Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4uVNY05pytIslW9GsYUVrtWZKYQ.roa
File: 4uVNY05pytIslW9GsYUVrtWZKYQ.roa (raw, json)
Hash identifier: Sv4ov54i9fpIb730OZkS/4KAjHSwZj3p+9z+JFd1uoI=
Subject key identifier: E2:E5:4D:63:4E:69:CA:D2:2C:95:6F:46:B1:85:15:AE:D5:99:29:84
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7BFE820BEC40F888274C888EACED6
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4uVNY05pytIslW9GsYUVrtWZKYQ.roa
Signing time: Mon 02 Jan 2023 08:44:57 +0000
ROA not before: Mon 02 Jan 2023 08:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209961
IP address blocks: 45.150.44.0/22 maxlen: 22
2.57.212.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:bf:e8:20:be:c4:0f:88:82:74:c8:88:ea:ce:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2e54d634e69cad22c956f46b18515aed5992984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:19:d0:70:6b:6c:b9:9d:8a:01:04:0a:26:56:
bc:4a:5a:5e:d9:08:a4:af:0e:2b:9a:a7:41:c8:da:
3f:3d:99:51:95:83:47:72:d2:f2:8a:11:c4:8c:34:
43:73:4d:d1:5a:5d:88:07:87:3b:35:02:04:40:f5:
1d:4c:df:fc:f5:d3:e5:d5:5e:ff:9c:b8:ce:0a:a3:
c4:65:b7:3c:eb:95:e2:56:61:5b:a8:26:37:22:02:
ac:65:f1:ff:99:e8:25:d1:c2:b4:04:16:09:19:82:
85:8c:21:fd:99:9b:6d:04:4e:bc:6b:1e:e3:06:db:
b2:90:ee:8c:5c:0a:c3:5c:a2:2d:75:03:a3:80:9d:
83:3a:17:d4:93:de:54:75:cb:fc:b0:d5:87:af:29:
6e:75:7b:6f:19:c8:a1:c0:b8:d3:7e:df:0b:7d:ab:
72:d1:f9:08:b9:14:36:e3:2c:07:a5:57:e7:9b:32:
bd:a3:46:c5:f0:2c:0f:36:8c:bb:bf:8e:8f:ce:ca:
dd:2d:46:1f:4f:05:67:53:b8:13:70:06:f9:db:01:
a9:6c:db:94:b0:fa:6d:1b:4c:22:9d:e7:a0:7b:5f:
c9:85:7f:e0:5b:21:59:97:e1:84:1e:2e:68:4e:05:
e2:75:a7:e3:46:a0:e2:44:28:c7:2d:0e:f7:d0:f8:
8f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:E5:4D:63:4E:69:CA:D2:2C:95:6F:46:B1:85:15:AE:D5:99:29:84
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4uVNY05pytIslW9GsYUVrtWZKYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.212.0/22
45.150.44.0/22
Signature Algorithm: sha256WithRSAEncryption
65:53:7f:ab:5e:11:3b:71:c2:eb:81:2c:9c:be:ee:3b:d8:48:
ca:64:62:94:52:db:37:a0:87:f8:40:70:24:22:82:54:5a:47:
72:d9:f0:00:90:70:c4:1e:27:5a:b9:69:84:7a:84:83:6a:b0:
56:ed:d4:e6:3b:d7:da:dc:08:b8:5d:d5:ca:b3:2d:8c:a4:33:
83:09:20:2f:e7:e2:0a:04:e1:32:7e:b0:a9:89:16:6a:4a:95:
2b:5b:5d:f4:88:0e:2a:71:17:f0:63:c9:c5:0f:1d:db:5b:e8:
7d:1d:8f:ad:2e:d1:35:37:2d:68:71:38:9b:bc:22:9e:ac:da:
ca:69:39:b3:74:b0:b9:aa:2d:0a:06:f5:1f:14:e4:45:28:40:
cd:70:fe:d4:b2:4b:71:18:99:0a:38:2a:d3:23:05:5b:04:32:
e3:55:11:82:05:c3:87:7e:10:77:d0:8f:23:4d:82:9d:e4:2b:
df:f3:53:14:7c:aa:3b:c5:a8:ef:d5:12:5f:f6:27:df:d2:74:
5a:28:e3:c2:b7:41:fc:71:c3:63:79:b2:d2:48:d2:bf:29:b3:
c2:f7:da:55:91:15:f9:cd:e2:5c:67:14:7d:f3:e7:17:8d:f6:
7e:b8:b1:9b:6b:06:14:81:1a:df:d5:41:ee:8f:df:58:50:7c:
84:d8:49:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxp7/oIL7ED4iCdMiI6s7WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmU1NGQ2MzRlNjljYWQyMmM5NTZmNDZiMTg1MTVhZWQ1OTkyOTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+BnQcGtsuZ2KAQQKJla8Slpe2Qik
rw4rmqdByNo/PZlRlYNHctLyihHEjDRDc03RWl2IB4c7NQIEQPUdTN/89dPl1V7/
nLjOCqPEZbc865XiVmFbqCY3IgKsZfH/megl0cK0BBYJGYKFjCH9mZttBE68ax7j
BtuykO6MXArDXKItdQOjgJ2DOhfUk95Udcv8sNWHryludXtvGcihwLjTft8Lfaty
0fkIuRQ24ywHpVfnmzK9o0bF8CwPNoy7v46PzsrdLUYfTwVnU7gTcAb52wGpbNuU
sPptG0wineege1/JhX/gWyFZl+GEHi5oTgXidafjRqDiRCjHLQ730PiPuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOLlTWNOacrSLJVvRrGFFa7VmSmEMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvNHVWTlkwNXB5dElzbFc5R3NZVVZydFdaS1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCAjnUAwQC
LZYsMA0GCSqGSIb3DQEBCwUAA4IBAQBlU3+rXhE7ccLrgSycvu472EjKZGKUUts3
oIf4QHAkIoJUWkdy2fAAkHDEHidauWmEeoSDarBW7dTmO9fa3Ai4XdXKsy2MpDOD
CSAv5+IKBOEyfrCpiRZqSpUrW130iA4qcRfwY8nFDx3bW+h9HY+tLtE1Ny1ocTib
vCKerNrKaTmzdLC5qi0KBvUfFORFKEDNcP7UsktxGJkKOCrTIwVbBDLjVRGCBcOH
fhB30I8jTYKd5Cvf81MUfKo7xajv1RJf9iff0nRaKOPCt0H8ccNjebLSSNK/KbPC
99pVkRX5zeJcZxR98+cXjfZ+uLGbawYUgRrf1UHuj99YUHyE2Eno
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:25 2024 by rpki-client on console-ams.rpki-client.org