Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/be8143-a408-49ab-a147-cda117fe830d/1/dB3-MTrY9bvdhiEnZWrkFj_r0JA.roa
File: dB3-MTrY9bvdhiEnZWrkFj_r0JA.roa (raw, json)
Hash identifier: 8tefAF25ioUWmHicQnbejzlaQt5tBdzXdFo3iDAoU2k=
Subject key identifier: 74:1D:FE:31:3A:D8:F5:BB:DD:86:21:27:65:6A:E4:16:3F:EB:D0:90
Certificate issuer: /CN=4c04e01231b1db820b1f5d542834ab05f693fd78
Certificate serial: 0183FB001CA25FBDD1B4F4CAF9A25A52C0EA
Authority key identifier: 4C:04:E0:12:31:B1:DB:82:0B:1F:5D:54:28:34:AB:05:F6:93:FD:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TATgEjGx24ILH11UKDSrBfaT_Xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/be8143-a408-49ab-a147-cda117fe830d/1/dB3-MTrY9bvdhiEnZWrkFj_r0JA.roa
Signing time: Fri 21 Oct 2022 14:43:51 +0000
ROA not before: Fri 21 Oct 2022 14:43:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57757
IP address blocks: 45.80.136.0/22 maxlen: 22
2a0e:4480::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fb:00:1c:a2:5f:bd:d1:b4:f4:ca:f9:a2:5a:52:c0:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c04e01231b1db820b1f5d542834ab05f693fd78
Validity
Not Before: Oct 21 14:43:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=741dfe313ad8f5bbdd862127656ae4163febd090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c2:ca:32:be:a8:cb:09:52:06:44:a6:4d:5b:
1f:dc:8a:ec:ef:60:06:2b:c9:2b:28:4a:30:ce:72:
8d:7d:41:bb:76:32:47:3e:a4:c4:ce:03:4c:6f:5e:
fa:ad:6a:fc:99:bc:65:45:b3:1c:cf:58:3c:3d:a4:
7c:c4:84:10:94:77:1f:32:1d:3c:e2:1f:e1:7d:30:
97:5d:15:b1:04:ef:86:6d:1c:7c:93:75:a3:c9:60:
c5:80:28:d5:e1:4b:21:7b:ea:11:74:e2:4f:67:3e:
0c:07:6f:d7:61:a4:e2:da:6f:06:14:f8:32:df:94:
da:d5:91:99:c2:f5:d5:a9:dc:0c:35:00:7f:7a:af:
60:d1:9c:61:69:f3:e7:83:21:9f:88:f9:76:24:ee:
10:b7:72:1b:8d:1b:35:67:9c:f1:8f:a0:f3:57:61:
f3:ad:82:66:01:b1:a3:13:68:47:c9:ec:77:37:a9:
86:f8:cf:a2:8b:33:a6:2e:58:a1:0d:61:75:23:32:
2c:a3:fe:49:66:04:ef:b8:8f:00:e0:a2:64:0c:e6:
fd:5c:96:d0:97:21:87:ff:e1:d7:d2:e6:63:f4:b5:
83:f4:53:ab:f1:45:f0:03:a8:33:ad:b1:d0:de:72:
b5:ab:7a:7a:d8:7d:82:04:b1:62:2f:89:df:05:4a:
23:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:1D:FE:31:3A:D8:F5:BB:DD:86:21:27:65:6A:E4:16:3F:EB:D0:90
X509v3 Authority Key Identifier:
keyid:4C:04:E0:12:31:B1:DB:82:0B:1F:5D:54:28:34:AB:05:F6:93:FD:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TATgEjGx24ILH11UKDSrBfaT_Xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/be8143-a408-49ab-a147-cda117fe830d/1/dB3-MTrY9bvdhiEnZWrkFj_r0JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/be8143-a408-49ab-a147-cda117fe830d/1/TATgEjGx24ILH11UKDSrBfaT_Xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.136.0/22
IPv6:
2a0e:4480::/32
Signature Algorithm: sha256WithRSAEncryption
6e:1e:bb:93:9c:e6:d5:83:4f:f5:70:1b:db:30:02:e7:a0:e4:
ed:8c:62:b7:8d:9e:e1:cb:26:af:24:7b:c3:12:7e:72:4c:a7:
75:97:31:d5:fa:47:34:21:ad:03:39:a0:a1:0d:10:57:62:c6:
02:df:5b:d9:1b:a3:5b:c2:58:d9:54:2e:79:bf:d1:49:db:0e:
c4:8f:b9:97:2b:c2:aa:e9:91:0a:22:ff:7a:09:af:c2:60:67:
72:2e:e5:92:d6:d7:31:11:b6:d8:2b:fb:61:fd:4f:c2:a1:71:
b2:fa:ca:dc:32:a4:17:e9:70:00:be:94:40:73:78:bd:4a:68:
4e:90:30:f7:91:3d:56:81:26:88:a1:50:da:d0:ae:fe:cc:0e:
54:98:6f:4c:34:e3:4d:76:ac:a9:d2:5b:d1:1d:84:42:e7:dd:
4e:78:31:77:02:76:96:0f:b5:d1:4c:38:10:69:06:9e:8a:c3:
cf:89:d2:12:48:1f:42:ec:08:69:fd:ea:25:f7:e5:1f:1b:95:
12:37:1c:54:42:33:82:c9:41:09:39:cc:95:28:11:ae:a8:76:
5f:97:04:6c:9a:e6:b9:29:e5:2f:98:8d:39:9b:05:7a:a9:45:
3f:f8:ce:68:3c:d6:38:6c:0a:c0:86:4f:43:06:7b:11:3a:d5:
9d:81:dd:ff
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYP7AByiX73RtPTK+aJaUsDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMDRlMDEyMzFiMWRiODIwYjFmNWQ1NDI4MzRhYjA1ZjY5
M2ZkNzgwHhcNMjIxMDIxMTQ0MzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDFkZmUzMTNhZDhmNWJiZGQ4NjIxMjc2NTZhZTQxNjNmZWJkMDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8LKMr6oywlSBkSmTVsf3Irs72AG
K8krKEowznKNfUG7djJHPqTEzgNMb176rWr8mbxlRbMcz1g8PaR8xIQQlHcfMh08
4h/hfTCXXRWxBO+GbRx8k3WjyWDFgCjV4Ushe+oRdOJPZz4MB2/XYaTi2m8GFPgy
35Ta1ZGZwvXVqdwMNQB/eq9g0ZxhafPngyGfiPl2JO4Qt3IbjRs1Z5zxj6DzV2Hz
rYJmAbGjE2hHyex3N6mG+M+iizOmLlihDWF1IzIso/5JZgTvuI8A4KJkDOb9XJbQ
lyGH/+HX0uZj9LWD9FOr8UXwA6gzrbHQ3nK1q3p62H2CBLFiL4nfBUoj0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHQd/jE62PW73YYhJ2Vq5BY/69CQMB8GA1UdIwQY
MBaAFEwE4BIxsduCCx9dVCg0qwX2k/14MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEFUZ0VqR3gyNElMSDExVUtEU3JCZmFUX1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9iZTgxNDMtYTQwOC00OWFiLWExNDct
Y2RhMTE3ZmU4MzBkLzEvZEIzLU1Uclk5YnZkaGlFblpXcmtGal9yMEpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9iZTgxNDMtYTQwOC00OWFiLWExNDctY2RhMTE3ZmU4MzBk
LzEvVEFUZ0VqR3gyNElMSDExVUtEU3JCZmFUX1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVCIMA0E
AgACMAcDBQAqDkSAMA0GCSqGSIb3DQEBCwUAA4IBAQBuHruTnObVg0/1cBvbMALn
oOTtjGK3jZ7hyyavJHvDEn5yTKd1lzHV+kc0Ia0DOaChDRBXYsYC31vZG6NbwljZ
VC55v9FJ2w7Ej7mXK8Kq6ZEKIv96Ca/CYGdyLuWS1tcxEbbYK/th/U/CoXGy+src
MqQX6XAAvpRAc3i9SmhOkDD3kT1WgSaIoVDa0K7+zA5UmG9MNONNdqyp0lvRHYRC
591OeDF3AnaWD7XRTDgQaQaeisPPidISSB9C7Ahp/eol9+UfG5USNxxUQjOCyUEJ
OcyVKBGuqHZflwRsmua5KeUvmI05mwV6qUU/+M5oPNY4bArAhk9DBnsROtWdgd3/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:33 2024 by rpki-client on console-ams.rpki-client.org