Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/1f45e9-e839-467b-b5ab-3d1f30e0923b/1/azb8qMj6LiSOFN-jK8FBhUkcxdE.roa
File: azb8qMj6LiSOFN-jK8FBhUkcxdE.roa (raw, json)
Hash identifier: 4dsmFGTLYFw9VPret6ppFYpyBddxgm0jC4ewUW51QOQ=
Subject key identifier: 6B:36:FC:A8:C8:FA:2E:24:8E:14:DF:A3:2B:C1:41:85:49:1C:C5:D1
Certificate issuer: /CN=c738807abb9ce15b7a892592b6f003f1a3e16b60
Certificate serial: 052216A1
Authority key identifier: C7:38:80:7A:BB:9C:E1:5B:7A:89:25:92:B6:F0:03:F1:A3:E1:6B:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xziAeruc4Vt6iSWStvAD8aPha2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/1f45e9-e839-467b-b5ab-3d1f30e0923b/1/azb8qMj6LiSOFN-jK8FBhUkcxdE.roa
Signing time: Sat 01 Jan 2022 13:57:11 +0000
ROA not before: Sat 01 Jan 2022 13:57:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208815
IP address blocks: 45.84.36.0/24 maxlen: 24
45.84.37.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86120097 (0x52216a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c738807abb9ce15b7a892592b6f003f1a3e16b60
Validity
Not Before: Jan 1 13:57:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b36fca8c8fa2e248e14dfa32bc14185491cc5d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5f:ac:b3:86:c3:5d:c0:47:8f:ea:76:0c:7a:
bc:9e:5b:81:ad:be:1b:d2:3a:4f:68:aa:57:04:e3:
25:44:19:44:7c:4a:ce:ba:14:5d:39:fd:e9:40:04:
15:15:f0:75:61:c2:0a:99:19:74:b2:f3:e3:89:df:
23:8d:de:1b:03:d2:54:cb:bd:b7:2b:67:6b:61:04:
95:2c:87:d9:79:aa:21:12:02:59:05:00:b1:18:44:
4d:ea:ea:24:f3:83:af:5f:9a:ad:aa:c6:13:45:44:
16:f4:a8:b9:d9:88:d2:bf:e3:cf:47:76:1b:73:f6:
54:23:dd:10:84:96:f2:46:a7:3f:8d:91:71:b0:8f:
e7:01:5c:65:36:d2:97:a1:be:60:be:d9:69:70:bf:
d0:e2:20:7e:48:bc:75:c7:28:24:e7:7b:e4:34:cc:
77:93:52:14:cb:47:f4:0a:13:46:80:20:ca:ec:5b:
1a:0b:0e:55:6d:68:dd:56:2b:c8:3c:bf:24:30:51:
e5:6a:c9:02:54:1d:f5:b3:13:46:63:89:d0:4f:1f:
e4:e9:2a:35:85:88:72:8e:d3:e4:f8:2c:b8:82:53:
b6:82:d1:02:c4:84:26:34:5b:1c:d8:d6:74:e0:9a:
65:c7:ac:66:ee:06:b0:a1:db:b7:55:b1:f1:36:88:
ae:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:36:FC:A8:C8:FA:2E:24:8E:14:DF:A3:2B:C1:41:85:49:1C:C5:D1
X509v3 Authority Key Identifier:
keyid:C7:38:80:7A:BB:9C:E1:5B:7A:89:25:92:B6:F0:03:F1:A3:E1:6B:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xziAeruc4Vt6iSWStvAD8aPha2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/1f45e9-e839-467b-b5ab-3d1f30e0923b/1/azb8qMj6LiSOFN-jK8FBhUkcxdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/1f45e9-e839-467b-b5ab-3d1f30e0923b/1/xziAeruc4Vt6iSWStvAD8aPha2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.36.0/23
Signature Algorithm: sha256WithRSAEncryption
34:20:e8:48:de:1f:14:d4:96:78:08:1d:8f:de:7f:a2:09:39:
4c:f6:50:4b:fb:a3:dc:b0:7d:23:b7:82:e8:2a:f7:cd:73:e6:
2f:23:f3:b5:62:27:f7:27:71:06:84:b2:53:a8:e7:e6:14:42:
46:c5:3d:46:fd:1b:ad:3b:46:2d:45:7e:d3:c0:7c:4c:dd:5b:
52:b8:9c:9c:f7:01:0d:37:44:e0:fc:b7:73:b8:0b:1b:50:35:
7a:37:19:5f:2e:a9:45:80:0b:7a:03:1f:b8:18:2b:05:bf:83:
e1:c3:12:03:8d:24:d9:15:02:18:20:e3:ae:31:56:61:9d:42:
62:fc:97:95:83:7b:3b:0a:01:7c:93:b4:79:e4:c3:d1:13:cd:
79:08:c8:71:5a:df:dd:1d:95:d1:e4:5f:2f:e5:e0:a3:c5:91:
a2:51:72:14:a2:03:b2:50:62:cc:e8:69:8e:d9:61:70:d2:30:
a4:48:18:1f:d8:72:e1:65:de:c0:4b:5b:2c:b5:66:99:d4:0d:
14:54:79:1e:ee:a6:db:14:00:af:06:9d:c7:a7:4a:56:83:dc:
cb:8f:c3:5c:6e:67:8b:be:84:ba:91:9c:d5:28:9e:49:96:49:
a3:9e:63:26:84:02:05:05:c6:8a:16:37:31:2b:3d:b7:06:94:
84:74:5b:5c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBSIWoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzM4ODA3YWJiOWNlMTViN2E4OTI1OTJiNmYwMDNmMWEzZTE2YjYwMB4XDTIyMDEw
MTEzNTcxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmIzNmZjYThjOGZh
MmUyNDhlMTRkZmEzMmJjMTQxODU0OTFjYzVkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANRfrLOGw13AR4/qdgx6vJ5bga2+G9I6T2iqVwTjJUQZRHxK
zroUXTn96UAEFRXwdWHCCpkZdLLz44nfI43eGwPSVMu9tytna2EElSyH2XmqIRIC
WQUAsRhETerqJPODr1+ararGE0VEFvSoudmI0r/jz0d2G3P2VCPdEISW8kanP42R
cbCP5wFcZTbSl6G+YL7ZaXC/0OIgfki8dccoJOd75DTMd5NSFMtH9AoTRoAgyuxb
GgsOVW1o3VYryDy/JDBR5WrJAlQd9bMTRmOJ0E8f5OkqNYWIco7T5PgsuIJTtoLR
AsSEJjRbHNjWdOCaZcesZu4GsKHbt1Wx8TaIrnUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRrNvyoyPouJI4U36MrwUGFSRzF0TAfBgNVHSMEGDAWgBTHOIB6u5zhW3qJ
JZK28APxo+FrYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3h6aUFlcnVjNFZ0NmlTV1N0dkFEOGFQaGEyQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvMWY0NWU5LWU4MzktNDY3Yi1iNWFiLTNkMWYzMGUwOTIzYi8x
L2F6YjhxTWo2TGlTT0ZOLWpLOEZCaFVrY3hkRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
MWY0NWU5LWU4MzktNDY3Yi1iNWFiLTNkMWYzMGUwOTIzYi8xL3h6aUFlcnVjNFZ0
NmlTV1N0dkFEOGFQaGEyQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS1UJDANBgkqhkiG9w0BAQsFAAOC
AQEANCDoSN4fFNSWeAgdj95/ogk5TPZQS/uj3LB9I7eC6Cr3zXPmLyPztWIn9ydx
BoSyU6jn5hRCRsU9Rv0brTtGLUV+08B8TN1bUricnPcBDTdE4Py3c7gLG1A1ejcZ
Xy6pRYALegMfuBgrBb+D4cMSA40k2RUCGCDjrjFWYZ1CYvyXlYN7OwoBfJO0eeTD
0RPNeQjIcVrf3R2V0eRfL+Xgo8WRolFyFKIDslBizOhpjtlhcNIwpEgYH9hy4WXe
wEtbLLVmmdQNFFR5Hu6m2xQArwadx6dKVoPcy4/DXG5ni76EupGc1SieSZZJo55j
JoQCBQXGihY3MSs9twaUhHRbXA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:53 2023 by rpki-client on console-ams.rpki-client.org