Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/hRLBY9uhdjc7lKxe-X_1Sn8313s.roa
File: hRLBY9uhdjc7lKxe-X_1Sn8313s.roa (raw, json)
Hash identifier: kiUGvFcgXm3OJcYgtKjauAhqAPmqil2Jq75SrLDts8M=
Subject key identifier: 85:12:C1:63:DB:A1:76:37:3B:94:AC:5E:F9:7F:F5:4A:7F:37:D7:7B
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01837A8FD078579587DFD14583B0B40BA970
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/hRLBY9uhdjc7lKxe-X_1Sn8313s.roa
Signing time: Mon 26 Sep 2022 16:09:48 +0000
ROA not before: Mon 26 Sep 2022 16:09:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207238
IP address blocks: 45.150.44.0/22 maxlen: 22
91.242.102.0/24 maxlen: 24
2.57.212.0/22 maxlen: 22
91.242.68.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7a:8f:d0:78:57:95:87:df:d1:45:83:b0:b4:0b:a9:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 26 16:09:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8512c163dba176373b94ac5ef97ff54a7f37d77b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:90:59:f7:9f:f3:23:3f:bd:0f:e6:fa:d9:a0:
45:73:94:f6:92:32:5a:4b:1b:ac:7d:e3:c8:55:ab:
2b:64:00:ff:e1:6a:c6:ee:58:6d:35:2e:5f:b6:80:
d9:c3:2a:0b:dd:77:dd:a7:53:c9:f0:4e:b6:80:a7:
91:a2:34:9c:a9:cd:68:45:d3:fb:cb:db:52:53:87:
06:0c:6f:bd:84:61:77:aa:58:20:e4:82:09:af:29:
14:9c:d5:aa:5c:74:db:d6:d0:d0:9e:be:9e:f9:10:
83:2c:81:52:d5:ba:cb:10:db:92:2a:da:78:c1:da:
99:0d:b2:74:23:06:ed:64:17:fb:da:a6:2e:d3:7a:
b7:21:3d:25:62:fa:e1:59:f9:97:76:ac:0d:06:09:
79:3f:39:37:c3:f6:7b:aa:8e:4d:e6:b2:f4:65:9c:
fe:c7:51:2b:07:35:c7:e4:70:dc:30:b2:7b:9b:c0:
c3:63:a6:d8:b3:b0:ef:09:87:b9:94:82:e9:81:eb:
bc:96:da:b3:0b:da:74:a1:07:c0:78:ce:fc:5b:f7:
9f:4a:20:a2:94:0e:f6:66:39:85:e9:43:2e:bd:2d:
55:41:52:aa:af:69:79:4b:b8:23:cd:cd:4f:0d:2f:
9c:fb:f5:ea:f1:06:de:5c:ab:d8:8b:55:03:4b:52:
bb:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:12:C1:63:DB:A1:76:37:3B:94:AC:5E:F9:7F:F5:4A:7F:37:D7:7B
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/hRLBY9uhdjc7lKxe-X_1Sn8313s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.212.0/22
45.150.44.0/22
91.242.68.0/23
91.242.102.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:99:c4:b9:e4:09:2c:57:71:91:47:1a:fd:0b:1f:f8:f5:62:
48:bf:a8:50:d4:c5:13:88:ce:f9:65:b4:79:15:06:d3:1e:3d:
10:10:af:f5:19:4e:41:f8:d5:91:ae:2d:02:6c:b1:a8:37:67:
02:e6:d4:28:84:e3:92:ab:58:7d:6e:1d:c0:f7:41:41:2c:93:
38:bb:9b:68:1d:a4:25:a9:52:7b:bf:de:12:ac:f3:0c:99:70:
c2:fb:41:86:87:61:ad:27:b6:1c:8f:f1:bc:64:e3:7c:dc:cd:
a1:d9:21:fe:f7:4b:18:12:70:0e:01:1e:67:ff:a1:f8:46:22:
0b:b2:98:e2:7a:25:04:f6:18:ee:a9:e0:3e:2c:3a:c4:72:2c:
62:4e:da:ab:c1:83:de:44:76:5c:47:c5:19:7d:dd:f0:30:a4:
90:b7:76:13:e6:7b:34:77:62:0a:93:03:6a:ca:e7:7d:04:fb:
fd:7b:72:2c:95:c7:8b:84:ab:09:85:0d:a5:58:ea:ca:ff:be:
63:1f:75:d1:c5:6b:81:52:78:a7:3c:a4:3e:21:8a:b0:34:86:
06:6a:6d:49:93:33:d4:40:52:90:50:0c:ba:50:e5:7c:7c:e2:
96:a7:54:85:6a:69:a4:c5:c8:b3:5d:fa:18:31:b4:69:24:aa:
d3:d8:b8:85
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYN6j9B4V5WH39FFg7C0C6lwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwOTI2MTYwOTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTEyYzE2M2RiYTE3NjM3M2I5NGFjNWVmOTdmZjU0YTdmMzdkNzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJBZ95/zIz+9D+b62aBFc5T2kjJa
SxusfePIVasrZAD/4WrG7lhtNS5ftoDZwyoL3Xfdp1PJ8E62gKeRojScqc1oRdP7
y9tSU4cGDG+9hGF3qlgg5IIJrykUnNWqXHTb1tDQnr6e+RCDLIFS1brLENuSKtp4
wdqZDbJ0IwbtZBf72qYu03q3IT0lYvrhWfmXdqwNBgl5Pzk3w/Z7qo5N5rL0ZZz+
x1ErBzXH5HDcMLJ7m8DDY6bYs7DvCYe5lILpgeu8ltqzC9p0oQfAeM78W/efSiCi
lA72ZjmF6UMuvS1VQVKqr2l5S7gjzc1PDS+c+/Xq8QbeXKvYi1UDS1K7QQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIUSwWPboXY3O5SsXvl/9Up/N9d7MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvaFJMQlk5dWhkamM3bEt4ZS1YXzFTbjgzMTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjnUAwQC
LZYsAwQBW/JEAwQAW/JmMA0GCSqGSIb3DQEBCwUAA4IBAQBbmcS55AksV3GRRxr9
Cx/49WJIv6hQ1MUTiM75ZbR5FQbTHj0QEK/1GU5B+NWRri0CbLGoN2cC5tQohOOS
q1h9bh3A90FBLJM4u5toHaQlqVJ7v94SrPMMmXDC+0GGh2GtJ7Ycj/G8ZON83M2h
2SH+90sYEnAOAR5n/6H4RiILspjieiUE9hjuqeA+LDrEcixiTtqrwYPeRHZcR8UZ
fd3wMKSQt3YT5ns0d2IKkwNqyud9BPv9e3IslceLhKsJhQ2lWOrK/75jH3XRxWuB
UninPKQ+IYqwNIYGam1JkzPUQFKQUAy6UOV8fOKWp1SFammkxcizXfoYMbRpJKrT
2LiF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org