Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/m4uhaJUD4ZqgaWnM12bwpAzRP_o.roa
File: m4uhaJUD4ZqgaWnM12bwpAzRP_o.roa (raw, json)
Hash identifier: QbMvnFBr7ff+5nGJ4cUXBvhl9Ux+l7x+So8dqjZsqGc=
Subject key identifier: 9B:8B:A1:68:95:03:E1:9A:A0:69:69:CC:D7:66:F0:A4:0C:D1:3F:FA
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01837A0BFBCE4869D500CE5CE4FA4593744B
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/m4uhaJUD4ZqgaWnM12bwpAzRP_o.roa
Signing time: Mon 26 Sep 2022 13:45:49 +0000
ROA not before: Mon 26 Sep 2022 13:45:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205770
IP address blocks: 45.145.40.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7a:0b:fb:ce:48:69:d5:00:ce:5c:e4:fa:45:93:74:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 26 13:45:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b8ba1689503e19aa06969ccd766f0a40cd13ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1e:d6:f3:e3:12:66:d8:d5:96:8e:5c:33:10:
b0:e3:35:47:12:b4:91:d4:1c:ac:a0:7b:f7:36:cc:
26:8f:9b:3b:da:49:62:0c:82:5f:b4:12:42:13:94:
e2:a4:81:91:fa:dd:86:fb:c5:e1:27:ce:f3:1a:8f:
31:68:52:ec:b2:bc:41:16:a4:32:6d:35:93:43:52:
0d:51:94:ef:69:a1:87:2f:3a:18:7e:84:e2:d7:6a:
0f:27:e2:93:b5:9a:0f:ed:88:7f:94:e3:53:2c:70:
b9:01:e4:b4:b2:c5:01:f2:0c:c3:f4:76:b9:7a:a9:
78:09:92:89:1d:ed:82:38:bf:fd:82:02:75:d6:13:
60:b4:c7:6d:d8:39:91:38:a5:88:74:7d:28:26:18:
6a:c0:c1:3e:b1:d6:a3:e6:21:53:d3:5f:f9:38:a0:
6c:95:2d:de:52:f3:7b:43:09:d0:e6:c7:5d:6d:1d:
a3:92:c7:2c:af:f2:a7:2b:4b:92:5c:66:7c:c4:13:
bb:ea:08:91:f9:e5:76:97:10:96:7b:7f:a5:a9:b5:
de:03:4b:12:e8:36:fe:ed:b4:ca:68:50:c1:aa:06:
6c:c9:fe:ce:d3:dd:f5:d8:e8:82:07:a8:ca:99:91:
f6:d6:1d:d7:45:75:27:23:7b:aa:c9:7e:4a:69:e1:
83:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:8B:A1:68:95:03:E1:9A:A0:69:69:CC:D7:66:F0:A4:0C:D1:3F:FA
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/m4uhaJUD4ZqgaWnM12bwpAzRP_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.40.0/22
Signature Algorithm: sha256WithRSAEncryption
51:38:51:bb:f0:b7:bc:e4:0e:f2:69:9f:63:53:9e:62:0f:a1:
95:28:50:53:d9:8c:15:23:c7:03:4b:1f:d6:5a:94:b7:ab:31:
82:8f:46:29:85:f1:69:a2:97:1d:51:61:c4:28:c9:38:46:eb:
10:41:47:2d:c5:7a:d2:a9:72:11:e0:b7:ae:e0:f4:5a:af:96:
0d:56:b7:b0:09:69:04:fc:eb:d9:1b:dc:ab:9c:c2:dd:81:be:
38:9d:1d:a7:9a:2f:5d:9d:1a:89:4b:81:5c:c9:44:50:97:ee:
63:b8:62:0e:0e:86:09:d8:09:d9:68:f1:b0:3b:a9:92:b6:ed:
6d:c1:e3:e0:52:df:75:df:78:bb:67:b7:b8:c8:df:13:7c:de:
48:a0:07:a2:d0:54:f7:f0:ee:1b:9f:c8:e7:cb:2f:4a:17:a6:
21:7b:54:69:82:d6:fc:e2:f2:6f:42:9a:96:d8:99:7c:b4:db:
93:32:4a:2a:9c:20:56:97:78:5e:4d:b4:12:c7:d7:a8:41:a8:
69:69:d4:b7:29:37:5c:e4:27:21:da:6a:3d:90:87:64:16:4e:
77:c6:1c:91:e0:5d:81:0d:a1:9f:ba:0c:75:f7:20:f9:be:12:
f0:7f:79:02:52:c6:08:eb:13:57:69:d3:b3:3c:5f:0d:f8:e7:
ed:87:43:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYN6C/vOSGnVAM5c5PpFk3RLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwOTI2MTM0NTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjhiYTE2ODk1MDNlMTlhYTA2OTY5Y2NkNzY2ZjBhNDBjZDEzZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkx7W8+MSZtjVlo5cMxCw4zVHErSR
1BysoHv3Nswmj5s72kliDIJftBJCE5TipIGR+t2G+8XhJ87zGo8xaFLssrxBFqQy
bTWTQ1INUZTvaaGHLzoYfoTi12oPJ+KTtZoP7Yh/lONTLHC5AeS0ssUB8gzD9Ha5
eql4CZKJHe2COL/9ggJ11hNgtMdt2DmROKWIdH0oJhhqwME+sdaj5iFT01/5OKBs
lS3eUvN7QwnQ5sddbR2jkscsr/KnK0uSXGZ8xBO76giR+eV2lxCWe3+lqbXeA0sS
6Db+7bTKaFDBqgZsyf7O09312OiCB6jKmZH21h3XRXUnI3uqyX5KaeGDnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJuLoWiVA+GaoGlpzNdm8KQM0T/6MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvbTR1aGFKVUQ0WnFnYVduTTEyYndwQXpSUF9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZEoMA0G
CSqGSIb3DQEBCwUAA4IBAQBROFG78Le85A7yaZ9jU55iD6GVKFBT2YwVI8cDSx/W
WpS3qzGCj0YphfFpopcdUWHEKMk4RusQQUctxXrSqXIR4Leu4PRar5YNVrewCWkE
/OvZG9yrnMLdgb44nR2nmi9dnRqJS4FcyURQl+5juGIODoYJ2AnZaPGwO6mStu1t
wePgUt9133i7Z7e4yN8TfN5IoAei0FT38O4bn8jnyy9KF6Yhe1Rpgtb84vJvQpqW
2Jl8tNuTMkoqnCBWl3heTbQSx9eoQahpadS3KTdc5Cch2mo9kIdkFk53xhyR4F2B
DaGfugx19yD5vhLwf3kCUsYI6xNXadOzPF8N+Ofth0Mk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:27 2024 by rpki-client on console-ams.rpki-client.org