Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/o__O3DlFSn_kN5n8zTwbxHWVL-A.roa
File: o__O3DlFSn_kN5n8zTwbxHWVL-A.roa (raw, json)
Hash identifier: VE+u1DVUgzHF0klN2ZD46SogOlT4tHX1+Gw555Mb+cs=
Subject key identifier: A3:FF:CE:DC:39:45:4A:7F:E4:37:99:FC:CD:3C:1B:C4:75:95:2F:E0
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 0183F01241C8E730B2BF9BD06845F139861F
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/o__O3DlFSn_kN5n8zTwbxHWVL-A.roa
Signing time: Wed 19 Oct 2022 11:47:51 +0000
ROA not before: Wed 19 Oct 2022 11:47:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41789
IP address blocks: 185.250.44.0/23 maxlen: 23
185.250.46.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f0:12:41:c8:e7:30:b2:bf:9b:d0:68:45:f1:39:86:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Oct 19 11:47:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3ffcedc39454a7fe43799fccd3c1bc475952fe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0a:a4:01:a4:77:d7:66:a6:b7:84:b6:d3:1e:
59:80:0a:2f:60:50:24:9f:bd:00:5a:98:fc:4b:79:
b0:41:52:b0:f6:91:91:55:8f:dd:2e:72:9c:c1:27:
54:f2:85:55:bc:c2:5a:40:ef:97:de:c6:fc:17:ca:
b5:a5:5d:c5:fc:3e:4a:33:34:e2:4f:06:93:b3:78:
eb:74:89:c5:2e:75:ce:2f:39:89:ed:22:30:84:98:
bd:de:8d:b2:28:b7:1e:7d:b6:c0:20:b8:30:1b:3b:
20:1b:77:85:1e:bb:a0:49:96:6d:e2:ff:c1:9c:12:
b4:fd:82:c2:f7:54:bf:23:30:f9:54:1b:97:14:8c:
f0:dd:1a:91:71:86:e4:ba:7b:42:d6:79:64:c7:9f:
62:4b:2e:73:9f:ad:93:d0:48:73:ad:08:36:c7:8e:
25:08:ed:49:20:f8:a5:e7:fd:c7:e3:78:5d:fc:f2:
ea:af:c2:8c:d5:4d:8f:95:5d:f2:ea:20:74:30:eb:
72:19:ca:41:68:23:59:d7:f2:78:ca:42:52:80:c9:
51:be:3c:c8:6b:5a:08:b5:52:a2:4a:bf:72:22:d1:
f6:5b:52:0b:ce:80:9b:50:e7:c1:9c:cc:f1:b0:79:
dd:2f:d4:0b:1b:19:60:84:ef:27:ad:68:b4:2e:a6:
1b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:FF:CE:DC:39:45:4A:7F:E4:37:99:FC:CD:3C:1B:C4:75:95:2F:E0
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/o__O3DlFSn_kN5n8zTwbxHWVL-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.44.0/22
Signature Algorithm: sha256WithRSAEncryption
30:8b:2a:34:3c:dd:65:c9:1f:84:aa:6c:e2:e5:dc:a2:13:35:
29:0d:31:7a:9a:83:82:54:42:28:e0:bb:97:a6:e4:2c:07:fc:
8d:a0:d6:9b:ec:15:e0:cf:00:fe:61:93:f8:b2:bb:1f:79:ff:
dd:7c:0c:3a:49:4a:7e:f4:c3:8b:8d:1f:3a:d6:fa:78:41:95:
7c:c9:45:08:95:4a:90:10:a0:bf:5b:f5:82:bd:1d:3f:83:94:
79:40:53:be:79:e7:8e:d6:3a:d3:f2:e7:90:91:37:c5:18:58:
5c:fe:13:e2:d9:83:96:96:61:b1:58:e2:8b:32:ce:18:5b:19:
d4:94:6e:da:a8:43:99:de:91:19:61:72:d9:86:b4:52:55:82:
f7:0f:13:d5:6f:d3:95:03:05:d3:c8:d9:23:94:9e:72:e9:c1:
0a:ab:7c:50:a8:e1:9b:de:10:d4:c0:16:f5:c9:00:5b:f9:60:
42:d7:99:4d:98:28:82:47:b5:f7:97:dc:81:d9:ba:a6:1a:b0:
cf:aa:47:bb:6a:ac:76:b3:f4:7f:57:b9:fe:11:b2:de:b8:99:
7e:b2:a8:21:56:bc:ca:02:c2:99:ea:30:f0:af:65:99:5c:6b:
f5:33:93:89:24:80:7e:ba:73:bf:2a:23:31:9c:52:5b:3a:82:
4d:fc:7f:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPwEkHI5zCyv5vQaEXxOYYfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjIxMDE5MTE0NzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2ZmY2VkYzM5NDU0YTdmZTQzNzk5ZmNjZDNjMWJjNDc1OTUyZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwqkAaR312amt4S20x5ZgAovYFAk
n70AWpj8S3mwQVKw9pGRVY/dLnKcwSdU8oVVvMJaQO+X3sb8F8q1pV3F/D5KMzTi
TwaTs3jrdInFLnXOLzmJ7SIwhJi93o2yKLcefbbAILgwGzsgG3eFHrugSZZt4v/B
nBK0/YLC91S/IzD5VBuXFIzw3RqRcYbkuntC1nlkx59iSy5zn62T0EhzrQg2x44l
CO1JIPil5/3H43hd/PLqr8KM1U2PlV3y6iB0MOtyGcpBaCNZ1/J4ykJSgMlRvjzI
a1oItVKiSr9yItH2W1ILzoCbUOfBnMzxsHndL9QLGxlghO8nrWi0LqYbpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKP/ztw5RUp/5DeZ/M08G8R1lS/gMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvb19fTzNEbEZTbl9rTjVuOHpUd2J4SFdWTC1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufosMA0G
CSqGSIb3DQEBCwUAA4IBAQAwiyo0PN1lyR+Eqmzi5dyiEzUpDTF6moOCVEIo4LuX
puQsB/yNoNab7BXgzwD+YZP4srsfef/dfAw6SUp+9MOLjR861vp4QZV8yUUIlUqQ
EKC/W/WCvR0/g5R5QFO+eeeO1jrT8ueQkTfFGFhc/hPi2YOWlmGxWOKLMs4YWxnU
lG7aqEOZ3pEZYXLZhrRSVYL3DxPVb9OVAwXTyNkjlJ5y6cEKq3xQqOGb3hDUwBb1
yQBb+WBC15lNmCiCR7X3l9yB2bqmGrDPqke7aqx2s/R/V7n+EbLeuJl+sqghVrzK
AsKZ6jDwr2WZXGv1M5OJJIB+unO/KiMxnFJbOoJN/H+8
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:19 2023 by rpki-client on console-ams.rpki-client.org