Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/e87567-6dd8-4a60-921e-2a0722ae1644/1/4WjbPHVEkcu6AQ0Oi9Adc92lXr0.roa
File: 4WjbPHVEkcu6AQ0Oi9Adc92lXr0.roa (raw, json)
Hash identifier: sfTfoy9bB5cUu2RLL3cTwnQU40lP2pzCo8ZL/no1F4I=
Subject key identifier: E1:68:DB:3C:75:44:91:CB:BA:01:0D:0E:8B:D0:1D:73:DD:A5:5E:BD
Certificate issuer: /CN=cd6bf60eb08f1e23aba8ba797c1172444ce15b71
Certificate serial: 01E6F19A
Authority key identifier: CD:6B:F6:0E:B0:8F:1E:23:AB:A8:BA:79:7C:11:72:44:4C:E1:5B:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWv2DrCPHiOrqLp5fBFyREzhW3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/e87567-6dd8-4a60-921e-2a0722ae1644/1/4WjbPHVEkcu6AQ0Oi9Adc92lXr0.roa
Signing time: Sat 01 Jan 2022 15:58:59 +0000
ROA not before: Sat 01 Jan 2022 15:58:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 45.150.144.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31912346 (0x1e6f19a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd6bf60eb08f1e23aba8ba797c1172444ce15b71
Validity
Not Before: Jan 1 15:58:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e168db3c754491cbba010d0e8bd01d73dda55ebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:35:c1:34:60:97:1b:a4:17:a2:47:7f:8f:1b:
87:79:46:d0:8b:d3:94:72:e2:77:63:b7:2c:ec:98:
e8:5e:ba:70:42:3d:4c:51:b7:aa:15:ee:18:b3:0d:
b8:4d:61:33:45:aa:e9:99:25:8b:68:b2:04:7b:f0:
e9:e8:2a:ef:9e:b6:08:4b:12:21:d7:88:09:a4:b3:
df:42:53:97:36:99:bc:98:58:e9:94:b4:e5:a0:d4:
d7:ca:69:07:71:04:f5:da:d8:13:62:4a:da:39:3b:
10:04:71:84:ca:4b:5a:a1:f9:bf:07:d0:c7:91:d8:
ff:c7:08:16:3e:53:5f:fa:14:26:14:0c:91:aa:91:
4d:e6:fd:8f:24:b8:5d:40:5d:fd:fd:98:36:44:00:
35:db:03:bc:a7:2f:4c:c2:5d:8b:60:dc:88:c2:e7:
70:6d:ef:1e:ab:f5:ae:c4:10:fd:39:e7:03:e8:7f:
07:74:72:df:8b:aa:ff:4f:c3:7d:f6:84:e4:3c:00:
57:e2:9d:01:8e:ca:24:9b:9e:8d:70:2f:d5:de:69:
d5:a3:c8:aa:fd:a2:a2:04:2e:e9:54:c8:0b:bf:0a:
49:54:b3:61:24:f0:3c:04:76:8f:83:97:25:05:51:
36:5d:4c:bb:c7:ad:c7:ab:d4:11:4c:e2:39:3b:bf:
b2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:68:DB:3C:75:44:91:CB:BA:01:0D:0E:8B:D0:1D:73:DD:A5:5E:BD
X509v3 Authority Key Identifier:
keyid:CD:6B:F6:0E:B0:8F:1E:23:AB:A8:BA:79:7C:11:72:44:4C:E1:5B:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWv2DrCPHiOrqLp5fBFyREzhW3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e87567-6dd8-4a60-921e-2a0722ae1644/1/4WjbPHVEkcu6AQ0Oi9Adc92lXr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e87567-6dd8-4a60-921e-2a0722ae1644/1/zWv2DrCPHiOrqLp5fBFyREzhW3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.144.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:6a:fa:6d:ad:e6:00:c7:35:9a:b3:0f:e5:ef:63:e0:fa:c6:
4a:40:fc:0a:a9:21:f0:c9:b8:51:45:b9:53:fc:6b:bd:67:2f:
26:ee:27:ce:2e:b0:34:41:c1:fc:d5:5d:74:aa:17:b8:23:47:
98:12:45:a5:94:db:5c:5c:15:f8:00:da:75:01:7a:55:af:ae:
c3:60:96:46:9a:d1:d5:53:e4:e8:9d:18:ef:cb:a2:ae:a4:17:
77:fc:88:7c:04:80:9d:fe:9a:90:28:ef:bf:d3:3c:78:b9:21:
1d:d7:c6:1a:3a:c2:eb:9e:ed:1b:e1:2a:46:3e:77:af:e4:69:
55:0f:70:db:46:d3:98:98:8c:41:e2:43:ff:e8:2e:da:5d:09:
a2:00:a9:65:d0:23:7c:af:a7:15:df:a0:e8:33:77:fc:6d:d3:
0a:a2:e4:21:2b:28:03:2d:93:9d:7d:0a:0b:c2:b3:45:52:7d:
ff:15:39:be:f0:d6:23:1a:f2:d4:73:8d:58:ff:26:5a:a7:62:
5f:40:70:4d:d8:9d:08:8f:0e:13:fc:f6:4d:06:c2:09:47:b7:
05:7f:2b:f2:37:55:48:a3:6d:d8:52:1d:36:42:29:f3:33:53:
8f:95:96:ff:b2:73:87:94:80:f0:9b:c0:b0:80:df:5a:d2:3d:
8f:7b:5c:0f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAebxmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDZiZjYwZWIwOGYxZTIzYWJhOGJhNzk3YzExNzI0NDRjZTE1YjcxMB4XDTIyMDEw
MTE1NTg1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTE2OGRiM2M3NTQ0
OTFjYmJhMDEwZDBlOGJkMDFkNzNkZGE1NWViZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPw1wTRglxukF6JHf48bh3lG0IvTlHLid2O3LOyY6F66cEI9
TFG3qhXuGLMNuE1hM0Wq6Zkli2iyBHvw6egq7562CEsSIdeICaSz30JTlzaZvJhY
6ZS05aDU18ppB3EE9drYE2JK2jk7EARxhMpLWqH5vwfQx5HY/8cIFj5TX/oUJhQM
kaqRTeb9jyS4XUBd/f2YNkQANdsDvKcvTMJdi2DciMLncG3vHqv1rsQQ/TnnA+h/
B3Ry34uq/0/DffaE5DwAV+KdAY7KJJuejXAv1d5p1aPIqv2iogQu6VTIC78KSVSz
YSTwPAR2j4OXJQVRNl1Mu8etx6vUEUziOTu/sgsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBThaNs8dUSRy7oBDQ6L0B1z3aVevTAfBgNVHSMEGDAWgBTNa/YOsI8eI6uo
unl8EXJETOFbcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pXdjJEckNQSGlPcnFMcDVmQkZ5UkV6aFczRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvZTg3NTY3LTZkZDgtNGE2MC05MjFlLTJhMDcyMmFlMTY0NC8x
LzRXamJQSFZFa2N1NkFRME9pOUFkYzkybFhyMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
ZTg3NTY3LTZkZDgtNGE2MC05MjFlLTJhMDcyMmFlMTY0NC8xL3pXdjJEckNQSGlP
cnFMcDVmQkZ5UkV6aFczRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2WkDANBgkqhkiG9w0BAQsFAAOC
AQEAbWr6ba3mAMc1mrMP5e9j4PrGSkD8Cqkh8Mm4UUW5U/xrvWcvJu4nzi6wNEHB
/NVddKoXuCNHmBJFpZTbXFwV+ADadQF6Va+uw2CWRprR1VPk6J0Y78uirqQXd/yI
fASAnf6akCjvv9M8eLkhHdfGGjrC657tG+EqRj53r+RpVQ9w20bTmJiMQeJD/+gu
2l0JogCpZdAjfK+nFd+g6DN3/G3TCqLkISsoAy2TnX0KC8KzRVJ9/xU5vvDWIxry
1HONWP8mWqdiX0BwTdidCI8OE/z2TQbCCUe3BX8r8jdVSKNt2FIdNkIp8zNTj5WW
/7Jzh5SA8JvAsIDfWtI9j3tcDw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:30 2023 by rpki-client on console-ams.rpki-client.org