Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yNxNjum1pJB_bZGiOlakRZWSS5Q.roa
File: yNxNjum1pJB_bZGiOlakRZWSS5Q.roa (raw, json)
Hash identifier: j2sWBTpijbrZNcwX0m3Qp+9royEc3mHUSLhKGPp3GDU=
Subject key identifier: C8:DC:4D:8E:E9:B5:A4:90:7F:6D:91:A2:3A:56:A4:45:95:92:4B:94
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01877A741989D6396FC9869C7D4F17868B3E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yNxNjum1pJB_bZGiOlakRZWSS5Q.roa
Signing time: Thu 13 Apr 2023 11:50:41 +0000
ROA not before: Thu 13 Apr 2023 11:50:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38337
IP address blocks: 45.88.66.0/24 maxlen: 24
94.156.235.0/24 maxlen: 24
87.121.44.0/24 maxlen: 24
185.225.75.0/24 maxlen: 24
45.128.235.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7a:74:19:89:d6:39:6f:c9:86:9c:7d:4f:17:86:8b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 13 11:50:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c8dc4d8ee9b5a4907f6d91a23a56a44595924b94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ad:ff:e8:cb:28:6a:26:0a:87:0c:b7:07:43:
e0:dd:5f:58:af:cf:e8:ce:67:27:eb:e1:a1:45:89:
28:3c:25:fd:1d:d5:19:9b:ed:3d:52:50:10:dd:ad:
72:38:29:0e:35:57:7d:82:8c:51:54:52:b2:b3:03:
59:bc:fd:b5:d9:cc:15:14:69:6f:78:75:e4:2e:cb:
ee:43:59:20:5e:98:26:bc:8c:59:4a:f2:85:9c:66:
21:f2:7a:3a:2d:a3:0d:5c:9b:81:f0:20:bb:6a:ed:
65:5d:23:22:59:80:4d:08:fc:37:73:6d:17:7d:b9:
b7:7a:f1:1c:33:3e:e4:17:34:98:f6:39:3d:78:66:
69:64:14:ed:b7:a7:db:39:56:76:2a:65:21:70:bb:
34:03:12:3f:f2:c1:40:a8:24:26:9c:3e:bf:39:bd:
1d:d6:d7:d3:83:f7:a6:f8:75:80:c0:b2:dc:4e:cc:
79:c9:88:57:1a:da:4c:be:62:8e:60:32:d9:3c:13:
20:20:7d:ed:35:d1:86:b3:ca:12:97:5f:03:08:74:
96:ef:23:91:1a:16:b5:d1:70:4d:b6:29:29:70:05:
4e:c0:ab:35:d0:4d:e4:60:5e:f8:e6:2d:d1:3b:a3:
c4:a8:bd:a3:85:da:3e:83:37:a4:bb:77:d5:d9:b2:
16:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:DC:4D:8E:E9:B5:A4:90:7F:6D:91:A2:3A:56:A4:45:95:92:4B:94
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yNxNjum1pJB_bZGiOlakRZWSS5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.66.0/24
45.128.235.0/24
87.121.44.0/24
94.156.235.0/24
185.225.75.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:f8:4c:f6:f0:78:ad:a5:bd:ea:6c:a2:e8:f1:92:e4:04:77:
71:9d:83:29:fd:03:7b:29:99:3d:a6:41:72:c9:38:05:4a:42:
63:4e:3f:df:38:73:f6:b3:58:4d:1c:85:b7:cd:f8:6a:28:32:
98:77:90:db:cf:9b:6e:27:16:6f:bb:92:2b:92:76:e4:3c:5a:
b9:97:de:7f:f5:0e:b6:1d:33:94:25:d3:e0:77:c8:70:53:cf:
37:a9:90:f3:a1:2f:1d:82:de:5a:0b:b6:b3:84:ad:e4:3a:c4:
6d:cf:14:ea:2b:27:bb:98:69:9a:fc:4e:29:f3:e8:24:c1:c2:
aa:32:21:c0:c6:51:25:0b:e3:a6:6d:64:42:73:fa:2e:fe:27:
44:83:53:d3:2c:14:4f:0f:ed:e8:28:8e:8c:5c:14:01:20:45:
2a:13:a3:ff:44:8f:1b:2f:46:bc:f2:ef:54:2c:d2:20:35:a4:
84:01:b2:34:06:aa:7b:d4:52:36:d8:84:d8:40:da:f2:b5:a5:
19:35:fe:02:c3:85:5d:33:37:c5:9c:3d:22:72:46:7f:60:b8:
22:c8:60:35:67:41:c4:6d:1b:76:b0:70:72:b8:1f:1b:70:ff:
a4:9a:5b:1d:df:bb:b2:86:5c:c6:92:ed:48:c0:e5:5a:98:7c:
1f:25:c7:4f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYd6dBmJ1jlvyYacfU8Xhos+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDEzMTE1MDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGRjNGQ4ZWU5YjVhNDkwN2Y2ZDkxYTIzYTU2YTQ0NTk1OTI0Yjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta3/6MsoaiYKhwy3B0Pg3V9Yr8/o
zmcn6+GhRYkoPCX9HdUZm+09UlAQ3a1yOCkONVd9goxRVFKyswNZvP212cwVFGlv
eHXkLsvuQ1kgXpgmvIxZSvKFnGYh8no6LaMNXJuB8CC7au1lXSMiWYBNCPw3c20X
fbm3evEcMz7kFzSY9jk9eGZpZBTtt6fbOVZ2KmUhcLs0AxI/8sFAqCQmnD6/Ob0d
1tfTg/em+HWAwLLcTsx5yYhXGtpMvmKOYDLZPBMgIH3tNdGGs8oSl18DCHSW7yOR
Gha10XBNtikpcAVOwKs10E3kYF745i3RO6PEqL2jhdo+gzeku3fV2bIWQwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMjcTY7ptaSQf22RojpWpEWVkkuUMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveU54Tmp1bTFwSkJfYlpHaU9sYWtSWldTUzVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVhCAwQA
LYDrAwQAV3ksAwQAXpzrAwQAueFLMA0GCSqGSIb3DQEBCwUAA4IBAQB7+Ez28Hit
pb3qbKLo8ZLkBHdxnYMp/QN7KZk9pkFyyTgFSkJjTj/fOHP2s1hNHIW3zfhqKDKY
d5Dbz5tuJxZvu5IrknbkPFq5l95/9Q62HTOUJdPgd8hwU883qZDzoS8dgt5aC7az
hK3kOsRtzxTqKye7mGma/E4p8+gkwcKqMiHAxlElC+OmbWRCc/ou/idEg1PTLBRP
D+3oKI6MXBQBIEUqE6P/RI8bL0a88u9ULNIgNaSEAbI0Bqp71FI22ITYQNrytaUZ
Nf4Cw4VdMzfFnD0ickZ/YLgiyGA1Z0HEbRt2sHByuB8bcP+kmlsd37uyhlzGku1I
wOVamHwfJcdP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:44 2023 by rpki-client on console-ams.rpki-client.org