Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/i0Yh-olUmqZPKNR1sdsChGOXk5s.roa
File: i0Yh-olUmqZPKNR1sdsChGOXk5s.roa (raw, json)
Hash identifier: aa3gyYVC7EGg0caSdQqYuKs6TwZ1pIJDlZCcTmUQ9Mo=
Subject key identifier: 8B:46:21:FA:89:54:9A:A6:4F:28:D4:75:B1:DB:02:84:63:97:93:9B
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 52B338
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/i0Yh-olUmqZPKNR1sdsChGOXk5s.roa
Signing time: Sat 01 Jan 2022 02:52:01 +0000
ROA not before: Sat 01 Jan 2022 02:52:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 45.144.160.0/22 maxlen: 22
45.144.56.0/22 maxlen: 22
45.146.8.0/22 maxlen: 22
45.150.128.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5419832 (0x52b338)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 02:52:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b4621fa89549aa64f28d475b1db02846397939b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6f:2f:50:cd:f9:ee:f6:e8:83:cf:5f:a0:3f:
cb:c6:86:5c:42:d5:78:98:7f:33:22:1e:e4:52:26:
7e:cc:48:02:34:0a:f3:fd:fb:73:67:de:a9:3b:de:
10:76:0e:53:c3:70:2b:b5:eb:db:de:78:8c:61:b9:
e9:22:94:9b:ec:31:8e:43:11:7d:53:23:54:99:84:
df:90:45:f0:85:05:21:90:c1:2d:d9:de:b9:87:24:
df:56:da:ed:28:4a:5e:2b:fe:59:68:8b:03:9f:29:
7b:0c:7c:3b:dc:54:f8:3a:e2:d6:97:ad:cf:e7:33:
bb:c8:ad:85:73:f9:ae:84:f0:5f:df:36:c5:bd:6c:
31:43:68:a9:d5:78:ad:e3:fe:4d:ea:b9:2f:38:dc:
a5:ba:e3:62:e1:29:a2:4a:1c:06:ef:b9:84:55:32:
2e:49:91:a2:9c:5e:ce:38:d2:fd:99:c2:16:4f:77:
2a:4d:66:4a:d9:83:81:54:e5:17:63:1b:97:12:dc:
36:36:66:c5:2b:cb:49:e6:b5:47:34:c6:bb:c3:5e:
da:d0:39:05:15:a2:c8:5e:5e:78:10:d0:0d:a4:88:
91:6f:0b:99:06:4f:43:f9:9e:26:44:3a:bd:d3:6f:
7f:11:89:3c:07:30:dc:78:a4:7b:b4:d8:87:ac:1d:
19:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:46:21:FA:89:54:9A:A6:4F:28:D4:75:B1:DB:02:84:63:97:93:9B
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/i0Yh-olUmqZPKNR1sdsChGOXk5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.56.0/22
45.144.160.0/22
45.146.8.0/22
45.150.128.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:c1:9d:cf:71:84:86:0a:b5:cb:32:dd:1c:79:eb:1d:aa:51:
ad:36:17:42:c2:95:28:b9:39:0c:c4:63:d6:33:bd:e7:78:e9:
5c:cb:99:8b:2d:53:61:23:fd:79:2e:03:1e:39:b9:c1:f9:dd:
1b:4f:62:28:10:96:ad:8f:e7:33:a9:de:82:be:c3:c6:92:b6:
60:c2:8a:ea:d7:30:e0:2c:8c:99:f9:67:79:07:4a:e1:b9:79:
95:2a:39:f7:57:0c:a5:30:5e:74:20:92:4a:e3:9d:cf:ce:e1:
27:25:2b:1e:7a:59:78:d0:6b:32:39:76:96:97:e7:b1:8f:04:
2f:01:6c:d5:15:58:64:2e:4a:bd:5e:2a:5e:bd:85:99:c3:4c:
2d:03:02:f5:02:28:52:41:29:dc:ba:72:23:20:b2:31:a2:37:
88:d0:a4:1f:d0:4b:8d:5b:86:92:e7:f5:3d:d8:ef:7c:ae:cb:
bc:b0:10:48:56:1c:ee:27:74:1e:e7:84:42:db:7a:6f:9a:b3:
c7:e9:51:76:1b:3a:b2:4f:08:e4:0a:0f:ca:da:d9:59:74:ee:
8e:af:d3:4b:77:47:c5:09:1d:ec:42:3c:c1:15:dd:78:48:24:
08:a1:81:ee:99:da:96:2b:f7:28:da:bd:3f:11:61:88:3c:36:
bc:cc:d3:49
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDUrM4MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBk
Mjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVlNzM2NjQwHhcNMjIwMTAx
MDI1MjAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4YjQ2MjFmYTg5NTQ5
YWE2NGYyOGQ0NzViMWRiMDI4NDYzOTc5MzliMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuW8vUM357vbog89foD/LxoZcQtV4mH8zIh7kUiZ+zEgCNArz
/ftzZ96pO94Qdg5Tw3Artevb3niMYbnpIpSb7DGOQxF9UyNUmYTfkEXwhQUhkMEt
2d65hyTfVtrtKEpeK/5ZaIsDnyl7DHw73FT4OuLWl63P5zO7yK2Fc/muhPBf3zbF
vWwxQ2ip1Xit4/5N6rkvONyluuNi4SmiShwG77mEVTIuSZGinF7OONL9mcIWT3cq
TWZK2YOBVOUXYxuXEtw2NmbFK8tJ5rVHNMa7w17a0DkFFaLIXl54ENANpIiRbwuZ
Bk9D+Z4mRDq9029/EYk8BzDceKR7tNiHrB0ZpwIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFItGIfqJVJqmTyjUdbHbAoRjl5ObMB8GA1UdIwQYMBaAFA0pmQQsXiAGvVrr
egXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5LzEv
aTBZaC1vbFVtcVpQS05SMXNkc0NoR09YazVzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8y
YzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5LzEvRFNtWkJDeGVJQWE5
V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLZA4AwQCLZCgAwQCLZIIAwQCLZaA
MA0GCSqGSIb3DQEBCwUAA4IBAQBMwZ3PcYSGCrXLMt0ceesdqlGtNhdCwpUouTkM
xGPWM73neOlcy5mLLVNhI/15LgMeObnB+d0bT2IoEJatj+czqd6CvsPGkrZgworq
1zDgLIyZ+Wd5B0rhuXmVKjn3VwylMF50IJJK453PzuEnJSseell40GsyOXaWl+ex
jwQvAWzVFVhkLkq9XipevYWZw0wtAwL1AihSQSncunIjILIxojeI0KQf0EuNW4aS
5/U92O98rsu8sBBIVhzuJ3Qe54RC23pvmrPH6VF2GzqyTwjkCg/K2tlZdO6Or9NL
d0fFCR3sQjzBFd14SCQIoYHumdqWK/co2r0/EWGIPDa8zNNJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:51 2023 by rpki-client on console-ams.rpki-client.org