Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/c8ae79-6d7b-4776-80b7-420492cd1afd/1/tyrhuq4m6C_zMl5wwIcyPn8f10Q.roa
File: tyrhuq4m6C_zMl5wwIcyPn8f10Q.roa (raw, json)
Hash identifier: H2egPYlwErx5weYhjn3RrEg1DCmAa7jFz6J1wisILM4=
Subject key identifier: B7:2A:E1:BA:AE:26:E8:2F:F3:32:5E:70:C0:87:32:3E:7F:1F:D7:44
Certificate issuer: /CN=7ed24c5d344fb92bcf4cf6e1e569f51ae41aa87c
Certificate serial: 07893CC8
Authority key identifier: 7E:D2:4C:5D:34:4F:B9:2B:CF:4C:F6:E1:E5:69:F5:1A:E4:1A:A8:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ftJMXTRPuSvPTPbh5Wn1GuQaqHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/c8ae79-6d7b-4776-80b7-420492cd1afd/1/tyrhuq4m6C_zMl5wwIcyPn8f10Q.roa
Signing time: Sat 01 Jan 2022 15:04:15 +0000
ROA not before: Sat 01 Jan 2022 15:04:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48603
IP address blocks: 45.147.92.0/22 maxlen: 22
45.147.92.0/24 maxlen: 24
45.147.93.0/24 maxlen: 24
2a0f:f800::/29 maxlen: 31
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126434504 (0x7893cc8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ed24c5d344fb92bcf4cf6e1e569f51ae41aa87c
Validity
Not Before: Jan 1 15:04:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b72ae1baae26e82ff3325e70c087323e7f1fd744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:de:78:96:23:f7:c0:4c:fd:cc:26:31:b0:34:
80:61:5c:77:1a:64:f3:2e:7b:e3:c4:f1:3f:80:ba:
f1:49:81:ac:01:62:fb:d2:46:e6:e3:ef:c4:3b:7b:
e5:74:51:24:09:0b:6b:3a:1f:73:1e:98:1d:05:a0:
42:79:33:df:cb:80:11:c5:9a:5d:ee:13:91:7f:1a:
12:a7:0e:5f:7b:bb:32:ed:69:61:b9:83:ca:c2:7c:
e3:e5:8c:be:f1:6e:2d:9a:ea:5c:05:57:36:7d:e9:
6b:2d:f9:47:8c:f8:3b:35:10:24:15:96:7d:02:e6:
87:91:29:24:ee:9c:e0:d5:fc:26:af:3f:58:e4:7c:
c6:9e:d8:2f:a6:a9:01:2e:3f:e1:6f:f8:55:dc:8e:
83:e9:a0:f7:0b:50:b8:f9:f2:c4:b8:5d:0b:67:d3:
62:5c:76:19:45:4f:3f:c6:d4:4b:1c:91:3a:e7:54:
fb:30:ae:d7:46:d9:94:d6:1b:17:82:da:0f:32:46:
52:a4:29:e3:33:d2:21:3c:2b:0a:a4:d0:97:ee:3e:
9b:9c:2b:4e:31:1f:9d:75:e0:6c:ff:83:70:14:6c:
e6:68:8b:1b:c2:bb:6f:3b:fd:db:8b:15:50:f6:43:
65:f2:08:bf:ea:e9:65:03:68:a8:43:2f:73:16:5a:
c7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:2A:E1:BA:AE:26:E8:2F:F3:32:5E:70:C0:87:32:3E:7F:1F:D7:44
X509v3 Authority Key Identifier:
keyid:7E:D2:4C:5D:34:4F:B9:2B:CF:4C:F6:E1:E5:69:F5:1A:E4:1A:A8:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ftJMXTRPuSvPTPbh5Wn1GuQaqHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/c8ae79-6d7b-4776-80b7-420492cd1afd/1/tyrhuq4m6C_zMl5wwIcyPn8f10Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/c8ae79-6d7b-4776-80b7-420492cd1afd/1/ftJMXTRPuSvPTPbh5Wn1GuQaqHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.92.0/22
IPv6:
2a0f:f800::/29
Signature Algorithm: sha256WithRSAEncryption
be:91:21:68:82:82:f7:2b:c3:1e:d3:a1:57:1e:a7:13:55:82:
27:82:69:05:c0:5f:10:a5:a2:23:62:5a:25:31:17:0b:51:ff:
70:fb:8a:3c:40:77:e8:41:bd:3f:13:a8:11:16:06:f5:73:73:
62:3b:aa:db:2d:91:d3:55:50:d6:0f:bf:60:da:f3:e5:81:4a:
b1:e5:8e:f6:fa:e6:d8:9e:99:0a:5a:82:a1:c3:10:62:52:97:
f0:2e:1d:29:b8:36:25:71:e1:13:4a:69:e5:fc:1f:17:25:2f:
ca:7b:9b:39:83:70:f7:c9:35:0c:c5:a4:db:42:33:59:cf:a3:
92:5a:3e:64:5d:81:ed:32:75:66:9b:89:c6:4b:26:15:22:8a:
c2:33:bb:93:29:c3:06:a0:10:22:b9:40:5f:61:bc:b4:fd:04:
b3:25:64:fe:8b:58:f7:40:a2:2b:45:8b:1e:b9:8c:97:a2:bf:
49:e8:06:75:bd:62:54:be:77:91:93:f8:aa:9f:aa:4d:11:5b:
1d:3c:cd:33:97:55:89:50:8b:78:ad:64:28:ef:79:9e:94:47:
6e:f8:69:e1:40:5f:72:4d:4f:d0:4a:87:ab:16:83:2f:12:85:
98:a0:32:c1:bf:3a:aa:54:48:ed:c5:30:43:ea:1a:42:25:bb:
b3:ec:cc:e4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB4k8yDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZWQyNGM1ZDM0NGZiOTJiY2Y0Y2Y2ZTFlNTY5ZjUxYWU0MWFhODdjMB4XDTIyMDEw
MTE1MDQxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjcyYWUxYmFhZTI2
ZTgyZmYzMzI1ZTcwYzA4NzMyM2U3ZjFmZDc0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOjeeJYj98BM/cwmMbA0gGFcdxpk8y5748TxP4C68UmBrAFi
+9JG5uPvxDt75XRRJAkLazofcx6YHQWgQnkz38uAEcWaXe4TkX8aEqcOX3u7Mu1p
YbmDysJ84+WMvvFuLZrqXAVXNn3pay35R4z4OzUQJBWWfQLmh5EpJO6c4NX8Jq8/
WOR8xp7YL6apAS4/4W/4VdyOg+mg9wtQuPnyxLhdC2fTYlx2GUVPP8bUSxyROudU
+zCu10bZlNYbF4LaDzJGUqQp4zPSITwrCqTQl+4+m5wrTjEfnXXgbP+DcBRs5miL
G8K7bzv924sVUPZDZfIIv+rpZQNoqEMvcxZax7cCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS3KuG6riboL/MyXnDAhzI+fx/XRDAfBgNVHSMEGDAWgBR+0kxdNE+5K89M
9uHlafUa5BqofDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Z0Sk1YVFJQdVN2UFRQYmg1V24xR3VRYXFIdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvYzhhZTc5LTZkN2ItNDc3Ni04MGI3LTQyMDQ5MmNkMWFmZC8x
L3R5cmh1cTRtNkNfek1sNXd3SWN5UG44ZjEwUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
YzhhZTc5LTZkN2ItNDc3Ni04MGI3LTQyMDQ5MmNkMWFmZC8xL2Z0Sk1YVFJQdVN2
UFRQYmg1V24xR3VRYXFIdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAi2TXDANBAIAAjAHAwUDKg/4ADAN
BgkqhkiG9w0BAQsFAAOCAQEAvpEhaIKC9yvDHtOhVx6nE1WCJ4JpBcBfEKWiI2Ja
JTEXC1H/cPuKPEB36EG9PxOoERYG9XNzYjuq2y2R01VQ1g+/YNrz5YFKseWO9vrm
2J6ZClqCocMQYlKX8C4dKbg2JXHhE0pp5fwfFyUvynubOYNw98k1DMWk20IzWc+j
klo+ZF2B7TJ1ZpuJxksmFSKKwjO7kynDBqAQIrlAX2G8tP0EsyVk/otY90CiK0WL
HrmMl6K/SegGdb1iVL53kZP4qp+qTRFbHTzNM5dViVCLeK1kKO95npRHbvhp4UBf
ck1P0EqHqxaDLxKFmKAywb86qlRI7cUwQ+oaQiW7s+zM5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:00 2024 by rpki-client on console-fra.rpki-client.org