Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/8UlKq-SHReGxH_ELNoqeEQhDXYU.roa
File: 8UlKq-SHReGxH_ELNoqeEQhDXYU.roa (raw, json)
Hash identifier: yP1kAKd2y7w/GDDt+9QWXc66wa9KgBP9mp5H2GqoT9U=
Subject key identifier: F1:49:4A:AB:E4:87:45:E1:B1:1F:F1:0B:36:8A:9E:11:08:43:5D:85
Certificate issuer: /CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Certificate serial: 08618234
Authority key identifier: A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/8UlKq-SHReGxH_ELNoqeEQhDXYU.roa
Signing time: Sat 01 Jan 2022 06:05:48 +0000
ROA not before: Sat 01 Jan 2022 06:05:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212344
IP address blocks: 45.85.186.0/24 maxlen: 24
45.85.186.0/23 maxlen: 23
45.85.187.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140608052 (0x8618234)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Validity
Not Before: Jan 1 06:05:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f1494aabe48745e1b11ff10b368a9e1108435d85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:24:3d:63:94:de:9e:9b:8b:4d:5c:62:df:3d:
e0:23:76:36:01:6b:d6:7f:08:37:80:9c:62:f6:d2:
b1:c1:41:4d:2f:2d:21:51:d1:46:66:d5:93:c6:31:
6d:d7:d1:41:71:61:25:70:07:48:02:c6:4d:30:bf:
c5:89:b3:70:b2:6f:ef:a9:81:f6:9f:d4:be:d9:c0:
85:9b:42:f9:ae:7e:60:19:35:a4:1f:d2:b2:6f:cb:
29:69:cc:7e:da:69:c3:60:8d:f0:8f:f7:52:20:d6:
59:75:78:58:84:45:e1:3c:df:a0:4b:e2:89:d1:e1:
04:5a:cc:4f:d5:c8:57:7b:48:6b:b6:ee:1f:21:c6:
8a:44:6d:d0:d0:0e:e8:88:0a:47:2b:16:a2:23:61:
30:0e:d6:0a:e7:3d:f3:db:56:70:3b:61:8b:8e:03:
33:cf:49:e9:2a:d0:69:01:2e:b6:79:37:54:d6:d4:
41:f5:b6:d8:3c:28:9b:36:b8:c1:9e:88:db:1f:ff:
8a:1f:08:03:10:e8:a9:31:7a:c7:ac:6b:60:70:01:
1c:91:0b:a6:23:91:b6:34:4e:13:e0:4e:b4:22:29:
cf:3d:ac:32:91:c8:50:7d:ce:d8:79:34:97:e3:12:
df:2a:f8:cf:f6:99:17:31:2d:7f:60:2a:2a:c3:c1:
59:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:49:4A:AB:E4:87:45:E1:B1:1F:F1:0B:36:8A:9E:11:08:43:5D:85
X509v3 Authority Key Identifier:
keyid:A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/8UlKq-SHReGxH_ELNoqeEQhDXYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.186.0/23
Signature Algorithm: sha256WithRSAEncryption
38:bb:5f:46:06:78:16:80:e6:86:ee:c8:b5:33:97:39:01:23:
fc:88:22:b7:6a:2d:51:cd:3b:7e:8f:69:e7:f8:1c:4b:8d:95:
ee:40:63:5c:7c:f9:d7:fc:7e:88:f3:20:1d:95:13:87:7c:35:
ed:89:04:8a:d7:84:8f:72:d6:d2:6e:52:f0:97:26:4d:af:42:
cb:23:eb:65:16:a9:9f:ee:e2:21:f0:bf:fe:01:66:81:c5:f5:
23:5a:84:86:f6:7c:a4:40:95:e4:22:4e:7e:15:12:24:a4:57:
93:47:7b:7c:d5:dc:66:d8:27:cb:6a:82:69:e0:a0:f8:ac:0d:
b9:a7:e9:78:58:6e:da:e7:33:b6:bf:52:f7:e0:4e:05:d9:68:
f9:86:65:db:df:a5:21:29:ee:05:a9:f5:de:1b:4a:85:7a:a8:
a0:6f:99:eb:2c:23:73:1b:92:06:99:b2:a8:9c:bc:18:05:d0:
41:4d:bb:34:cf:61:96:7b:54:5d:4c:9a:7e:6a:cf:3d:54:1d:
15:8b:25:a1:07:87:19:e0:31:18:69:bb:f5:bf:f7:b9:cb:7b:
97:cd:4a:37:21:50:12:01:ef:50:98:69:8e:1c:85:96:50:a2:
74:68:87:f0:1a:69:f5:53:cf:a1:49:dc:b4:e1:79:04:08:b2:
40:d7:67:9a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECGGCNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODExYTJjOWZjOGRlOTY3OWJiMTU4NTgxYjEwY2VhZWU5MWZmNzkxMB4XDTIyMDEw
MTA2MDU0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjE0OTRhYWJlNDg3
NDVlMWIxMWZmMTBiMzY4YTllMTEwODQzNWQ4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI8kPWOU3p6bi01cYt894CN2NgFr1n8IN4CcYvbSscFBTS8t
IVHRRmbVk8YxbdfRQXFhJXAHSALGTTC/xYmzcLJv76mB9p/UvtnAhZtC+a5+YBk1
pB/Ssm/LKWnMftppw2CN8I/3UiDWWXV4WIRF4TzfoEviidHhBFrMT9XIV3tIa7bu
HyHGikRt0NAO6IgKRysWoiNhMA7WCuc989tWcDthi44DM89J6SrQaQEutnk3VNbU
QfW22Dwomza4wZ6I2x//ih8IAxDoqTF6x6xrYHABHJELpiORtjROE+BOtCIpzz2s
MpHIUH3O2Hk0l+MS3yr4z/aZFzEtf2AqKsPBWfcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTxSUqr5IdF4bEf8Qs2ip4RCENdhTAfBgNVHSMEGDAWgBSoEaLJ/I3pZ5ux
WFgbEM6u6R/3kTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FCR2l5ZnlONldlYnNWaFlHeERPcnVrZjk1RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvMWRlY2IzLTE1OTMtNDVkYi1hZjU2LTBjYzRjMDAwMDg1OC8x
LzhVbEtxLVNIUmVHeEhfRUxOb3FlRVFoRFhZVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
MWRlY2IzLTE1OTMtNDVkYi1hZjU2LTBjYzRjMDAwMDg1OC8xL3FCR2l5ZnlONldl
YnNWaFlHeERPcnVrZjk1RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS1VujANBgkqhkiG9w0BAQsFAAOC
AQEAOLtfRgZ4FoDmhu7ItTOXOQEj/Igit2otUc07fo9p5/gcS42V7kBjXHz51/x+
iPMgHZUTh3w17YkEiteEj3LW0m5S8JcmTa9CyyPrZRapn+7iIfC//gFmgcX1I1qE
hvZ8pECV5CJOfhUSJKRXk0d7fNXcZtgny2qCaeCg+KwNuafpeFhu2ucztr9S9+BO
Bdlo+YZl29+lISnuBan13htKhXqooG+Z6ywjcxuSBpmyqJy8GAXQQU27NM9hlntU
XUyafmrPPVQdFYsloQeHGeAxGGm79b/3uct7l81KNyFQEgHvUJhpjhyFllCidGiH
8Bpp9VPPoUnctOF5BAiyQNdnmg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:59 2024 by rpki-client on console-ams.rpki-client.org