Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/OvHzPYWiWdnZHQkAuuxob8kIXZs.roa
File: OvHzPYWiWdnZHQkAuuxob8kIXZs.roa (raw, json)
Hash identifier: Jk0ighBKObM0wem0orWCHAqqwdpWpg0kZyg/iEBJLd8=
Subject key identifier: 3A:F1:F3:3D:85:A2:59:D9:D9:1D:09:00:BA:EC:68:6F:C9:08:5D:9B
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 01837B1491A7ECE5DBEF9988BE72AA055BA7
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/OvHzPYWiWdnZHQkAuuxob8kIXZs.roa
Signing time: Mon 26 Sep 2022 18:34:48 +0000
ROA not before: Mon 26 Sep 2022 18:34:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 45.93.148.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7b:14:91:a7:ec:e5:db:ef:99:88:be:72:aa:05:5b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Sep 26 18:34:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3af1f33d85a259d9d91d0900baec686fc9085d9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:93:01:af:a6:d4:0e:c3:ae:7b:e7:43:1e:d4:
42:3f:93:25:3c:e7:d4:94:3e:ce:68:a4:39:9f:c4:
82:37:30:b2:8f:e2:43:78:39:d1:d2:ad:bb:cb:68:
f8:54:19:c8:43:8a:51:c0:19:d8:b9:f7:a4:e3:c5:
f5:78:12:68:7d:d5:26:68:5b:17:d3:04:a0:9b:78:
30:da:48:d9:1d:ab:66:81:7c:76:06:2c:88:ae:f1:
d4:7b:02:5f:0c:6e:10:d6:d6:55:2e:55:7b:d2:6a:
40:5c:d1:3c:31:3f:16:a7:31:08:b5:e8:3a:3f:99:
ca:91:4f:46:88:ed:57:f0:18:30:f6:83:37:f0:57:
33:db:9e:31:96:3f:d4:54:49:b2:43:3e:6c:68:46:
1e:e1:67:55:a4:8d:50:1f:fc:b5:aa:82:e1:25:d4:
2f:17:e5:b0:40:e9:37:ba:51:05:a6:70:f0:08:3b:
fc:bd:a1:03:b5:f4:61:b9:ce:aa:ad:b5:1e:0c:62:
ca:5a:e3:c5:c9:ba:25:1d:db:9e:c4:30:11:7e:54:
5c:91:e7:24:cc:51:df:59:39:e7:85:52:ad:42:11:
38:ae:0b:ab:a7:a1:b8:33:cf:21:b8:9a:8b:9c:bc:
39:4a:f7:81:0d:88:1f:4b:46:7a:1d:53:3f:61:29:
01:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F1:F3:3D:85:A2:59:D9:D9:1D:09:00:BA:EC:68:6F:C9:08:5D:9B
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/OvHzPYWiWdnZHQkAuuxob8kIXZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.148.0/24
Signature Algorithm: sha256WithRSAEncryption
22:2c:8d:46:18:de:21:a3:37:36:87:07:25:24:b7:df:65:df:
c7:e6:e4:3c:2d:fd:73:9e:f7:ad:6e:c3:85:ab:99:72:03:0b:
a7:e3:ce:90:9c:db:1e:85:37:16:89:61:04:ad:b0:72:36:92:
23:3e:32:04:4b:f9:1d:d3:fd:df:7c:6f:2e:19:21:26:d9:90:
03:a6:6b:1d:c5:83:a0:61:d2:4c:01:fd:62:0e:e1:8f:a6:11:
cb:a4:85:c2:21:25:d2:27:d4:8d:4a:48:a1:fa:89:4b:c9:42:
08:20:cb:a5:ab:69:30:32:a1:30:e5:d9:ff:a1:6a:ac:df:85:
df:e2:02:08:06:86:be:b7:9e:8d:3a:17:30:47:d7:50:87:b1:
0b:38:49:0f:63:a7:b8:84:9a:4f:86:1c:50:91:05:37:fd:42:
33:f2:fb:c0:e0:42:47:54:c9:a5:21:93:4e:6b:bf:df:e6:d2:
2e:c5:55:03:35:08:27:22:d6:9e:9e:94:35:20:30:e4:5e:50:
30:c5:9c:3e:c7:ef:5b:02:da:e1:e2:8f:78:8d:48:bb:34:ba:
7e:dd:db:d3:ff:85:e0:84:8d:e8:fb:8d:6d:4a:dc:c9:14:26:
ef:b3:69:f8:91:f0:05:a4:09:4a:e4:cb:20:97:aa:26:15:94:
0b:84:3d:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYN7FJGn7OXb75mIvnKqBVunMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjIwOTI2MTgzNDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWYxZjMzZDg1YTI1OWQ5ZDkxZDA5MDBiYWVjNjg2ZmM5MDg1ZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpMBr6bUDsOue+dDHtRCP5MlPOfU
lD7OaKQ5n8SCNzCyj+JDeDnR0q27y2j4VBnIQ4pRwBnYufek48X1eBJofdUmaFsX
0wSgm3gw2kjZHatmgXx2BiyIrvHUewJfDG4Q1tZVLlV70mpAXNE8MT8WpzEIteg6
P5nKkU9GiO1X8Bgw9oM38Fcz254xlj/UVEmyQz5saEYe4WdVpI1QH/y1qoLhJdQv
F+WwQOk3ulEFpnDwCDv8vaEDtfRhuc6qrbUeDGLKWuPFybolHduexDARflRckeck
zFHfWTnnhVKtQhE4rgurp6G4M88huJqLnLw5SveBDYgfS0Z6HVM/YSkBMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrx8z2FolnZ2R0JALrsaG/JCF2bMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvT3ZIelBZV2lXZG5aSFFrQXV1eG9iOGtJWFpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV2UMA0G
CSqGSIb3DQEBCwUAA4IBAQAiLI1GGN4hozc2hwclJLffZd/H5uQ8Lf1znvetbsOF
q5lyAwun486QnNsehTcWiWEErbByNpIjPjIES/kd0/3ffG8uGSEm2ZADpmsdxYOg
YdJMAf1iDuGPphHLpIXCISXSJ9SNSkih+olLyUIIIMulq2kwMqEw5dn/oWqs34Xf
4gIIBoa+t56NOhcwR9dQh7ELOEkPY6e4hJpPhhxQkQU3/UIz8vvA4EJHVMmlIZNO
a7/f5tIuxVUDNQgnItaenpQ1IDDkXlAwxZw+x+9bAtrh4o94jUi7NLp+3dvT/4Xg
hI3o+41tStzJFCbvs2n4kfAFpAlK5Msgl6omFZQLhD1E
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:02 2023 by rpki-client on console-fra.rpki-client.org