Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/uAEWvFbZOt_4xiQSgSo5XgbIGNo.roa
File: uAEWvFbZOt_4xiQSgSo5XgbIGNo.roa (raw, json)
Hash identifier: blWUV65caWAfaU/5i0Qr0wBf6yV8xZ8B5a0K5T3XGrI=
Subject key identifier: B8:01:16:BC:56:D9:3A:DF:F8:C6:24:12:81:2A:39:5E:06:C8:18:DA
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 01849C6CDA5CE23BE2E777A1364307D92B4B
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/uAEWvFbZOt_4xiQSgSo5XgbIGNo.roa
Signing time: Mon 21 Nov 2022 23:01:30 +0000
ROA not before: Mon 21 Nov 2022 23:01:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6079
IP address blocks: 45.138.0.0/23 maxlen: 23
45.134.176.0/23 maxlen: 23
46.161.218.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9c:6c:da:5c:e2:3b:e2:e7:77:a1:36:43:07:d9:2b:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Nov 21 23:01:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b80116bc56d93adff8c62412812a395e06c818da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ae:3a:a2:d2:ca:1b:ac:63:5d:2c:5c:4c:6d:
45:00:f4:90:3b:82:38:5f:61:17:55:1e:94:d3:64:
26:3e:0a:c9:33:62:38:28:76:97:36:58:45:e8:e3:
c9:96:4c:51:15:00:09:ed:cd:39:66:50:1c:fb:8b:
81:7a:d3:b4:b9:6e:ca:8b:6f:82:a7:73:89:df:1b:
fa:3a:2a:f6:21:d4:92:34:4a:ec:95:60:98:db:34:
cd:b5:a4:21:f6:69:c1:48:6b:a0:c4:d0:4b:76:76:
a9:e7:cd:cc:c1:d6:4f:1c:d1:cb:e2:bb:c0:a4:df:
36:0a:7e:72:11:f1:98:6b:e8:b8:0b:01:bc:39:3b:
b2:c0:17:8f:02:4a:9c:1b:5a:ab:2c:d6:e1:37:71:
72:d6:7c:14:f0:24:91:b2:43:d5:ee:35:80:54:2a:
85:52:54:48:6f:b9:08:76:6c:73:9b:5f:a7:d8:a2:
7d:69:9a:db:0a:b7:54:24:f8:fa:e9:9e:12:af:62:
93:09:b7:b6:40:00:a9:e3:db:95:77:d8:54:e1:a7:
df:98:3a:fe:d8:3f:10:2a:31:bb:cd:af:f6:b1:ff:
1a:9d:a0:0a:19:f4:a6:df:c4:75:c4:be:79:6d:f5:
24:f5:4e:79:87:5a:ef:81:99:58:e7:d3:17:fa:ad:
f1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:01:16:BC:56:D9:3A:DF:F8:C6:24:12:81:2A:39:5E:06:C8:18:DA
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/uAEWvFbZOt_4xiQSgSo5XgbIGNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.176.0/23
45.138.0.0/23
46.161.218.0/23
Signature Algorithm: sha256WithRSAEncryption
35:e0:29:93:28:e9:91:a5:a8:23:f1:13:56:cd:94:37:8b:3c:
6c:f0:da:e4:d4:35:44:6b:92:c5:88:be:00:bd:03:d4:65:60:
bd:88:f1:d1:83:8b:b4:19:30:0e:ce:83:27:58:ac:b3:af:2c:
b3:3f:ae:68:b3:4b:10:3e:c6:91:d8:ce:d6:6a:e4:73:58:71:
58:aa:89:aa:58:1a:29:1b:2d:81:cf:33:af:be:2a:f9:c7:01:
f5:cf:b4:96:b5:c8:46:79:a6:95:e9:f2:67:ad:fa:9a:8e:97:
d4:5c:41:5b:dc:d2:91:57:b4:b8:7d:64:42:5f:a4:17:f8:3a:
66:f0:0d:68:14:2a:a8:3d:85:e2:a1:b6:12:60:fb:ad:16:20:
bd:4d:58:3d:a2:e2:dd:e1:48:f7:46:1f:8b:28:b3:32:7d:e9:
a2:7d:30:ed:68:38:2b:1c:a4:22:c3:1f:05:40:d1:5a:64:13:
be:18:0f:ee:e5:29:ea:e6:36:20:34:52:fd:60:96:d7:91:44:
40:41:90:1f:f2:46:f0:01:40:71:00:cb:52:a7:a0:f7:98:4f:
ad:94:1f:ea:22:0e:a5:64:6b:ab:a4:3b:b7:b8:bc:09:6d:3f:
6d:1b:c9:a1:71:39:27:33:2f:59:25:46:dc:b5:18:b1:49:2f:
a2:ab:6d:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYScbNpc4jvi53ehNkMH2StLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjIxMTIxMjMwMTMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODAxMTZiYzU2ZDkzYWRmZjhjNjI0MTI4MTJhMzk1ZTA2YzgxOGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoq46otLKG6xjXSxcTG1FAPSQO4I4
X2EXVR6U02QmPgrJM2I4KHaXNlhF6OPJlkxRFQAJ7c05ZlAc+4uBetO0uW7Ki2+C
p3OJ3xv6Oir2IdSSNErslWCY2zTNtaQh9mnBSGugxNBLdnap583MwdZPHNHL4rvA
pN82Cn5yEfGYa+i4CwG8OTuywBePAkqcG1qrLNbhN3Fy1nwU8CSRskPV7jWAVCqF
UlRIb7kIdmxzm1+n2KJ9aZrbCrdUJPj66Z4Sr2KTCbe2QACp49uVd9hU4affmDr+
2D8QKjG7za/2sf8anaAKGfSm38R1xL55bfUk9U55h1rvgZlY59MX+q3xLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLgBFrxW2Trf+MYkEoEqOV4GyBjaMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvdUFFV3ZGYlpPdF80eGlRU2dTbzVYZ2JJR05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLYawAwQB
LYoAAwQBLqHaMA0GCSqGSIb3DQEBCwUAA4IBAQA14CmTKOmRpagj8RNWzZQ3izxs
8Nrk1DVEa5LFiL4AvQPUZWC9iPHRg4u0GTAOzoMnWKyzryyzP65os0sQPsaR2M7W
auRzWHFYqomqWBopGy2BzzOvvir5xwH1z7SWtchGeaaV6fJnrfqajpfUXEFb3NKR
V7S4fWRCX6QX+Dpm8A1oFCqoPYXiobYSYPutFiC9TVg9ouLd4Uj3Rh+LKLMyfemi
fTDtaDgrHKQiwx8FQNFaZBO+GA/u5Snq5jYgNFL9YJbXkURAQZAf8kbwAUBxAMtS
p6D3mE+tlB/qIg6lZGurpDu3uLwJbT9tG8mhcTknMy9ZJUbctRixSS+iq20+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org