Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/8a30b8-1c1d-41c2-994e-5666c283b306/1/SuJZnL83JDWtx2IckWzE1NO9Qiw.roa
File: SuJZnL83JDWtx2IckWzE1NO9Qiw.roa (raw, json)
Hash identifier: yeyhyB0bNr27HTpCHDL7KEG9mizTnGYZaKVfEsNvMFY=
Subject key identifier: 4A:E2:59:9C:BF:37:24:35:AD:C7:62:1C:91:6C:C4:D4:D3:BD:42:2C
Certificate issuer: /CN=6a0f5830dbc4bbabb682777ebd3843d750489ec8
Certificate serial: 01851B563F6F100A1C9BE06D5B22251DE38B
Authority key identifier: 6A:0F:58:30:DB:C4:BB:AB:B6:82:77:7E:BD:38:43:D7:50:48:9E:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ag9YMNvEu6u2gnd-vThD11BInsg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/8a30b8-1c1d-41c2-994e-5666c283b306/1/SuJZnL83JDWtx2IckWzE1NO9Qiw.roa
Signing time: Fri 16 Dec 2022 14:28:35 +0000
ROA not before: Fri 16 Dec 2022 14:28:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 45.145.120.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1b:56:3f:6f:10:0a:1c:9b:e0:6d:5b:22:25:1d:e3:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a0f5830dbc4bbabb682777ebd3843d750489ec8
Validity
Not Before: Dec 16 14:28:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ae2599cbf372435adc7621c916cc4d4d3bd422c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:05:63:b8:7e:9f:6d:89:35:6b:9d:90:54:68:
e8:d9:0d:04:fc:3e:47:5d:0f:d4:ff:35:cf:e0:4f:
64:ab:93:79:88:1e:26:d2:81:82:d2:dd:60:3a:6b:
c9:33:ff:94:da:a4:99:48:27:f6:de:1a:79:bb:6b:
c0:16:2a:15:42:0d:57:53:5b:3e:74:55:b2:3e:03:
49:68:69:bc:36:74:4d:fb:13:b0:93:dd:92:02:c4:
19:0b:9d:64:d8:d4:b3:36:d9:10:7e:88:3f:e2:5f:
92:8b:04:d5:10:d6:2c:4c:87:91:7a:a3:37:5a:75:
d1:8e:5e:af:26:b5:59:17:01:27:43:1b:c5:85:7c:
df:35:63:df:46:c3:f5:ea:3b:bf:d4:d4:75:7b:67:
cd:74:2c:e8:56:81:b0:d1:4c:19:84:70:4e:83:96:
8c:c8:75:a3:9a:3b:71:f7:3d:f2:15:19:d7:58:7b:
79:bd:51:8d:bd:3b:36:c5:7b:29:bd:d6:7f:86:4a:
87:1e:19:32:ec:1a:95:99:4a:d9:97:fc:9f:d5:5a:
f9:15:f4:bb:62:0e:6f:a3:8f:f3:59:43:b4:03:31:
96:19:d1:24:9e:aa:1f:0e:f1:45:04:d2:ee:5a:bb:
65:60:83:2a:d8:37:68:c5:02:16:97:e3:5c:88:b8:
dd:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E2:59:9C:BF:37:24:35:AD:C7:62:1C:91:6C:C4:D4:D3:BD:42:2C
X509v3 Authority Key Identifier:
keyid:6A:0F:58:30:DB:C4:BB:AB:B6:82:77:7E:BD:38:43:D7:50:48:9E:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ag9YMNvEu6u2gnd-vThD11BInsg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/8a30b8-1c1d-41c2-994e-5666c283b306/1/SuJZnL83JDWtx2IckWzE1NO9Qiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/8a30b8-1c1d-41c2-994e-5666c283b306/1/ag9YMNvEu6u2gnd-vThD11BInsg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.120.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:0a:e2:e8:de:c7:95:07:db:d1:33:45:55:3f:2b:e4:61:1c:
c5:33:49:51:d0:b4:c0:aa:de:ca:d3:bd:d3:9d:b3:b1:2a:f6:
29:9c:bf:43:14:60:9c:c2:86:87:6f:98:bd:9d:ee:27:05:73:
60:48:70:d2:a0:9b:25:f9:2f:a8:c0:6b:d8:b2:c7:de:86:36:
b1:41:a4:db:21:62:60:76:34:7b:0b:78:de:90:e2:b6:c7:b7:
49:71:23:47:10:81:1e:07:8d:8c:a2:2c:f4:1e:6d:f3:bd:b9:
5f:85:bf:28:3f:6e:9e:d8:45:85:57:22:7a:3c:1d:45:0f:02:
68:8f:9e:17:7d:a7:37:10:ee:05:57:81:f9:e6:d0:a8:f3:87:
63:c2:7b:63:0b:1d:c2:8c:ea:41:d7:fb:6e:51:6f:d2:5f:c1:
bb:6a:12:65:29:09:bd:03:55:eb:fc:63:44:4a:21:6f:23:25:
e4:ae:6f:f1:d9:8b:c1:cc:29:f3:73:e1:c6:c1:3c:c4:27:e5:
2a:41:f3:b6:97:26:1c:2b:1f:fe:a2:48:75:23:dc:a7:5c:e8:
a7:09:a6:69:6a:33:8c:50:af:53:44:00:bc:ea:78:59:57:cb:
9e:92:db:a8:7f:02:b3:33:b0:5f:2a:f1:1d:1b:e1:46:b1:cb:
06:b2:ed:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUbVj9vEAocm+BtWyIlHeOLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMGY1ODMwZGJjNGJiYWJiNjgyNzc3ZWJkMzg0M2Q3NTA0
ODllYzgwHhcNMjIxMjE2MTQyODM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWUyNTk5Y2JmMzcyNDM1YWRjNzYyMWM5MTZjYzRkNGQzYmQ0MjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAVjuH6fbYk1a52QVGjo2Q0E/D5H
XQ/U/zXP4E9kq5N5iB4m0oGC0t1gOmvJM/+U2qSZSCf23hp5u2vAFioVQg1XU1s+
dFWyPgNJaGm8NnRN+xOwk92SAsQZC51k2NSzNtkQfog/4l+SiwTVENYsTIeReqM3
WnXRjl6vJrVZFwEnQxvFhXzfNWPfRsP16ju/1NR1e2fNdCzoVoGw0UwZhHBOg5aM
yHWjmjtx9z3yFRnXWHt5vVGNvTs2xXspvdZ/hkqHHhky7BqVmUrZl/yf1Vr5FfS7
Yg5vo4/zWUO0AzGWGdEknqofDvFFBNLuWrtlYIMq2DdoxQIWl+NciLjdOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEriWZy/NyQ1rcdiHJFsxNTTvUIsMB8GA1UdIwQY
MBaAFGoPWDDbxLurtoJ3fr04Q9dQSJ7IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWc5WU1OdkV1NnUyZ25kLXZUaEQxMUJJbnNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni84YTMwYjgtMWMxZC00MWMyLTk5NGUt
NTY2NmMyODNiMzA2LzEvU3VKWm5MODNKRFd0eDJJY2tXekUxTk85UWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni84YTMwYjgtMWMxZC00MWMyLTk5NGUtNTY2NmMyODNiMzA2
LzEvYWc5WU1OdkV1NnUyZ25kLXZUaEQxMUJJbnNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZF4MA0G
CSqGSIb3DQEBCwUAA4IBAQCoCuLo3seVB9vRM0VVPyvkYRzFM0lR0LTAqt7K073T
nbOxKvYpnL9DFGCcwoaHb5i9ne4nBXNgSHDSoJsl+S+owGvYssfehjaxQaTbIWJg
djR7C3jekOK2x7dJcSNHEIEeB42Moiz0Hm3zvblfhb8oP26e2EWFVyJ6PB1FDwJo
j54Xfac3EO4FV4H55tCo84djwntjCx3CjOpB1/tuUW/SX8G7ahJlKQm9A1Xr/GNE
SiFvIyXkrm/x2YvBzCnzc+HGwTzEJ+UqQfO2lyYcKx/+okh1I9ynXOinCaZpajOM
UK9TRAC86nhZV8uektuofwKzM7BfKvEdG+FGscsGsu37
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:11 2024 by rpki-client on console-ams.rpki-client.org