Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/UKkxeFrb63_7t5UVUS0-1pSPFgU.roa
File: UKkxeFrb63_7t5UVUS0-1pSPFgU.roa (raw, json)
Hash identifier: 9geLMSr47BOkYwKQgEa2o2ysoguQwfU3JpKHK5FUgYI=
Subject key identifier: 50:A9:31:78:5A:DB:EB:7F:FB:B7:95:15:51:2D:3E:D6:94:8F:16:05
Certificate issuer: /CN=47312b28074cb8dfad155178ca254bdb4f5e711a
Certificate serial: 0185DF5FD591E51C106F21945B94B32070B0
Authority key identifier: 47:31:2B:28:07:4C:B8:DF:AD:15:51:78:CA:25:4B:DB:4F:5E:71:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RzErKAdMuN-tFVF4yiVL209ecRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/UKkxeFrb63_7t5UVUS0-1pSPFgU.roa
Signing time: Mon 23 Jan 2023 16:04:37 +0000
ROA not before: Mon 23 Jan 2023 16:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 45.153.67.0/24 maxlen: 24
45.153.66.0/24 maxlen: 24
45.153.65.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:df:5f:d5:91:e5:1c:10:6f:21:94:5b:94:b3:20:70:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47312b28074cb8dfad155178ca254bdb4f5e711a
Validity
Not Before: Jan 23 16:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=50a931785adbeb7ffbb79515512d3ed6948f1605
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:72:ae:75:d3:2a:39:32:04:9f:08:7e:e7:95:
c0:74:41:23:cf:29:5e:43:82:45:c3:a5:dc:87:17:
2e:65:c4:54:ce:d0:2e:68:d2:1c:c0:af:b2:f5:16:
f6:37:47:7c:0d:03:fd:20:5f:ca:0f:24:90:2c:90:
a8:b5:5f:91:5f:00:75:b4:c8:40:a5:aa:5c:91:3f:
2b:fc:1f:15:7d:f6:90:3c:73:8b:33:a3:76:e3:e8:
a4:04:e0:93:b7:09:eb:df:e0:58:75:06:d3:b2:9e:
b1:23:82:48:5e:4e:5f:64:c5:82:a6:53:89:19:f0:
13:35:26:6b:2f:88:68:21:6e:f2:66:97:86:52:99:
b0:4b:f5:1c:05:1d:39:af:3d:af:b2:41:c5:95:8c:
79:06:77:95:c8:3e:45:23:07:da:b3:eb:7e:11:e4:
15:c7:25:11:20:04:a3:8f:c2:bd:cd:27:50:c2:c2:
be:f5:79:4c:a5:c5:34:30:15:3b:a7:a4:a9:86:81:
69:a5:f0:56:1d:ec:3c:b6:5a:2d:b2:4e:6b:a5:0d:
2f:0a:8f:c3:0d:72:02:93:0a:d6:2a:20:c2:a9:69:
6f:c6:71:98:0f:38:ea:af:ea:a2:1e:11:05:c1:6a:
91:f1:d4:e5:70:b0:19:da:16:c3:53:7d:82:0b:77:
b0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:A9:31:78:5A:DB:EB:7F:FB:B7:95:15:51:2D:3E:D6:94:8F:16:05
X509v3 Authority Key Identifier:
keyid:47:31:2B:28:07:4C:B8:DF:AD:15:51:78:CA:25:4B:DB:4F:5E:71:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzErKAdMuN-tFVF4yiVL209ecRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/UKkxeFrb63_7t5UVUS0-1pSPFgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/827dcd-5695-41e6-bbfb-88e15fb19f74/1/RzErKAdMuN-tFVF4yiVL209ecRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.65.0-45.153.67.255
Signature Algorithm: sha256WithRSAEncryption
73:1b:9f:d3:3b:15:a7:3c:03:ca:e4:bd:be:3a:6e:89:06:7d:
63:e5:e1:7e:96:47:25:f9:64:c6:5e:61:38:22:8d:3e:e6:c4:
3e:5a:01:33:12:11:47:36:cc:de:8d:4e:58:d2:5a:af:b0:ac:
64:c1:46:d6:b4:e8:34:ea:b0:b4:06:75:84:d0:ec:7d:d7:bb:
a1:bd:d7:87:9c:72:87:ce:06:9d:b2:d4:79:69:b9:f9:fd:08:
b1:d7:82:f7:ef:7e:a4:3a:b4:42:72:6c:09:09:03:1e:a7:42:
37:5d:c5:62:c9:c8:5e:8e:25:47:08:f8:a5:8a:67:e4:03:be:
48:f5:3b:d2:11:b8:bc:06:4b:a0:ec:5a:af:93:05:d5:7c:13:
a4:71:a1:1f:cf:7a:05:48:0c:29:f0:6f:c9:b3:49:ef:5e:64:
83:e6:eb:55:0c:88:67:ed:72:26:d7:0e:6a:02:93:08:8e:02:
0e:cb:05:8f:2b:b7:07:f6:3e:b4:6c:bb:98:0f:4d:47:83:ec:
13:18:44:24:2f:1b:71:c7:80:85:91:31:6d:2c:ba:46:d7:f4:
ac:3b:7c:ef:ef:2c:6d:41:bb:99:dd:d8:cf:fc:cf:d0:80:4b:
c3:e2:e3:14:6c:d1:a9:f6:78:12:eb:5e:37:f7:4e:8f:43:74:
d0:94:26:6f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYXfX9WR5RwQbyGUW5SzIHCwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MzEyYjI4MDc0Y2I4ZGZhZDE1NTE3OGNhMjU0YmRiNGY1
ZTcxMWEwHhcNMjMwMTIzMTYwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGE5MzE3ODVhZGJlYjdmZmJiNzk1MTU1MTJkM2VkNjk0OGYxNjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznKuddMqOTIEnwh+55XAdEEjzyle
Q4JFw6XchxcuZcRUztAuaNIcwK+y9Rb2N0d8DQP9IF/KDySQLJCotV+RXwB1tMhA
papckT8r/B8VffaQPHOLM6N24+ikBOCTtwnr3+BYdQbTsp6xI4JIXk5fZMWCplOJ
GfATNSZrL4hoIW7yZpeGUpmwS/UcBR05rz2vskHFlYx5BneVyD5FIwfas+t+EeQV
xyURIASjj8K9zSdQwsK+9XlMpcU0MBU7p6SphoFppfBWHew8tlotsk5rpQ0vCo/D
DXICkwrWKiDCqWlvxnGYDzjqr+qiHhEFwWqR8dTlcLAZ2hbDU32CC3ewcwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFCpMXha2+t/+7eVFVEtPtaUjxYFMB8GA1UdIwQY
MBaAFEcxKygHTLjfrRVReMolS9tPXnEaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpFcktBZE11Ti10RlZGNHlpVkwyMDllY1JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84MjdkY2QtNTY5NS00MWU2LWJiZmIt
ODhlMTVmYjE5Zjc0LzEvVUtreGVGcmI2M183dDVVVlVTMC0xcFNQRmdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi84MjdkY2QtNTY5NS00MWU2LWJiZmItODhlMTVmYjE5Zjc0
LzEvUnpFcktBZE11Ti10RlZGNHlpVkwyMDllY1JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtmUED
BAItmUAwDQYJKoZIhvcNAQELBQADggEBAHMbn9M7Fac8A8rkvb46bokGfWPl4X6W
RyX5ZMZeYTgijT7mxD5aATMSEUc2zN6NTljSWq+wrGTBRta06DTqsLQGdYTQ7H3X
u6G914eccofOBp2y1Hlpufn9CLHXgvfvfqQ6tEJybAkJAx6nQjddxWLJyF6OJUcI
+KWKZ+QDvkj1O9IRuLwGS6DsWq+TBdV8E6RxoR/PegVIDCnwb8mzSe9eZIPm61UM
iGftcibXDmoCkwiOAg7LBY8rtwf2PrRsu5gPTUeD7BMYRCQvG3HHgIWRMW0sukbX
9Kw7fO/vLG1Bu5nd2M/8z9CAS8Pi4xRs0an2eBLrXjf3To9DdNCUJm8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:16 2023 by rpki-client on console-ams.rpki-client.org