Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/ajbG5bTPkUvhORe18KMOMHov6Nk.roa
File: ajbG5bTPkUvhORe18KMOMHov6Nk.roa (raw, json)
Hash identifier: GezaMcFGVIXFH+v9Jnr8g/eUvA36tBX9rNz7kQ3PnKw=
Subject key identifier: 6A:36:C6:E5:B4:CF:91:4B:E1:39:17:B5:F0:A3:0E:30:7A:2F:E8:D9
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 0183CFCD38DD8292D8EE1580B41070DDC95F
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/ajbG5bTPkUvhORe18KMOMHov6Nk.roa
Signing time: Thu 13 Oct 2022 05:24:36 +0000
ROA not before: Thu 13 Oct 2022 05:24:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35913
IP address blocks: 45.86.8.0/22 maxlen: 24
45.153.220.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cf:cd:38:dd:82:92:d8:ee:15:80:b4:10:70:dd:c9:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Oct 13 05:24:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a36c6e5b4cf914be13917b5f0a30e307a2fe8d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:68:32:b8:13:65:3c:88:5f:9f:2e:29:64:3c:
4e:39:c2:b8:0d:50:4f:3f:a5:1d:86:34:ae:05:d1:
00:9b:72:db:e1:00:70:a1:e0:18:71:eb:70:3c:b8:
0c:70:44:20:91:c2:cc:32:cf:23:b4:f6:0c:41:c5:
e8:7f:ad:c0:64:d6:31:b3:fc:ba:64:1b:25:c7:57:
da:96:b6:a6:f6:c6:fd:f1:d0:1c:6e:e4:26:8e:7d:
98:df:82:c7:5c:4f:36:24:ba:18:9a:56:b2:14:8c:
f7:03:8a:10:1f:fe:1d:92:b3:c1:30:be:4b:72:6f:
1d:18:cc:6e:2c:d0:37:49:41:5c:e5:72:e6:e6:d3:
77:66:3f:10:0a:d9:76:a2:07:b8:24:85:05:c6:d3:
a2:26:fa:93:66:c3:f3:48:26:05:1f:0a:ba:16:83:
98:bf:69:c0:03:ca:a2:20:0f:61:10:50:5b:94:eb:
cd:89:d5:5e:ad:eb:4e:26:ea:69:6e:e9:41:1e:11:
47:b6:d8:b2:75:b3:3c:85:c4:47:70:29:02:5d:80:
1e:ff:f0:c6:20:fc:81:2e:e2:80:e6:45:a1:7c:cd:
37:15:93:b3:cc:f5:3e:0c:6d:ba:c4:71:05:14:e5:
d9:3b:5e:14:fd:a9:91:27:a4:42:43:9f:77:b1:b0:
d3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:36:C6:E5:B4:CF:91:4B:E1:39:17:B5:F0:A3:0E:30:7A:2F:E8:D9
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/ajbG5bTPkUvhORe18KMOMHov6Nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.8.0/22
45.153.220.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:11:5b:79:09:45:a7:e5:08:b8:13:48:74:ff:6c:14:17:84:
4b:cd:a0:62:50:48:3e:b4:1d:cf:7a:b9:6c:e9:6f:a7:49:1e:
9e:2e:20:d0:e8:1c:b4:ed:84:aa:54:a7:bf:45:5d:85:13:32:
6f:ae:5d:79:01:8f:df:c5:a2:4b:66:47:d1:b7:45:a6:e4:d2:
44:ea:8b:05:36:a2:ad:d2:3c:fd:93:25:4a:58:87:86:79:65:
35:17:e5:9e:22:eb:25:a4:bb:da:ed:8d:5d:ae:78:6e:73:fa:
e2:29:88:6d:38:da:43:bf:75:89:6c:f3:b0:a4:41:7a:f2:a9:
69:82:37:b7:02:0e:d4:81:c9:30:7c:f8:91:74:7c:f4:6a:98:
91:aa:ad:cf:0c:33:3a:13:e7:4e:fc:bb:88:79:69:7d:58:50:
14:5f:6d:7e:a8:30:4a:bf:c5:f7:a7:31:b7:33:2d:27:99:7f:
3b:7b:c0:08:3a:c7:20:51:6f:16:25:0a:89:ed:fa:dc:ca:cf:
6a:fa:8b:bf:b2:61:5e:60:8a:51:32:49:0b:0c:e1:a1:44:7b:
54:f2:63:fb:9e:ff:bf:ac:4a:b9:44:13:12:e9:6a:38:51:e4:
19:02:3a:94:b7:89:f1:31:76:8c:6a:40:4c:4f:1e:bc:98:96:
28:d7:e9:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPPzTjdgpLY7hWAtBBw3clfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjIxMDEzMDUyNDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTM2YzZlNWI0Y2Y5MTRiZTEzOTE3YjVmMGEzMGUzMDdhMmZlOGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGgyuBNlPIhfny4pZDxOOcK4DVBP
P6UdhjSuBdEAm3Lb4QBwoeAYcetwPLgMcEQgkcLMMs8jtPYMQcXof63AZNYxs/y6
ZBslx1falram9sb98dAcbuQmjn2Y34LHXE82JLoYmlayFIz3A4oQH/4dkrPBML5L
cm8dGMxuLNA3SUFc5XLm5tN3Zj8QCtl2oge4JIUFxtOiJvqTZsPzSCYFHwq6FoOY
v2nAA8qiIA9hEFBblOvNidVeretOJuppbulBHhFHttiydbM8hcRHcCkCXYAe//DG
IPyBLuKA5kWhfM03FZOzzPU+DG26xHEFFOXZO14U/amRJ6RCQ593sbDTqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGo2xuW0z5FL4TkXtfCjDjB6L+jZMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvYWpiRzViVFBrVXZoT1JlMThLTU9NSG92Nk5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVYIAwQC
LZncMA0GCSqGSIb3DQEBCwUAA4IBAQCwEVt5CUWn5Qi4E0h0/2wUF4RLzaBiUEg+
tB3Perls6W+nSR6eLiDQ6By07YSqVKe/RV2FEzJvrl15AY/fxaJLZkfRt0Wm5NJE
6osFNqKt0jz9kyVKWIeGeWU1F+WeIuslpLva7Y1drnhuc/riKYhtONpDv3WJbPOw
pEF68qlpgje3Ag7UgckwfPiRdHz0apiRqq3PDDM6E+dO/LuIeWl9WFAUX21+qDBK
v8X3pzG3My0nmX87e8AIOscgUW8WJQqJ7frcys9q+ou/smFeYIpRMkkLDOGhRHtU
8mP7nv+/rEq5RBMS6Wo4UeQZAjqUt4nxMXaMakBMTx68mJYo1+nu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:24 2024 by rpki-client on console-fra.rpki-client.org