88:49:04:5d:1c:5d:d5:ca:fe:43:b0:f7:12:8f:
4f:40:6e:8a:9f:87:84:44:71:21:0c:67:e4:31:3d:7d:9e:0b:
45:1b:6b:55:ef:42:b9:42:fd:84:0b:e4:53:6b:c6:4c:cb:92:
0e:56:dc:1c:2f:35:14:e5:ad:1b:30:c8:db:ff:a0:ec:22:07:
7f:74:2c:19:46:35:d3:65:a2:93:18:df:b3:7d:8c:4c:1d:f1:
e5:5f:98:12:cd:5c:b2:9c:ad:df:32:b3:8e:35:f4:f6:00:85:
52:48:70:88
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAeceRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDZiZjYwZWIwOGYxZTIzYWJhOGJhNzk3YzExNzI0NDRjZTE1YjcxMB4XDTIyMDEw
MTE1NTg1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWZjZDk5ODg0ZjM1
ZmFkZTYyMTIwOGE1YWNhNDdmYmJkMzk3ZGE4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPQbVg6428SYUIiNTBpiLhITSh52ZBZnQ3XxnSsBF32beKDA
uGysPLS10QOUUpIwwURxR0lx7YKdsUZFIqEl4Rzbo9ZW+CEBUeLDlNrElJ0hvndF
yAovFZ9SwOp6NGqKvFrMGXrRyGvmUQkIgRwl5KGuDMJHjFREZeDZZ4OzZwbrMm/u
xtGJTjk+vPPn3F5rxBUH+g0MtFoAoMi/kQX3PnUvAz61MOPMeQ4aQg6qkN8bhVOP
T/oVuaG9Re/1uGw1qrNeLcjiET0cSyc+wM7Jlgh9h1vSBwx8t9KBnC9JidEsTESO
wfBW7gxmva9Dcla4UrF1Fp5jam+NboBBilLAWukCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSvzZmITzX63mISCKWspH+705fahjAfBgNVHSMEGDAWgBTNa/YOsI8eI6uo
unl8EXJETOFbcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pXdjJEckNQSGlPcnFMcDVmQkZ5UkV6aFczRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvZTg3NTY3LTZkZDgtNGE2MC05MjFlLTJhMDcyMmFlMTY0NC8x
L3I4MlppRTgxLXQ1aUVnaWxyS1JfdTlPWDJvWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
ZTg3NTY3LTZkZDgtNGE2MC05MjFlLTJhMDcyMmFlMTY0NC8xL3pXdjJEckNQSGlP
cnFMcDVmQkZ5UkV6aFczRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2WkDANBgkqhkiG9w0BAQsFAAOC
AQEAkSF54Vo0c73bRWY1OWM0btLU9H0xSU5MI/CY+ES9rT0eQ543iATYE1gIu28Y
YPukNQ65lVTGqLdTdzTnYJdI9w9FUt26TBxstefoQR4fT8Sqt5sLxQCuAZ68h8Aa
NyGDAyZLQB76XTQUGi9Iv92AkKo1/2iUI7pyJDR8+/nYRN1KetFnH1HzuBWnLzeV
3TJwY30nfohJBF0cXdXK/kOw9xKPT0Buip+HhERxIQxn5DE9fZ4LRRtrVe9CuUL9
hAvkU2vGTMuSDlbcHC81FOWtGzDI2/+g7CIHf3QsGUY102Wikxjfs32MTB3x5V+Y
Es1cspyt3zKzjjX09gCFUkhwiA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:22 2024 by rpki-client on console-fra.rpki-client.org