Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/be8143-a408-49ab-a147-cda117fe830d/1/7PtG2AGtbYF9U5pURRZMmdC2V98.roa
File: 7PtG2AGtbYF9U5pURRZMmdC2V98.roa (raw, json)
Hash identifier: GbAsigPnP/iJC6UHsqSQyk21MvrsPQPBWq/zklO7Mj8=
Subject key identifier: EC:FB:46:D8:01:AD:6D:81:7D:53:9A:54:45:16:4C:99:D0:B6:57:DF
Certificate issuer: /CN=4c04e01231b1db820b1f5d542834ab05f693fd78
Certificate serial: 0726AF36
Authority key identifier: 4C:04:E0:12:31:B1:DB:82:0B:1F:5D:54:28:34:AB:05:F6:93:FD:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TATgEjGx24ILH11UKDSrBfaT_Xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/be8143-a408-49ab-a147-cda117fe830d/1/7PtG2AGtbYF9U5pURRZMmdC2V98.roa
Signing time: Sat 01 Jan 2022 06:57:38 +0000
ROA not before: Sat 01 Jan 2022 06:57:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57757
IP address blocks: 45.80.136.0/24 maxlen: 24
45.80.136.0/22 maxlen: 22
2a0e:4480::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119975734 (0x726af36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c04e01231b1db820b1f5d542834ab05f693fd78
Validity
Not Before: Jan 1 06:57:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ecfb46d801ad6d817d539a5445164c99d0b657df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:53:65:f5:a5:e0:da:55:28:1d:9c:96:14:50:
70:81:c5:72:20:64:26:87:7e:c4:1c:5d:4c:37:b9:
98:f0:1c:23:09:4b:e0:00:dd:52:9f:ad:86:48:83:
31:3e:e4:97:3e:ad:56:6c:a9:6e:66:d2:9c:29:42:
3c:63:f1:42:cd:7e:bb:a5:46:8e:5e:72:e9:21:00:
ed:70:82:44:b8:32:8a:94:d0:ad:ef:89:7d:f8:4e:
ac:8f:48:66:13:08:ad:f8:18:1c:7a:5b:7d:58:f8:
f6:e4:b8:77:27:e3:3d:3c:bf:b4:51:31:96:85:b7:
65:ea:10:14:75:ae:fc:ea:48:6e:7c:60:f7:70:5e:
53:40:b6:dc:7a:2d:0d:f6:ad:a4:ec:9f:63:f7:28:
5c:e2:a9:52:87:0a:fb:a2:17:15:0b:a1:29:ad:2f:
bc:7a:fa:67:29:f0:13:9b:a9:4d:fe:8f:82:06:81:
52:3a:13:87:c6:ef:a5:26:58:09:d2:41:32:70:21:
ef:88:1e:05:30:79:d0:7c:ad:d2:ff:1a:89:94:6f:
2b:4b:82:a4:be:bb:45:be:b9:f6:e0:a8:f0:c4:65:
48:c1:eb:74:f8:4d:81:10:4f:91:91:b9:57:2c:ac:
44:ea:5f:6c:36:43:91:48:f7:8e:21:a5:06:99:13:
4f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:FB:46:D8:01:AD:6D:81:7D:53:9A:54:45:16:4C:99:D0:B6:57:DF
X509v3 Authority Key Identifier:
keyid:4C:04:E0:12:31:B1:DB:82:0B:1F:5D:54:28:34:AB:05:F6:93:FD:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TATgEjGx24ILH11UKDSrBfaT_Xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/be8143-a408-49ab-a147-cda117fe830d/1/7PtG2AGtbYF9U5pURRZMmdC2V98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/be8143-a408-49ab-a147-cda117fe830d/1/TATgEjGx24ILH11UKDSrBfaT_Xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.136.0/22
IPv6:
2a0e:4480::/32
Signature Algorithm: sha256WithRSAEncryption
0b:39:18:2a:6e:de:dd:e5:2f:aa:0d:fd:d9:d9:c0:00:fc:51:
74:2f:0f:40:1c:11:65:83:d9:27:7c:78:ea:d6:de:5b:f7:4d:
47:45:6a:56:31:6f:23:17:c4:67:bb:3f:10:45:1b:2f:e4:5a:
96:61:94:82:00:a3:ef:64:e4:7c:ce:7c:c2:c5:d0:15:cd:f8:
a7:34:64:a4:10:d5:9b:c0:5f:81:95:4a:e7:b3:69:40:7e:68:
79:90:18:c9:38:ad:52:ec:8e:ed:d8:30:ba:1e:aa:94:a3:72:
17:12:e2:ff:b0:4a:1e:11:6a:47:a6:57:4d:dc:52:e8:10:d0:
37:a1:4b:52:f0:19:c5:ea:8d:91:bd:02:6c:25:9d:5e:22:92:
d9:ce:8f:5f:1e:f2:cf:c3:7a:13:b6:ac:7f:12:85:9f:c4:e2:
72:c7:77:12:2f:a0:cd:9e:ac:64:59:1f:f8:1e:e7:4b:3d:7a:
aa:1b:86:02:ce:01:39:c4:ff:41:79:d3:4b:dd:17:6f:6c:f3:
7e:97:45:82:bf:16:1b:9f:ea:27:9c:fc:41:89:cd:12:d9:4f:
1d:11:2c:2f:af:d6:e9:56:ed:c1:46:43:9d:7f:97:99:42:9f:
60:50:e3:52:27:54:d7:55:73:1b:89:bd:d2:72:80:6f:aa:fa:
6e:76:ae:01
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEByavNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YzA0ZTAxMjMxYjFkYjgyMGIxZjVkNTQyODM0YWIwNWY2OTNmZDc4MB4XDTIyMDEw
MTA2NTczOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWNmYjQ2ZDgwMWFk
NmQ4MTdkNTM5YTU0NDUxNjRjOTlkMGI2NTdkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9TZfWl4NpVKB2clhRQcIHFciBkJod+xBxdTDe5mPAcIwlL
4ADdUp+thkiDMT7klz6tVmypbmbSnClCPGPxQs1+u6VGjl5y6SEA7XCCRLgyipTQ
re+JffhOrI9IZhMIrfgYHHpbfVj49uS4dyfjPTy/tFExloW3ZeoQFHWu/OpIbnxg
93BeU0C23HotDfatpOyfY/coXOKpUocK+6IXFQuhKa0vvHr6ZynwE5upTf6PggaB
UjoTh8bvpSZYCdJBMnAh74geBTB50Hyt0v8aiZRvK0uCpL67Rb659uCo8MRlSMHr
dPhNgRBPkZG5VyysROpfbDZDkUj3jiGlBpkTTwkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTs+0bYAa1tgX1TmlRFFkyZ0LZX3zAfBgNVHSMEGDAWgBRMBOASMbHbggsf
XVQoNKsF9pP9eDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RBVGdFakd4MjRJTEgxMVVLRFNyQmZhVF9YZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2UvYmU4MTQzLWE0MDgtNDlhYi1hMTQ3LWNkYTExN2ZlODMwZC8x
LzdQdEcyQUd0YllGOVU1cFVSUlpNbWRDMlY5OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Uv
YmU4MTQzLWE0MDgtNDlhYi1hMTQ3LWNkYTExN2ZlODMwZC8xL1RBVGdFakd4MjRJ
TEgxMVVLRFNyQmZhVF9YZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi1QiDANBAIAAjAHAwUAKg5EgDAN
BgkqhkiG9w0BAQsFAAOCAQEACzkYKm7e3eUvqg392dnAAPxRdC8PQBwRZYPZJ3x4
6tbeW/dNR0VqVjFvIxfEZ7s/EEUbL+RalmGUggCj72TkfM58wsXQFc34pzRkpBDV
m8BfgZVK57NpQH5oeZAYyTitUuyO7dgwuh6qlKNyFxLi/7BKHhFqR6ZXTdxS6BDQ
N6FLUvAZxeqNkb0CbCWdXiKS2c6PXx7yz8N6E7asfxKFn8Ticsd3Ei+gzZ6sZFkf
+B7nSz16qhuGAs4BOcT/QXnTS90Xb2zzfpdFgr8WG5/qJ5z8QYnNEtlPHREsL6/W
6VbtwUZDnX+XmUKfYFDjUidU11VzG4m90nKAb6r6bnauAQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:33 2024 by rpki-client on console-ams.rpki-client.org