Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/PSJbAY9HfgbkSbMdEBRA57svHic.roa
File: PSJbAY9HfgbkSbMdEBRA57svHic.roa (raw, json)
Hash identifier: h6ytCVMlIN2w31J9UlykP1/vgoDdaZGhb2I1uPnSDoY=
Subject key identifier: 3D:22:5B:01:8F:47:7E:06:E4:49:B3:1D:10:14:40:E7:BB:2F:1E:27
Certificate issuer: /CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
Certificate serial: 06154E9A
Authority key identifier: F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/PSJbAY9HfgbkSbMdEBRA57svHic.roa
Signing time: Tue 01 Feb 2022 18:14:22 +0000
ROA not before: Tue 01 Feb 2022 18:14:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56971
IP address blocks: 45.156.20.0/22 maxlen: 32
194.113.209.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102059674 (0x6154e9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
Validity
Not Before: Feb 1 18:14:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d225b018f477e06e449b31d101440e7bb2f1e27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d7:65:41:a3:b3:df:64:4b:45:96:26:f0:89:
8d:51:5c:68:0c:56:d7:dd:00:01:cc:ae:b5:5d:a8:
f6:00:c4:fc:a1:88:f5:e6:44:c2:ea:a7:cf:fb:b9:
62:de:48:3c:7f:ef:79:72:c4:11:24:b4:d0:6b:c4:
ca:0a:c1:e4:eb:2b:ea:9d:ee:30:0b:6a:3b:59:3f:
a2:e2:49:b3:dc:43:cd:ef:fc:ee:62:25:75:c1:4a:
2d:95:ce:cf:70:b4:2a:b4:da:c1:85:03:d5:bc:72:
b4:7b:a7:e8:73:28:ac:76:9a:ef:80:49:f8:0d:bf:
12:b7:dd:eb:5b:4e:94:49:a0:b7:35:95:90:c0:e9:
8b:75:4a:f7:6e:36:2d:ac:65:b5:7d:e9:c6:fa:d3:
5c:6f:77:e2:55:a5:7c:cb:96:fb:3e:b4:f9:d2:e1:
01:2e:64:fd:65:03:10:4e:2e:27:f3:bd:89:cd:d6:
b3:da:2a:03:fa:82:7d:ca:eb:23:cd:1e:4a:fc:eb:
4e:28:61:1c:a6:f9:07:46:33:f8:13:e2:07:a2:86:
eb:50:66:01:d3:51:07:1b:1a:c4:65:24:57:00:ae:
3b:78:85:61:08:19:85:2b:ec:99:e8:78:9e:8a:48:
9a:98:8c:6a:57:d0:f6:ef:83:d8:ac:4f:ec:17:78:
34:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:22:5B:01:8F:47:7E:06:E4:49:B3:1D:10:14:40:E7:BB:2F:1E:27
X509v3 Authority Key Identifier:
keyid:F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/PSJbAY9HfgbkSbMdEBRA57svHic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/8bi7seGGpZnUzAWMq_TfDiUvMfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.20.0/22
194.113.209.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:d4:c4:b5:99:98:cb:05:f4:f5:5a:6a:3b:7d:44:9f:38:d1:
ea:62:96:3a:3b:23:40:8a:fb:1f:0a:62:0c:6d:6b:c3:aa:cc:
3a:f9:bd:ec:66:3e:1c:f8:78:3e:74:1e:80:1f:9a:ee:a0:19:
fe:b4:3f:f6:d4:0e:80:43:2a:a5:b3:b6:3f:81:6c:c7:3e:c0:
c0:c6:a2:14:d1:80:ca:65:98:74:72:a9:e6:15:d1:59:ba:1c:
14:81:45:e7:69:b1:29:ac:36:2d:ca:49:c8:85:36:17:26:97:
ef:c6:79:41:92:a0:33:21:e0:43:0a:cd:26:72:5f:e7:b1:04:
7b:47:38:bf:2a:d7:48:81:c3:a1:77:5e:ae:e3:55:37:c7:e7:
d8:c3:9e:19:cc:6d:a1:26:71:2c:60:96:69:63:1a:32:af:83:
a8:7b:0e:c1:6c:9b:1b:1e:56:b7:0a:20:d0:8a:57:1d:36:b2:
5a:39:c4:0d:dd:49:da:70:a5:ee:da:90:94:eb:c1:ef:e4:45:
48:07:1d:02:7a:d5:28:2b:54:5b:a9:ef:a8:84:8f:da:be:bc:
68:b3:90:96:bd:53:d6:1f:89:14:2c:54:dd:53:29:6c:bc:9e:
cd:df:be:06:62:0d:02:cd:06:0f:38:5c:34:e8:58:3c:e5:f6:
0e:42:5d:ea
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBhVOmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MWI4YmJiMWUxODZhNTk5ZDRjYzA1OGNhYmY0ZGYwZTI1MmYzMWZhMB4XDTIyMDIw
MTE4MTQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2QyMjViMDE4ZjQ3
N2UwNmU0NDliMzFkMTAxNDQwZTdiYjJmMWUyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTXZUGjs99kS0WWJvCJjVFcaAxW190AAcyutV2o9gDE/KGI
9eZEwuqnz/u5Yt5IPH/veXLEESS00GvEygrB5Osr6p3uMAtqO1k/ouJJs9xDze/8
7mIldcFKLZXOz3C0KrTawYUD1bxytHun6HMorHaa74BJ+A2/Erfd61tOlEmgtzWV
kMDpi3VK9242LaxltX3pxvrTXG934lWlfMuW+z60+dLhAS5k/WUDEE4uJ/O9ic3W
s9oqA/qCfcrrI80eSvzrTihhHKb5B0Yz+BPiB6KG61BmAdNRBxsaxGUkVwCuO3iF
YQgZhSvsmeh4nopImpiMalfQ9u+D2KxP7Bd4NGsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ9IlsBj0d+BuRJsx0QFEDnuy8eJzAfBgNVHSMEGDAWgBTxuLux4YalmdTM
BYyr9N8OJS8x+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhiaTdzZUdHcFpuVXpBV01xX1RmRGlVdk1mby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvMzIxZWE2LWVmZjctNDUxNC1hYjJkLTViNGI4NWZkNWFlNS8x
L1BTSmJBWTlIZmdia1NiTWRFQlJBNTdzdkhpYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
MzIxZWE2LWVmZjctNDUxNC1hYjJkLTViNGI4NWZkNWFlNS8xLzhiaTdzZUdHcFpu
VXpBV01xX1RmRGlVdk1mby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2cFAMEAMJx0TANBgkqhkiG9w0B
AQsFAAOCAQEAKtTEtZmYywX09VpqO31EnzjR6mKWOjsjQIr7HwpiDG1rw6rMOvm9
7GY+HPh4PnQegB+a7qAZ/rQ/9tQOgEMqpbO2P4Fsxz7AwMaiFNGAymWYdHKp5hXR
WbocFIFF52mxKaw2LcpJyIU2FyaX78Z5QZKgMyHgQwrNJnJf57EEe0c4vyrXSIHD
oXderuNVN8fn2MOeGcxtoSZxLGCWaWMaMq+DqHsOwWybGx5Wtwog0IpXHTayWjnE
Dd1J2nCl7tqQlOvB7+RFSAcdAnrVKCtUW6nvqISP2r68aLOQlr1T1h+JFCxU3VMp
bLyezd++BmINAs0GDzhcNOhYPOX2DkJd6g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:46 2023 by rpki-client on console-ams.rpki-client.org