Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RUgMRPRWPY6fDJJY6UAYaWdsE9M.roa
File: RUgMRPRWPY6fDJJY6UAYaWdsE9M.roa (raw, json)
Hash identifier: ejisiV42Q+9h/Kn2t36ij6xkoFG1z56M+5esXonS4js=
Subject key identifier: 45:48:0C:44:F4:56:3D:8E:9F:0C:92:58:E9:40:18:69:67:6C:13:D3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01881AC04C447BA52F4BA2C849CB6B84112C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RUgMRPRWPY6fDJJY6UAYaWdsE9M.roa
Signing time: Sun 14 May 2023 14:53:10 +0000
ROA not before: Sun 14 May 2023 14:53:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1
IP address blocks: 81.161.231.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
164.40.185.0/24 maxlen: 24
45.139.100.0/22 maxlen: 24
185.221.64.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1a:c0:4c:44:7b:a5:2f:4b:a2:c8:49:cb:6b:84:11:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 14 14:53:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45480c44f4563d8e9f0c9258e9401869676c13d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4d:b9:eb:f5:dd:9f:08:97:38:a4:dc:69:3d:
7a:0b:48:55:0c:6b:b1:88:50:4c:95:0c:ae:58:ba:
de:f3:8e:c8:36:c0:3c:c9:5c:80:79:04:50:6c:9c:
d0:d9:03:ea:54:ec:7f:8e:34:e6:f8:20:b8:44:00:
0f:41:5d:16:0a:a9:36:d3:d2:05:99:d7:1f:e1:7d:
18:4b:d2:f9:1e:08:17:0d:e9:a9:28:7c:54:12:64:
b5:9a:7e:96:ac:c8:b8:7a:96:a6:e3:ee:04:6e:41:
44:e3:ac:8d:3e:6e:4c:12:8d:8a:d3:e1:00:c0:fa:
0e:b0:79:82:a3:29:7d:c1:1b:9b:cc:bf:3d:9f:9c:
ad:c3:93:81:93:4b:99:d8:35:43:93:f9:b6:d0:cd:
f3:68:dc:2a:e2:a3:bd:f3:a2:01:b1:9e:e4:c8:b2:
92:2e:e9:c7:a5:93:74:54:ea:56:04:fa:31:07:6a:
82:1a:e3:4b:59:6d:b3:4a:45:50:23:06:3f:d8:9e:
e6:bd:5f:24:52:59:2b:f2:54:50:bf:bd:ad:7a:2a:
22:7c:be:c4:dc:79:95:0f:97:9e:42:e9:7e:aa:89:
e7:56:16:a2:9f:bb:e5:7b:6f:ac:bb:8a:a3:a6:e3:
bd:f6:c0:66:f3:0c:3a:99:6c:71:f3:91:6f:d7:e5:
1e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:48:0C:44:F4:56:3D:8E:9F:0C:92:58:E9:40:18:69:67:6C:13:D3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RUgMRPRWPY6fDJJY6UAYaWdsE9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.100.0/22
81.161.231.0/24
94.156.8.0/24
164.40.185.0/24
185.221.64.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:f1:94:8e:34:ab:ab:a2:d9:2a:d9:05:8e:ab:b9:f5:e0:89:
57:da:72:a4:93:47:32:91:42:b1:60:5f:21:0e:c3:e3:10:91:
5a:e7:a0:db:f1:6e:10:7b:39:f9:3f:ca:60:62:4a:da:1d:34:
a6:56:d2:36:62:6e:02:4c:9a:dc:63:9c:58:8d:d1:05:14:2b:
fc:19:e4:6b:b0:45:79:a2:3e:b5:c1:e6:3e:b3:f3:bd:09:33:
4b:55:a7:bd:08:5f:2a:b8:59:de:62:0a:ea:c3:88:3e:c9:3d:
a3:86:12:e4:0e:c9:66:c5:09:61:aa:5b:59:8c:a3:ea:bc:24:
23:2a:81:70:75:51:a0:fc:92:8c:0c:40:8d:24:02:8e:f5:d9:
5b:6f:e3:96:f3:ca:71:26:c9:33:75:53:57:2e:94:a5:14:4e:
22:b1:7e:6c:d0:d8:83:d3:ec:76:55:a9:55:c9:cb:33:0a:35:
a4:dc:34:3a:18:50:0a:c0:e2:72:81:92:ea:1b:0b:da:7d:48:
6c:a7:92:98:cc:17:12:a9:64:49:90:59:5b:84:14:bd:bc:20:
5b:9d:d4:c8:7c:05:ee:18:78:1b:47:79:9d:22:f0:3d:d6:ce:
f6:b8:f6:9c:eb:ba:cb:59:b7:5a:7e:8d:e2:e5:a7:84:44:a3:
93:92:9d:c0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYgawExEe6UvS6LISctrhBEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE0MTQ1MzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTQ4MGM0NGY0NTYzZDhlOWYwYzkyNThlOTQwMTg2OTY3NmMxM2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0256/XdnwiXOKTcaT16C0hVDGux
iFBMlQyuWLre847INsA8yVyAeQRQbJzQ2QPqVOx/jjTm+CC4RAAPQV0WCqk209IF
mdcf4X0YS9L5HggXDempKHxUEmS1mn6WrMi4epam4+4EbkFE46yNPm5MEo2K0+EA
wPoOsHmCoyl9wRubzL89n5ytw5OBk0uZ2DVDk/m20M3zaNwq4qO986IBsZ7kyLKS
LunHpZN0VOpWBPoxB2qCGuNLWW2zSkVQIwY/2J7mvV8kUlkr8lRQv72teioifL7E
3HmVD5eeQul+qonnVhain7vle2+su4qjpuO99sBm8ww6mWxx85Fv1+UeWwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEVIDET0Vj2OnwySWOlAGGlnbBPTMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUlVnTVJQUldQWTZmREpKWTZVQVlhV2RzRTlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLYtkAwQA
UaHnAwQAXpwIAwQApCi5AwQAud1AMA0GCSqGSIb3DQEBCwUAA4IBAQB98ZSONKur
otkq2QWOq7n14IlX2nKkk0cykUKxYF8hDsPjEJFa56Db8W4Qezn5P8pgYkraHTSm
VtI2Ym4CTJrcY5xYjdEFFCv8GeRrsEV5oj61weY+s/O9CTNLVae9CF8quFneYgrq
w4g+yT2jhhLkDslmxQlhqltZjKPqvCQjKoFwdVGg/JKMDECNJAKO9dlbb+OW88px
JskzdVNXLpSlFE4isX5s0NiD0+x2ValVycszCjWk3DQ6GFAKwOJygZLqGwvafUhs
p5KYzBcSqWRJkFlbhBS9vCBbndTIfAXuGHgbR3mdIvA91s72uPac67rLWbdafo3i
5aeERKOTkp3A
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:36 2023 by rpki-client on console-ams.rpki-client.org