Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/9hROLkDW9CU6cx_Bf22adepuPWM.roa
File: 9hROLkDW9CU6cx_Bf22adepuPWM.roa (raw, json)
Hash identifier: d0ivWoNGncP9bpWXYk2/O59WaNzLElresl2mN1Sbh9k=
Subject key identifier: F6:14:4E:2E:40:D6:F4:25:3A:73:1F:C1:7F:6D:9A:75:EA:6E:3D:63
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 0182E8021FFB52976DAA6E7E9A24DBB820FE
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/9hROLkDW9CU6cx_Bf22adepuPWM.roa
Signing time: Mon 29 Aug 2022 05:10:29 +0000
ROA not before: Mon 29 Aug 2022 05:10:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 45.146.192.0/22 maxlen: 22
45.146.60.0/22 maxlen: 22
2a10:6080::/29 maxlen: 29
2a10:5e80::/29 maxlen: 29
2a10:5f80::/29 maxlen: 29
2a10:6280::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e8:02:1f:fb:52:97:6d:aa:6e:7e:9a:24:db:b8:20:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Aug 29 05:10:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6144e2e40d6f4253a731fc17f6d9a75ea6e3d63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:8d:e2:75:d7:ab:53:80:aa:5f:57:f6:b7:96:
81:69:3d:d9:73:a7:2a:0f:75:66:29:87:08:88:28:
8c:03:b6:dc:33:a1:81:a3:69:df:7d:b7:fe:68:82:
20:1e:15:ff:04:d7:f1:56:65:48:fd:d0:72:ff:9e:
a3:73:76:3a:df:de:e3:42:ff:b7:ee:8b:65:5a:66:
83:af:aa:49:e6:1a:ba:f7:6b:87:6c:b5:26:52:d4:
6b:91:c9:bc:33:14:b8:93:3f:d8:a2:4f:90:6f:4f:
1c:f4:7c:f0:94:10:cf:2f:ec:13:f7:e0:dd:44:fe:
1b:01:b1:3e:e5:ce:34:71:bf:97:a1:87:a3:8d:56:
aa:ef:72:21:45:1a:1c:35:3e:03:84:ee:74:eb:ad:
2e:04:b4:c6:5c:48:32:36:ec:8c:8a:69:99:c5:4d:
16:85:9a:de:92:f9:3f:0d:5a:2c:d8:2e:7f:36:b6:
8c:fc:82:fe:50:f8:46:2f:30:53:a3:e8:f8:aa:8a:
64:3b:91:b8:84:ef:a8:83:e1:08:76:16:2f:40:77:
5c:ca:b9:4f:92:9e:e9:89:4a:e2:04:ce:7e:df:bf:
19:23:d2:da:86:9c:8d:c1:61:84:1b:31:27:b2:84:
34:af:0d:1b:ac:30:af:b2:3c:6a:d8:94:6a:bb:5d:
a0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:14:4E:2E:40:D6:F4:25:3A:73:1F:C1:7F:6D:9A:75:EA:6E:3D:63
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/9hROLkDW9CU6cx_Bf22adepuPWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.60.0/22
45.146.192.0/22
IPv6:
2a10:5e80::/29
2a10:5f80::/29
2a10:6080::/29
2a10:6280::/29
Signature Algorithm: sha256WithRSAEncryption
a3:a0:60:c9:54:c3:59:ff:be:34:bb:e1:fd:a0:83:94:4d:29:
80:9c:8d:f0:d3:01:85:b3:c1:c0:04:43:ca:40:d5:49:31:fd:
1a:9c:3a:bb:2c:db:44:c0:ee:f6:e7:61:d4:81:3a:c2:d3:ed:
ff:bb:36:3c:5d:b5:0b:c9:9d:b6:dc:40:64:95:a3:34:62:d6:
0d:83:e7:27:05:a8:ec:61:3c:55:c2:4e:79:8c:5f:4d:47:81:
d8:ef:7c:9a:dc:a6:40:8d:6d:73:dc:53:19:64:39:4c:6a:90:
42:cc:71:be:9d:69:11:49:be:57:be:aa:28:06:11:8b:cc:a5:
e9:96:88:b6:d1:41:d8:89:48:aa:8c:dc:4b:2e:77:86:d8:d5:
f4:5c:f6:d7:4b:ba:10:a0:8e:0b:a9:04:14:f6:ce:bb:b1:77:
3f:8c:66:0c:97:2d:50:d3:65:06:42:1e:21:80:53:03:4b:61:
19:1f:34:97:1f:df:e1:80:f1:0a:84:75:02:8b:77:1a:90:57:
f3:45:50:9e:96:34:52:28:99:7c:9b:33:18:e0:c8:91:e5:15:
e6:a1:5b:01:ef:66:24:af:18:af:67:f9:c6:b0:73:e4:17:2c:
5b:c9:4b:71:ef:cf:22:8b:f1:04:c4:f6:a3:d1:77:12:d3:b8:
b7:00:5f:3a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYLoAh/7Updtqm5+miTbuCD+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjIwODI5MDUxMDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjE0NGUyZTQwZDZmNDI1M2E3MzFmYzE3ZjZkOWE3NWVhNmUzZDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgI3idderU4CqX1f2t5aBaT3Zc6cq
D3VmKYcIiCiMA7bcM6GBo2nffbf+aIIgHhX/BNfxVmVI/dBy/56jc3Y6397jQv+3
7otlWmaDr6pJ5hq692uHbLUmUtRrkcm8MxS4kz/Yok+Qb08c9HzwlBDPL+wT9+Dd
RP4bAbE+5c40cb+XoYejjVaq73IhRRocNT4DhO50660uBLTGXEgyNuyMimmZxU0W
hZrekvk/DVos2C5/NraM/IL+UPhGLzBTo+j4qopkO5G4hO+og+EIdhYvQHdcyrlP
kp7piUriBM5+378ZI9LahpyNwWGEGzEnsoQ0rw0brDCvsjxq2JRqu12gnQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPYUTi5A1vQlOnMfwX9tmnXqbj1jMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvOWhST0xrRFc5Q1U2Y3hfQmYyMmFkZXB1UFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODASBAIAATAMAwQCLZI8AwQC
LZLAMCIEAgACMBwDBQMqEF6AAwUDKhBfgAMFAyoQYIADBQMqEGKAMA0GCSqGSIb3
DQEBCwUAA4IBAQCjoGDJVMNZ/740u+H9oIOUTSmAnI3w0wGFs8HABEPKQNVJMf0a
nDq7LNtEwO7252HUgTrC0+3/uzY8XbULyZ223EBklaM0YtYNg+cnBajsYTxVwk55
jF9NR4HY73ya3KZAjW1z3FMZZDlMapBCzHG+nWkRSb5XvqooBhGLzKXploi20UHY
iUiqjNxLLneG2NX0XPbXS7oQoI4LqQQU9s67sXc/jGYMly1Q02UGQh4hgFMDS2EZ
HzSXH9/hgPEKhHUCi3cakFfzRVCeljRSKJl8mzMY4MiR5RXmoVsB72YkrxivZ/nG
sHPkFyxbyUtx788ii/EExPaj0XcS07i3AF86
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:02 2023 by rpki-client on console-fra.rpki-client.org