Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/N5XUb5VommfjcCbobYrxhSmfsg0.roa
File: N5XUb5VommfjcCbobYrxhSmfsg0.roa (raw, json)
Hash identifier: yQGNs+Outu8Ylj+LV0pntUEpLQaNjmIgvjT6D0YPQDg=
Subject key identifier: 37:95:D4:6F:95:68:9A:67:E3:70:26:E8:6D:8A:F1:85:29:9F:B2:0D
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018340D493CF1419D0528DDDACB951A9168B
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/N5XUb5VommfjcCbobYrxhSmfsg0.roa
Signing time: Thu 15 Sep 2022 11:06:56 +0000
ROA not before: Thu 15 Sep 2022 11:06:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 45.144.56.0/22 maxlen: 22
45.146.8.0/22 maxlen: 22
45.144.160.0/22 maxlen: 22
45.150.128.0/22 maxlen: 22
2a11:6980::/29 maxlen: 29
2a12:5780::/29 maxlen: 29
2a11:f980::/29 maxlen: 29
2a11:9080::/29 maxlen: 29
2a11:df80::/29 maxlen: 29
2a11:fa80::/29 maxlen: 29
2a11:9180::/29 maxlen: 29
2a11:6780::/29 maxlen: 29
2a11:a780::/29 maxlen: 29
2a11:6880::/29 maxlen: 29
2a11:9280::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:40:d4:93:cf:14:19:d0:52:8d:dd:ac:b9:51:a9:16:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Sep 15 11:06:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3795d46f95689a67e37026e86d8af185299fb20d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:43:5b:b4:1d:84:21:34:37:19:6e:a3:b0:d4:
76:b7:17:00:0a:9a:b9:f2:92:88:a4:16:63:75:ae:
b8:e2:56:28:80:30:80:77:e7:a1:00:d7:32:d0:c6:
b3:30:97:1d:f1:e7:44:bf:ef:6b:24:b1:92:18:0e:
19:5b:fc:43:4d:7f:e6:ca:be:0f:ef:ff:db:c9:95:
90:e5:8d:3e:8a:f3:b4:3b:3a:7c:cc:e5:27:e4:f8:
f3:8d:dd:03:18:a1:99:85:7d:fd:9d:bb:36:2e:a3:
cd:7a:06:ae:7a:72:a8:97:47:48:48:8b:43:4c:c1:
f6:d8:e0:ee:13:9d:ed:65:fe:96:1f:65:46:9b:59:
17:1b:f8:e3:21:68:99:0a:95:86:fc:20:c9:c4:83:
fc:23:7b:53:aa:d0:bd:e2:b6:06:a1:63:8e:a7:f9:
b7:e2:33:15:81:a8:04:f7:8f:ba:44:34:b5:3f:0d:
d6:15:93:bd:5c:e9:f9:9a:2b:54:88:0f:83:d4:61:
c9:53:f8:93:89:3c:35:c3:58:22:93:d3:06:a4:a9:
dd:d5:23:c0:68:f2:79:1b:ff:9c:57:14:2d:5f:5d:
7d:52:fc:cf:92:d6:7e:a6:8d:77:73:57:54:f0:33:
95:8f:0e:7c:7e:0d:32:33:e2:b4:88:46:61:63:48:
a3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:95:D4:6F:95:68:9A:67:E3:70:26:E8:6D:8A:F1:85:29:9F:B2:0D
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/N5XUb5VommfjcCbobYrxhSmfsg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.56.0/22
45.144.160.0/22
45.146.8.0/22
45.150.128.0/22
IPv6:
2a11:6780::/29
2a11:6880::/29
2a11:6980::/29
2a11:9080::/29
2a11:9180::/29
2a11:9280::/29
2a11:a780::/29
2a11:df80::/29
2a11:f980::/29
2a11:fa80::/29
2a12:5780::/29
Signature Algorithm: sha256WithRSAEncryption
18:4c:25:1a:c6:61:d0:8d:a1:e1:dc:09:cd:91:df:4b:cc:70:
14:86:94:e5:f6:6e:97:28:a3:4d:cc:98:68:7b:75:3a:0d:84:
27:dc:a1:5b:a3:8f:04:78:1a:a0:d2:bc:bc:94:cb:5a:92:60:
c2:87:e2:81:87:49:c8:02:c2:86:67:51:e9:7d:28:b4:6f:90:
9f:f5:48:5a:67:6a:32:fd:7d:37:e3:3c:ea:c3:65:6e:4e:c5:
0c:ae:29:64:19:b4:1e:31:60:fb:b4:4f:2a:03:3e:90:6e:64:
91:94:d2:a3:17:56:fb:23:72:1f:4d:90:63:4c:07:3a:48:65:
d1:bc:03:65:3b:a8:bc:77:c9:4e:1f:88:c4:d9:84:78:97:66:
5f:96:b4:a1:94:50:09:18:73:6b:50:87:e8:26:1f:b1:d6:12:
6e:b0:f8:7a:07:01:0f:20:5d:eb:10:19:92:77:d5:3d:f1:e1:
00:67:35:d4:4b:ef:63:1c:ee:f2:19:69:fc:14:fb:f0:00:91:
f0:82:90:f7:f5:89:6c:18:3e:65:24:66:07:42:f1:98:7f:e5:
a2:be:b0:b1:b5:0e:64:06:df:c1:6e:14:97:06:46:7c:11:7b:
e0:68:03:95:87:19:13:d5:70:8f:cb:bd:f1:10:3a:7a:0c:0f:
b9:2e:6f:1a
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAYNA1JPPFBnQUo3drLlRqRaLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjIwOTE1MTEwNjU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzk1ZDQ2Zjk1Njg5YTY3ZTM3MDI2ZTg2ZDhhZjE4NTI5OWZiMjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhENbtB2EITQ3GW6jsNR2txcACpq5
8pKIpBZjda644lYogDCAd+ehANcy0MazMJcd8edEv+9rJLGSGA4ZW/xDTX/myr4P
7//byZWQ5Y0+ivO0Ozp8zOUn5Pjzjd0DGKGZhX39nbs2LqPNegauenKol0dISItD
TMH22ODuE53tZf6WH2VGm1kXG/jjIWiZCpWG/CDJxIP8I3tTqtC94rYGoWOOp/m3
4jMVgagE94+6RDS1Pw3WFZO9XOn5mitUiA+D1GHJU/iTiTw1w1gik9MGpKnd1SPA
aPJ5G/+cVxQtX119UvzPktZ+po13c1dU8DOVjw58fg0yM+K0iEZhY0ijRQIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFDeV1G+VaJpn43Am6G2K8YUpn7INMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvTjVYVWI1Vm9tbWZqY0Nib2JZcnhoU21mc2cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwHgQCAAEwGAMEAi2QOAME
Ai2QoAMEAi2SCAMEAi2WgDBTBAIAAjBNAwUDKhFngAMFAyoRaIADBQMqEWmAAwUD
KhGQgAMFAyoRkYADBQMqEZKAAwUDKhGngAMFAyoR34ADBQMqEfmAAwUDKhH6gAMF
AyoSV4AwDQYJKoZIhvcNAQELBQADggEBABhMJRrGYdCNoeHcCc2R30vMcBSGlOX2
bpcoo03MmGh7dToNhCfcoVujjwR4GqDSvLyUy1qSYMKH4oGHScgCwoZnUel9KLRv
kJ/1SFpnajL9fTfjPOrDZW5OxQyuKWQZtB4xYPu0TyoDPpBuZJGU0qMXVvsjch9N
kGNMBzpIZdG8A2U7qLx3yU4fiMTZhHiXZl+WtKGUUAkYc2tQh+gmH7HWEm6w+HoH
AQ8gXesQGZJ31T3x4QBnNdRL72Mc7vIZafwU+/AAkfCCkPf1iWwYPmUkZgdC8Zh/
5aK+sLG1DmQG38FuFJcGRnwRe+BoA5WHGRPVcI/LvfEQOnoMD7kubxo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:06 2023 by rpki-client on console-fra.rpki-client.org