Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/bBtoz2UwGz42CAtSl47RShFuAlY.roa
File: bBtoz2UwGz42CAtSl47RShFuAlY.roa (raw, json)
Hash identifier: mNYZL8TV5teUzDb5Gk4wTf0L90VNqW5piTWmHbcExwo=
Subject key identifier: 6C:1B:68:CF:65:30:1B:3E:36:08:0B:52:97:8E:D1:4A:11:6E:02:56
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 026B3ECF
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/bBtoz2UwGz42CAtSl47RShFuAlY.roa
Signing time: Tue 24 May 2022 05:28:02 +0000
ROA not before: Tue 24 May 2022 05:28:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 45.8.27.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40582863 (0x26b3ecf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: May 24 05:28:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c1b68cf65301b3e36080b52978ed14a116e0256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a6:99:99:d3:72:12:91:da:ce:4b:2e:17:09:
5c:34:50:09:d7:b4:b6:02:26:c7:b0:e5:c0:ad:b8:
f6:62:a8:7c:29:35:1e:09:3f:5a:2a:e4:90:28:45:
fd:a8:47:5c:d6:32:61:83:e0:bf:25:b4:35:ef:9c:
70:06:d8:c1:df:4f:db:92:8d:98:5d:fa:a9:1f:ad:
5c:d8:8d:d8:15:6e:a5:7d:f6:83:f1:ea:aa:25:80:
9d:9f:0d:71:dd:b6:54:26:cb:9d:88:52:69:a1:94:
09:9d:a5:2f:dd:1a:b1:2a:e8:6f:d6:54:36:92:24:
bc:82:a4:ed:f6:0d:69:19:f1:08:79:aa:5e:81:90:
6a:3e:84:b4:7b:c2:48:b7:13:30:2f:e3:bc:fc:53:
bc:05:9b:0d:85:ee:ca:30:e1:35:e7:67:74:a5:a9:
6b:d1:a0:26:24:96:84:0a:05:68:d7:b7:1f:d1:f7:
f6:17:a3:ff:46:38:09:a6:cf:bc:54:38:ce:1a:fb:
32:65:08:8d:12:58:d2:29:9d:1e:c8:31:8a:5c:bb:
f9:3a:a7:41:a7:63:54:bb:1e:9f:cf:3e:12:1a:4a:
72:50:87:80:cb:65:db:c7:68:c1:35:11:6c:70:26:
7f:e2:a4:6e:7d:c7:6e:b2:8a:0f:57:ee:72:b7:c8:
2e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:1B:68:CF:65:30:1B:3E:36:08:0B:52:97:8E:D1:4A:11:6E:02:56
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/bBtoz2UwGz42CAtSl47RShFuAlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.27.0/24
Signature Algorithm: sha256WithRSAEncryption
96:91:66:fe:18:1d:7b:2f:3e:8f:d4:4c:3a:26:5c:fe:d5:01:
79:fa:ca:8f:4b:2c:9d:b7:a9:f8:2b:e1:ee:4a:0b:28:5c:60:
49:74:9d:cb:3c:64:d4:55:ae:78:a8:c1:dc:94:6b:4b:e1:19:
30:a7:cf:99:08:eb:41:51:95:52:68:0d:db:2f:68:12:c4:86:
29:f5:b8:8a:06:72:d2:57:00:58:ec:38:fc:5d:91:5d:26:8d:
4f:13:e5:aa:4b:0a:76:6c:4d:fa:a7:63:dc:31:f5:a2:32:24:
4a:63:ba:b5:7f:69:6f:4e:22:74:45:fb:fa:55:a0:e4:95:aa:
33:42:3a:cd:82:8e:89:15:90:60:f2:60:d6:b5:d9:fe:8a:90:
e9:b0:13:44:2c:ba:c1:84:c2:22:d2:59:d3:96:c7:d7:01:8e:
52:27:38:ff:2f:08:1b:16:07:10:c9:49:75:53:e0:2d:6a:8c:
dd:48:a2:02:63:c8:f5:70:dc:d7:ca:ff:40:f4:80:3a:5d:df:
2a:78:e0:d5:04:32:f4:ea:d0:9b:4c:2e:cc:bf:cd:25:b1:e5:
fd:b2:76:d2:b5:1a:39:37:a1:43:fe:b2:4d:b9:1e:9d:61:07:
b3:80:54:29:e3:fd:f4:2d:5f:0e:8a:27:53:24:1d:0f:8f:93:
8a:b1:b7:77
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAms+zzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZTFjMTE2NThkMjA0MWVhZjI1MDJmZTU0MDhlZDQ5M2JiZDRmMzE4MB4XDTIyMDUy
NDA1MjgwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmMxYjY4Y2Y2NTMw
MWIzZTM2MDgwYjUyOTc4ZWQxNGExMTZlMDI1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALammZnTchKR2s5LLhcJXDRQCde0tgImx7DlwK249mKofCk1
Hgk/WirkkChF/ahHXNYyYYPgvyW0Ne+ccAbYwd9P25KNmF36qR+tXNiN2BVupX32
g/HqqiWAnZ8Ncd22VCbLnYhSaaGUCZ2lL90asSrob9ZUNpIkvIKk7fYNaRnxCHmq
XoGQaj6EtHvCSLcTMC/jvPxTvAWbDYXuyjDhNedndKWpa9GgJiSWhAoFaNe3H9H3
9hej/0Y4CabPvFQ4zhr7MmUIjRJY0imdHsgxily7+TqnQadjVLsen88+EhpKclCH
gMtl28dowTURbHAmf+Kkbn3HbrKKD1fucrfILgkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRsG2jPZTAbPjYIC1KXjtFKEW4CVjAfBgNVHSMEGDAWgBSOHBFljSBB6vJQ
L+VAjtSTu9TzGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pod1JaWTBnUWVyeVVDX2xRSTdVazd2VTh4Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNzBiZjhiLWQ4YzQtNDBjMy05MDIyLTYzMzQ4Y2RiZjAyNC8x
L2JCdG96MlV3R3o0MkNBdFNsNDdSU2hGdUFsWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NzBiZjhiLWQ4YzQtNDBjMy05MDIyLTYzMzQ4Y2RiZjAyNC8xL2pod1JaWTBnUWVy
eVVDX2xRSTdVazd2VTh4Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0IGzANBgkqhkiG9w0BAQsFAAOC
AQEAlpFm/hgdey8+j9RMOiZc/tUBefrKj0ssnbep+Cvh7koLKFxgSXSdyzxk1FWu
eKjB3JRrS+EZMKfPmQjrQVGVUmgN2y9oEsSGKfW4igZy0lcAWOw4/F2RXSaNTxPl
qksKdmxN+qdj3DH1ojIkSmO6tX9pb04idEX7+lWg5JWqM0I6zYKOiRWQYPJg1rXZ
/oqQ6bATRCy6wYTCItJZ05bH1wGOUic4/y8IGxYHEMlJdVPgLWqM3UiiAmPI9XDc
18r/QPSAOl3fKnjg1QQy9OrQm0wuzL/NJbHl/bJ20rUaOTehQ/6yTbkenWEHs4BU
KeP99C1fDoonUyQdD4+TirG3dw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:02 2023 by rpki-client on console-fra.rpki-client.org