Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/HUUoZo-cvzlEwwaaVVzhkQpOpYI.roa
File: HUUoZo-cvzlEwwaaVVzhkQpOpYI.roa (raw, json)
Hash identifier: EsraUW+FzVF7UC1gSLIj4TAM18Zjdp5xRh3J5v8KHnM=
Subject key identifier: 1D:45:28:66:8F:9C:BF:39:44:C3:06:9A:55:5C:E1:91:0A:4E:A5:82
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 0182E7FD8E1A9A37D983A8F87501F89E2693
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/HUUoZo-cvzlEwwaaVVzhkQpOpYI.roa
Signing time: Mon 29 Aug 2022 05:05:29 +0000
ROA not before: Mon 29 Aug 2022 05:05:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 45.144.160.0/22 maxlen: 22
45.144.56.0/22 maxlen: 22
45.146.8.0/22 maxlen: 22
45.150.128.0/22 maxlen: 22
2a11:6980::/29 maxlen: 29
2a11:df80::/29 maxlen: 29
2a11:9180::/29 maxlen: 29
2a11:6780::/29 maxlen: 29
2a11:6880::/29 maxlen: 29
2a11:9280::/29 maxlen: 29
2a11:9080::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e7:fd:8e:1a:9a:37:d9:83:a8:f8:75:01:f8:9e:26:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Aug 29 05:05:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d4528668f9cbf3944c3069a555ce1910a4ea582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2a:4e:a4:04:2f:08:2c:5d:ab:a0:3c:0c:b9:
a5:88:23:a2:26:37:2c:04:d2:f6:ed:68:9f:60:1a:
c5:53:02:78:49:40:bf:21:b2:d3:64:fe:11:0d:98:
0c:c7:1e:82:25:c6:d3:95:e0:c0:27:5a:0e:3e:bd:
64:f8:14:fe:ea:c0:8d:76:36:52:79:9b:b6:cb:ec:
ff:82:84:73:e0:a1:f9:60:04:6a:55:c0:d6:a2:95:
45:c7:a2:72:19:e5:bc:1d:39:ba:a4:21:17:a3:72:
50:19:e4:fa:bd:6a:1c:ef:40:ec:d8:89:01:d7:78:
c6:9f:e0:7f:7f:ac:34:b4:92:5f:5e:4e:53:39:7d:
f0:91:79:98:53:6f:24:35:9a:6c:07:50:b1:33:ba:
61:99:50:14:51:6d:93:79:9a:b1:b5:76:21:75:6e:
ed:f4:21:0b:39:24:f3:cd:a2:90:80:0a:d4:fd:01:
4f:7a:f0:eb:be:0e:dd:57:d9:7a:77:02:f5:d1:f5:
b8:4f:ac:10:dc:3b:19:4f:37:2e:83:6b:cb:b1:60:
a9:24:b2:38:27:01:bd:38:0a:a7:9a:92:cb:e3:02:
d9:cb:94:b6:f2:c1:9e:72:fd:fd:d9:7b:7d:77:af:
3d:3e:77:84:b4:77:2e:65:28:d3:73:f6:50:a2:a6:
9e:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:45:28:66:8F:9C:BF:39:44:C3:06:9A:55:5C:E1:91:0A:4E:A5:82
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/HUUoZo-cvzlEwwaaVVzhkQpOpYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.56.0/22
45.144.160.0/22
45.146.8.0/22
45.150.128.0/22
IPv6:
2a11:6780::/29
2a11:6880::/29
2a11:6980::/29
2a11:9080::/29
2a11:9180::/29
2a11:9280::/29
2a11:df80::/29
Signature Algorithm: sha256WithRSAEncryption
30:6e:2b:37:0a:e0:4b:9a:71:5d:cd:0e:a2:61:86:cb:0a:6e:
61:06:10:ba:21:f1:2d:26:af:37:85:73:bf:28:39:b1:79:36:
d9:e2:e2:c1:43:21:53:83:22:57:fb:62:61:ea:53:9b:79:69:
88:fa:17:6b:c5:26:44:47:45:83:30:b4:50:8d:92:e5:61:2d:
bc:eb:b2:e7:98:a6:06:5d:61:50:9e:1f:41:8d:9e:76:c5:3c:
8f:18:e6:c2:96:1f:49:51:6c:04:b7:f4:82:1d:90:33:0d:76:
25:49:31:ba:b3:f9:d4:86:75:9c:61:9a:fd:de:ff:3f:3e:53:
0c:64:ff:a8:47:e4:41:ad:05:7b:c9:98:2a:fd:c9:3e:5f:21:
a5:b6:97:12:89:c7:90:f3:58:cf:a7:ed:ae:bd:9f:d4:9c:2e:
13:ad:66:dd:6e:ba:2e:af:c0:8b:10:ed:7f:f4:f5:d5:9b:9b:
f9:71:18:6f:79:93:3a:e2:b7:13:f6:5d:bd:45:76:1b:99:cc:
63:05:3c:e0:52:4f:7f:35:b1:b3:94:bd:b4:69:9d:3b:a3:2c:
fa:00:7c:79:37:1a:18:1c:8a:d7:bc:a9:88:fb:64:20:2c:fb:
ce:b8:c3:b6:a1:09:a5:07:93:4d:ef:33:fa:4d:46:dc:6a:c3:
bd:f4:86:e9
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYLn/Y4amjfZg6j4dQH4niaTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjIwODI5MDUwNTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDQ1Mjg2NjhmOWNiZjM5NDRjMzA2OWE1NTVjZTE5MTBhNGVhNTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSpOpAQvCCxdq6A8DLmliCOiJjcs
BNL27WifYBrFUwJ4SUC/IbLTZP4RDZgMxx6CJcbTleDAJ1oOPr1k+BT+6sCNdjZS
eZu2y+z/goRz4KH5YARqVcDWopVFx6JyGeW8HTm6pCEXo3JQGeT6vWoc70Ds2IkB
13jGn+B/f6w0tJJfXk5TOX3wkXmYU28kNZpsB1CxM7phmVAUUW2TeZqxtXYhdW7t
9CELOSTzzaKQgArU/QFPevDrvg7dV9l6dwL10fW4T6wQ3DsZTzcug2vLsWCpJLI4
JwG9OAqnmpLL4wLZy5S28sGecv392Xt9d689PneEtHcuZSjTc/ZQoqaeowIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFB1FKGaPnL85RMMGmlVc4ZEKTqWCMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvSFVVb1pvLWN2emxFd3dhYVZWemhrUXBPcFlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTAeBAIAATAYAwQCLZA4AwQC
LZCgAwQCLZIIAwQCLZaAMDcEAgACMDEDBQMqEWeAAwUDKhFogAMFAyoRaYADBQMq
EZCAAwUDKhGRgAMFAyoRkoADBQMqEd+AMA0GCSqGSIb3DQEBCwUAA4IBAQAwbis3
CuBLmnFdzQ6iYYbLCm5hBhC6IfEtJq83hXO/KDmxeTbZ4uLBQyFTgyJX+2Jh6lOb
eWmI+hdrxSZER0WDMLRQjZLlYS2867LnmKYGXWFQnh9BjZ52xTyPGObClh9JUWwE
t/SCHZAzDXYlSTG6s/nUhnWcYZr93v8/PlMMZP+oR+RBrQV7yZgq/ck+XyGltpcS
iceQ81jPp+2uvZ/UnC4TrWbdbrour8CLEO1/9PXVm5v5cRhveZM64rcT9l29RXYb
mcxjBTzgUk9/NbGzlL20aZ07oyz6AHx5NxoYHIrXvKmI+2QgLPvOuMO2oQmlB5NN
7zP6TUbcasO99Ibp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:51 2023 by rpki-client on console-ams.rpki-client.org