Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/ZtUkRB52Sp76PqT-o5rEiUMTHTs.roa
File: ZtUkRB52Sp76PqT-o5rEiUMTHTs.roa (raw, json)
Hash identifier: BZ0B8vLhYbpEY4eaA0YodhqJd77t1YwiA3mmRsCBKoM=
Subject key identifier: 66:D5:24:44:1E:76:4A:9E:FA:3E:A4:FE:A3:9A:C4:89:43:13:1D:3B
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018529184B30CDA28C4B4E475AAD42F390FB
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/ZtUkRB52Sp76PqT-o5rEiUMTHTs.roa
Signing time: Mon 19 Dec 2022 06:35:36 +0000
ROA not before: Mon 19 Dec 2022 06:35:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 45.144.160.0/22 maxlen: 22
45.144.56.0/22 maxlen: 22
45.146.8.0/22 maxlen: 22
45.149.220.0/22 maxlen: 22
45.150.128.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:18:4b:30:cd:a2:8c:4b:4e:47:5a:ad:42:f3:90:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Dec 19 06:35:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=66d524441e764a9efa3ea4fea39ac48943131d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fb:89:7c:41:85:ce:3f:79:e3:43:0b:31:f5:
58:c2:75:bf:c1:12:56:91:c9:2c:e2:63:94:2d:cc:
d3:6f:0a:b2:64:30:1b:ea:8a:c9:ed:d4:7d:c8:80:
44:cc:e2:1b:95:4e:dd:c7:70:0f:d1:c8:1f:2b:6e:
42:03:d0:04:90:6c:92:94:d2:51:ba:01:ed:37:89:
4a:69:38:de:60:92:4d:c7:fd:3f:60:68:77:c5:ca:
80:cd:1a:b7:65:6c:aa:da:87:19:c4:4f:21:81:33:
5b:88:e0:c2:48:b5:38:d7:ed:13:f5:1e:bb:59:3c:
3d:cd:1c:b3:41:a6:c2:e8:ea:de:d8:9f:3c:78:94:
58:dd:19:19:99:57:0d:5d:83:3a:c7:31:2c:d6:72:
5c:88:21:de:94:42:64:69:11:da:da:b8:35:dd:ea:
57:23:9c:de:a0:d0:3a:c3:69:3a:c3:82:4c:62:5e:
46:cf:79:2c:f5:c1:35:18:5a:8a:3f:a1:b4:ec:20:
47:ec:55:51:97:ba:b9:5f:08:29:db:d7:13:23:19:
c7:df:63:19:fb:94:48:5a:fb:6d:cd:61:c8:0b:9d:
e1:f9:25:78:c0:e3:5d:3e:a7:1f:f4:9f:5d:a7:05:
de:8e:78:e0:28:0b:a6:05:f5:3a:6c:d7:0e:4b:27:
af:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D5:24:44:1E:76:4A:9E:FA:3E:A4:FE:A3:9A:C4:89:43:13:1D:3B
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/ZtUkRB52Sp76PqT-o5rEiUMTHTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.56.0/22
45.144.160.0/22
45.146.8.0/22
45.149.220.0/22
45.150.128.0/22
Signature Algorithm: sha256WithRSAEncryption
17:b5:1b:62:a3:dc:38:6b:cf:2d:78:5f:23:b2:6c:37:b0:00:
34:ca:e3:39:9f:6a:1c:eb:d6:81:fa:28:72:69:99:68:e4:d0:
4b:32:8b:39:75:92:fe:57:a5:bb:bd:cc:e7:2a:cf:31:a7:7f:
93:70:ea:05:59:10:68:e2:a7:f6:ef:47:6f:48:22:69:8f:68:
e1:1c:29:c1:5d:29:2d:0a:b5:dd:ff:74:ec:4b:93:c1:e0:ac:
1a:d2:1c:ee:5c:68:83:f3:eb:a2:fa:d5:28:34:1a:21:d9:3c:
d8:83:bd:5c:70:be:46:0c:ef:e8:cd:70:4a:59:88:9c:e5:5a:
05:dd:76:7b:b3:2c:d6:75:96:57:aa:1c:58:d8:c4:51:bc:83:
7d:b4:ea:17:a4:4c:aa:22:6a:5e:ac:eb:fb:f7:63:dd:3d:a9:
3a:c5:6b:83:1f:1d:72:d7:96:13:d0:74:65:97:50:22:79:51:
b4:54:d4:97:c3:dd:08:02:e1:a8:aa:45:f0:50:0a:54:86:b2:
8b:3c:5f:03:cb:82:71:22:8e:5f:1b:a1:9b:9f:27:10:b5:3d:
26:15:8a:42:52:81:8e:57:0a:8c:d7:8d:76:c1:df:ea:20:5b:
6b:f4:16:fd:d5:f3:f8:78:c7:b8:21:43:f2:6f:02:f8:42:73:
99:62:d3:9f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYUpGEswzaKMS05HWq1C85D7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjIxMjE5MDYzNTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmQ1MjQ0NDFlNzY0YTllZmEzZWE0ZmVhMzlhYzQ4OTQzMTMxZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/uJfEGFzj9540MLMfVYwnW/wRJW
kcks4mOULczTbwqyZDAb6orJ7dR9yIBEzOIblU7dx3AP0cgfK25CA9AEkGySlNJR
ugHtN4lKaTjeYJJNx/0/YGh3xcqAzRq3ZWyq2ocZxE8hgTNbiODCSLU41+0T9R67
WTw9zRyzQabC6Ore2J88eJRY3RkZmVcNXYM6xzEs1nJciCHelEJkaRHa2rg13epX
I5zeoNA6w2k6w4JMYl5Gz3ks9cE1GFqKP6G07CBH7FVRl7q5Xwgp29cTIxnH32MZ
+5RIWvttzWHIC53h+SV4wONdPqcf9J9dpwXejnjgKAumBfU6bNcOSyev+QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGbVJEQedkqe+j6k/qOaxIlDEx07MB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvWnRVa1JCNTJTcDc2UHFULW81ckVpVU1USFRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLZA4AwQC
LZCgAwQCLZIIAwQCLZXcAwQCLZaAMA0GCSqGSIb3DQEBCwUAA4IBAQAXtRtio9w4
a88teF8jsmw3sAA0yuM5n2oc69aB+ihyaZlo5NBLMos5dZL+V6W7vcznKs8xp3+T
cOoFWRBo4qf270dvSCJpj2jhHCnBXSktCrXd/3TsS5PB4Kwa0hzuXGiD8+ui+tUo
NBoh2TzYg71ccL5GDO/ozXBKWYic5VoF3XZ7syzWdZZXqhxY2MRRvIN9tOoXpEyq
ImperOv792PdPak6xWuDHx1y15YT0HRll1AieVG0VNSXw90IAuGoqkXwUApUhrKL
PF8Dy4JxIo5fG6GbnycQtT0mFYpCUoGOVwqM1412wd/qIFtr9Bb91fP4eMe4IUPy
bwL4QnOZYtOf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:06 2023 by rpki-client on console-fra.rpki-client.org