Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/DtrrHML-ZzZGl4GzIlmzW0YNb9Q.roa
File: DtrrHML-ZzZGl4GzIlmzW0YNb9Q.roa (raw, json)
Hash identifier: +FGU9/N8cM1OHIeHTBdVB+L1eWo7EM2Xv/hije6UPYo=
Subject key identifier: 0E:DA:EB:1C:C2:FE:67:36:46:97:81:B3:22:59:B3:5B:46:0D:6F:D4
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 0188D406B8EFAFF1B04D8776C01C364056E4
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/DtrrHML-ZzZGl4GzIlmzW0YNb9Q.roa
Signing time: Mon 19 Jun 2023 14:19:50 +0000
ROA not before: Mon 19 Jun 2023 14:19:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41789
IP address blocks: 45.82.14.0/23 maxlen: 23
185.250.44.0/23 maxlen: 23
185.250.46.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d4:06:b8:ef:af:f1:b0:4d:87:76:c0:1c:36:40:56:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Jun 19 14:19:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0edaeb1cc2fe6736469781b32259b35b460d6fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2e:dd:98:9e:55:87:0c:89:8e:e1:15:6e:78:
e3:20:ad:d3:fb:42:e4:46:94:96:97:30:25:f4:e3:
c5:8a:cf:b3:88:74:77:d7:2d:5f:c9:7f:b6:cc:ec:
03:10:eb:17:c1:90:84:ce:f3:56:46:70:54:0c:1f:
52:a8:81:92:f7:ce:f1:58:76:e7:2b:15:b6:d3:96:
be:82:b3:9d:a5:d6:fa:9a:41:28:20:0a:b5:3a:5d:
15:e2:24:af:b5:67:bb:5c:a4:1e:b1:68:c4:91:f1:
27:99:c5:17:15:07:ab:83:e1:e3:85:8a:21:f1:75:
3f:6b:aa:48:10:d7:1e:89:c3:38:76:48:d6:a1:1b:
8f:4f:74:48:c6:78:5e:5c:f1:b3:bc:e2:fa:f9:1b:
69:19:d2:34:49:ba:d9:f4:b6:82:05:ad:96:d7:bb:
e9:02:79:a7:9a:61:7d:29:9d:f7:21:38:d2:cf:45:
6d:2f:8d:ab:66:42:22:ad:8e:1b:ef:e6:01:42:97:
12:e0:17:3b:5b:58:a9:67:4d:8b:05:b7:96:1f:c1:
85:93:55:28:70:1d:32:b0:ff:a1:e1:70:b6:9d:8d:
12:3e:50:cd:1c:7e:b3:b9:76:11:bb:bb:9d:bf:77:
8d:1c:c0:c8:db:a0:da:58:6b:b8:e1:b8:07:51:41:
16:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:DA:EB:1C:C2:FE:67:36:46:97:81:B3:22:59:B3:5B:46:0D:6F:D4
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/DtrrHML-ZzZGl4GzIlmzW0YNb9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.14.0/23
185.250.44.0/22
Signature Algorithm: sha256WithRSAEncryption
23:c5:f8:f0:d6:2a:9c:12:4c:70:aa:66:42:70:ba:49:29:03:
e7:88:4c:b7:40:74:22:7b:cc:21:6f:15:84:2a:a9:a5:35:d0:
f2:86:2c:09:1e:d0:d1:90:a9:79:15:58:4e:8f:2d:27:1e:a0:
85:31:f0:e1:36:a4:01:95:64:8f:ed:ec:63:88:51:6e:33:7c:
c5:25:59:f2:3c:5d:bc:d4:55:28:e8:a9:e9:9e:c1:ae:bd:b7:
d4:a7:46:48:1b:64:6a:ea:56:39:65:47:a1:bb:87:bd:d4:af:
1d:1a:f7:b7:eb:e5:c8:5b:f1:df:15:96:87:58:da:3f:a6:21:
aa:5e:87:1d:da:36:d7:00:49:dd:de:52:73:c3:ab:d4:06:88:
e9:2d:47:8b:70:a7:be:cd:99:7e:aa:dd:b4:76:9d:f4:d3:29:
8f:bf:fd:3b:de:cc:eb:2c:f6:e1:d9:21:36:6f:9b:df:c9:6f:
4d:f8:24:cc:9c:ec:c5:5a:e1:82:d7:fa:ae:dd:ef:83:d1:f3:
a1:3a:61:71:75:9c:23:50:37:22:f3:a7:65:bb:3d:4e:e6:87:
5c:ff:c9:c0:f4:8f:b5:ed:d6:4a:af:9b:c9:9f:6f:2c:08:7d:
df:cd:7e:23:94:d7:f3:83:75:26:e3:c3:29:a9:8e:ee:a7:c6:
e5:0a:da:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjUBrjvr/GwTYd2wBw2QFbkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjMwNjE5MTQxOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWRhZWIxY2MyZmU2NzM2NDY5NzgxYjMyMjU5YjM1YjQ2MGQ2ZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvS7dmJ5VhwyJjuEVbnjjIK3T+0Lk
RpSWlzAl9OPFis+ziHR31y1fyX+2zOwDEOsXwZCEzvNWRnBUDB9SqIGS987xWHbn
KxW205a+grOdpdb6mkEoIAq1Ol0V4iSvtWe7XKQesWjEkfEnmcUXFQerg+HjhYoh
8XU/a6pIENceicM4dkjWoRuPT3RIxnheXPGzvOL6+RtpGdI0SbrZ9LaCBa2W17vp
AnmnmmF9KZ33ITjSz0VtL42rZkIirY4b7+YBQpcS4Bc7W1ipZ02LBbeWH8GFk1Uo
cB0ysP+h4XC2nY0SPlDNHH6zuXYRu7udv3eNHMDI26DaWGu44bgHUUEW8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA7a6xzC/mc2RpeBsyJZs1tGDW/UMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvRHRyckhNTC1aelpHbDRHeklsbXpXMFlOYjlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVIOAwQC
ufosMA0GCSqGSIb3DQEBCwUAA4IBAQAjxfjw1iqcEkxwqmZCcLpJKQPniEy3QHQi
e8whbxWEKqmlNdDyhiwJHtDRkKl5FVhOjy0nHqCFMfDhNqQBlWSP7exjiFFuM3zF
JVnyPF281FUo6KnpnsGuvbfUp0ZIG2Rq6lY5ZUehu4e91K8dGve36+XIW/HfFZaH
WNo/piGqXocd2jbXAEnd3lJzw6vUBojpLUeLcKe+zZl+qt20dp300ymPv/073szr
LPbh2SE2b5vfyW9N+CTMnOzFWuGC1/qu3e+D0fOhOmFxdZwjUDci86dluz1O5odc
/8nA9I+17dZKr5vJn28sCH3fzX4jlNfzg3Um48MpqY7up8blCtoq
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:19 2023 by rpki-client on console-ams.rpki-client.org