Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/tl9e0aUZjY21Wutith68gnQHem8.roa
File: tl9e0aUZjY21Wutith68gnQHem8.roa (raw, json)
Hash identifier: 6bz7yURtlY/zNWYBmhQLIane6ocX5ult2rg5036/+Ls=
Subject key identifier: B6:5F:5E:D1:A5:19:8D:8D:B5:5A:EB:62:B6:1E:BC:82:74:07:7A:6F
Certificate issuer: /CN=2864bb34fb5d16ca9d1fa3f9794cb48d4bed8473
Certificate serial: 05542872
Authority key identifier: 28:64:BB:34:FB:5D:16:CA:9D:1F:A3:F9:79:4C:B4:8D:4B:ED:84:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KGS7NPtdFsqdH6P5eUy0jUvthHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/tl9e0aUZjY21Wutith68gnQHem8.roa
Signing time: Sat 01 Jan 2022 15:05:22 +0000
ROA not before: Sat 01 Jan 2022 15:05:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59456
IP address blocks: 194.99.58.0/23 maxlen: 23
194.99.66.0/23 maxlen: 23
45.150.96.0/22 maxlen: 22
45.88.128.0/22 maxlen: 22
45.137.4.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89401458 (0x5542872)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2864bb34fb5d16ca9d1fa3f9794cb48d4bed8473
Validity
Not Before: Jan 1 15:05:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b65f5ed1a5198d8db55aeb62b61ebc8274077a6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c3:e8:71:4f:c1:ad:3b:85:f4:7e:cc:87:a9:
ba:4c:ac:ea:1b:34:f3:20:ce:0d:e6:49:b5:35:e3:
c6:b9:ea:2a:97:41:95:c7:b3:5c:0f:1e:13:0f:eb:
85:05:5a:ba:08:ad:1e:2f:ca:ec:0d:42:6d:28:79:
9d:ed:df:2d:95:cf:ed:af:1a:9a:11:f3:0f:cf:7f:
c4:08:47:59:ea:15:3c:ed:a0:93:a7:38:b7:c6:4a:
04:3c:8b:8f:0e:97:a6:95:f9:0a:58:44:67:e3:43:
a8:49:53:1b:29:6b:76:7e:bd:5f:bb:2e:71:39:02:
29:2e:9c:05:7c:35:cd:a3:de:07:1a:50:90:12:24:
c6:43:f8:64:d5:79:8c:74:dd:a4:68:f5:da:bb:f9:
a8:15:8f:6e:f8:a1:ad:24:c3:6b:43:74:e6:36:2e:
da:37:14:9c:b6:b8:34:db:3d:ae:3e:96:d4:4c:75:
eb:11:d8:cd:61:98:c0:4b:2e:fc:06:6e:ac:67:bf:
b5:5c:92:01:35:10:ea:5b:79:94:39:96:47:57:92:
dc:08:74:5f:ad:3b:87:a8:5e:30:18:d0:97:18:f0:
0a:70:f8:10:9e:82:ce:96:21:41:32:96:0d:76:b0:
93:61:36:b0:d1:f9:5d:6d:e5:87:a3:03:e9:a7:0d:
e7:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:5F:5E:D1:A5:19:8D:8D:B5:5A:EB:62:B6:1E:BC:82:74:07:7A:6F
X509v3 Authority Key Identifier:
keyid:28:64:BB:34:FB:5D:16:CA:9D:1F:A3:F9:79:4C:B4:8D:4B:ED:84:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGS7NPtdFsqdH6P5eUy0jUvthHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/tl9e0aUZjY21Wutith68gnQHem8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/47f445-5ea9-437d-a59a-5900a5947b8d/1/KGS7NPtdFsqdH6P5eUy0jUvthHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.128.0/22
45.137.4.0/22
45.150.96.0/22
194.99.58.0/23
194.99.66.0/23
Signature Algorithm: sha256WithRSAEncryption
12:59:ca:27:58:cb:a0:85:6b:e0:77:80:ea:15:6e:4a:20:38:
32:d5:7b:c3:22:2b:9f:c1:2c:ea:95:4d:a4:80:c6:9a:bd:aa:
48:92:5d:9e:a5:52:dd:96:ae:5f:ee:4a:c7:00:fa:04:e0:ef:
5c:50:18:39:db:66:2a:8f:39:7e:5c:0c:6d:58:79:d7:a3:cf:
1a:7b:9d:1c:26:7c:7e:e0:45:73:6e:bf:48:0b:9b:e5:f8:d5:
5a:c7:ba:85:b9:a9:c2:28:a5:56:12:7c:d4:6b:14:01:3b:6d:
70:76:78:a3:f0:97:68:ab:45:db:23:cb:e7:2f:14:45:90:fe:
ba:1e:ab:68:60:60:33:a9:bf:31:27:8f:72:c0:48:05:82:bc:
ef:f1:f4:bd:65:e8:04:bc:ca:32:4b:5e:23:c9:12:9b:26:80:
05:7a:5f:af:85:0b:e9:b3:f2:f8:54:83:1e:1e:7d:50:5f:43:
8f:ea:a0:92:ab:5e:db:c2:7d:aa:98:74:c2:33:7f:ab:67:3e:
1e:35:8d:b1:e7:80:d1:68:f9:a5:c6:eb:48:89:1c:53:02:e9:
9e:8b:3e:e6:95:5f:8a:38:90:b2:f3:63:a4:eb:d6:be:8b:ed:
14:2f:09:3d:78:e2:c7:46:a3:32:2b:9b:f2:65:cb:80:94:46:
69:fa:16:4f
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEBVQocjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODY0YmIzNGZiNWQxNmNhOWQxZmEzZjk3OTRjYjQ4ZDRiZWQ4NDczMB4XDTIyMDEw
MTE1MDUyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjY1ZjVlZDFhNTE5
OGQ4ZGI1NWFlYjYyYjYxZWJjODI3NDA3N2E2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANvD6HFPwa07hfR+zIepukys6hs08yDODeZJtTXjxrnqKpdB
lcezXA8eEw/rhQVaugitHi/K7A1CbSh5ne3fLZXP7a8amhHzD89/xAhHWeoVPO2g
k6c4t8ZKBDyLjw6XppX5ClhEZ+NDqElTGylrdn69X7sucTkCKS6cBXw1zaPeBxpQ
kBIkxkP4ZNV5jHTdpGj12rv5qBWPbvihrSTDa0N05jYu2jcUnLa4NNs9rj6W1Ex1
6xHYzWGYwEsu/AZurGe/tVySATUQ6lt5lDmWR1eS3Ah0X607h6heMBjQlxjwCnD4
EJ6CzpYhQTKWDXawk2E2sNH5XW3lh6MD6acN5xsCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBS2X17RpRmNjbVa62K2HryCdAd6bzAfBgNVHSMEGDAWgBQoZLs0+10Wyp0f
o/l5TLSNS+2EczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tHUzdOUHRkRnNxZEg2UDVlVXkwalV2dGhITS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvNDdmNDQ1LTVlYTktNDM3ZC1hNTlhLTU5MDBhNTk0N2I4ZC8x
L3RsOWUwYVVaalkyMVd1dGl0aDY4Z25RSGVtOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
NDdmNDQ1LTVlYTktNDM3ZC1hNTlhLTU5MDBhNTk0N2I4ZC8xL0tHUzdOUHRkRnNx
ZEg2UDVlVXkwalV2dGhITS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAi1YgAMEAi2JBAMEAi2WYAMEAcJj
OgMEAcJjQjANBgkqhkiG9w0BAQsFAAOCAQEAElnKJ1jLoIVr4HeA6hVuSiA4MtV7
wyIrn8Es6pVNpIDGmr2qSJJdnqVS3ZauX+5KxwD6BODvXFAYOdtmKo85flwMbVh5
16PPGnudHCZ8fuBFc26/SAub5fjVWse6hbmpwiilVhJ81GsUATttcHZ4o/CXaKtF
2yPL5y8URZD+uh6raGBgM6m/MSePcsBIBYK87/H0vWXoBLzKMkteI8kSmyaABXpf
r4UL6bPy+FSDHh59UF9Dj+qgkqte28J9qph0wjN/q2c+HjWNseeA0Wj5pcbrSIkc
UwLpnos+5pVfijiQsvNjpOvWvovtFC8JPXjix0ajMiub8mXLgJRGafoWTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:06 2024 by rpki-client on console-ams.rpki-client.org