Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/fVu_WiUJqvOYhSLK8LCZvhAb2fA.roa
File: fVu_WiUJqvOYhSLK8LCZvhAb2fA.roa (raw, json)
Hash identifier: qusPsmShie79ZE44tsB1YOBTUczcO67ponDZr30hr4E=
Subject key identifier: 7D:5B:BF:5A:25:09:AA:F3:98:85:22:CA:F0:B0:99:BE:10:1B:D9:F0
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 011983C6
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/fVu_WiUJqvOYhSLK8LCZvhAb2fA.roa
Signing time: Sat 01 Jan 2022 06:03:49 +0000
ROA not before: Sat 01 Jan 2022 06:03:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 45.146.192.0/22 maxlen: 22
45.146.60.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18449350 (0x11983c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jan 1 06:03:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d5bbf5a2509aaf3988522caf0b099be101bd9f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:43:77:40:43:d4:dc:46:78:60:bd:7c:c1:f9:
20:55:9d:e2:31:f7:00:16:75:ec:4e:db:39:52:12:
c1:52:3f:de:b0:15:bc:dc:9f:e9:83:ae:a7:c7:3a:
2f:45:35:a1:ff:18:d4:83:d4:02:e3:dd:dd:87:ac:
9e:7b:50:3e:d3:e9:4f:06:6c:82:04:c8:05:ac:72:
d9:10:66:8a:ac:5f:92:a2:2e:e6:d7:03:03:f1:8d:
e5:fe:1b:98:93:f0:74:9a:20:4a:05:eb:5d:7b:ea:
f3:ef:0c:59:2d:e9:e3:28:fc:74:13:23:79:8e:5f:
e0:53:2d:1c:5a:4e:27:00:dc:c1:71:76:7b:33:e0:
7a:4a:49:b3:ca:98:0e:c5:cf:ef:d5:dc:10:78:a8:
aa:c2:03:93:89:64:5f:0f:63:3b:e3:16:d2:bd:e8:
66:6a:2f:71:47:45:a2:e4:48:cd:34:78:40:16:93:
ea:89:23:91:87:26:99:65:0f:ad:48:a8:29:09:6c:
16:dd:38:52:10:6a:20:a9:19:7c:7e:0c:2f:58:7c:
9f:c7:ca:d9:93:ed:ca:7b:3e:6e:62:51:1f:18:87:
36:e6:bb:35:89:a7:ef:6d:a6:e5:f5:8f:33:44:fa:
26:40:b1:db:0c:d9:6d:f9:30:51:7e:11:7e:be:cb:
fe:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:5B:BF:5A:25:09:AA:F3:98:85:22:CA:F0:B0:99:BE:10:1B:D9:F0
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/fVu_WiUJqvOYhSLK8LCZvhAb2fA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.60.0/22
45.146.192.0/22
Signature Algorithm: sha256WithRSAEncryption
46:55:8f:0a:a2:28:86:4e:91:6e:1c:7f:06:70:74:37:64:3b:
ff:c1:88:50:51:4c:21:05:4b:4e:e6:90:02:6b:41:36:b8:fb:
94:e0:4a:44:9b:c1:5b:96:5b:60:73:70:1b:22:6a:f6:8b:73:
6f:88:45:67:8c:2c:aa:17:bd:0e:7f:f6:39:95:fe:67:5c:aa:
e3:38:9c:82:4a:73:3d:13:54:1c:ec:11:26:4a:8c:63:e0:91:
1c:67:ea:8a:82:d1:8e:a0:57:35:46:7f:a9:00:01:26:66:a5:
58:6c:53:a2:a5:35:d5:de:4a:89:19:aa:fb:e5:b2:13:f2:69:
b0:29:24:87:9c:38:92:3a:63:a2:05:3b:34:97:67:ba:f1:8c:
ec:ae:9e:98:18:6b:cc:45:9e:ea:30:3b:be:d6:dd:a7:16:b0:
1b:d9:a7:cc:65:0b:72:72:f6:22:da:3a:2c:1f:7c:92:45:52:
56:6f:22:26:4f:67:81:55:e8:ac:73:54:65:bd:6d:af:f1:8d:
20:92:97:8c:4d:6d:61:29:b7:c0:91:ea:06:da:7b:9a:e1:18:
43:d9:68:43:17:6e:88:d9:cc:39:66:a5:69:a8:89:b8:5b:18:
ea:d7:5f:52:99:08:a6:72:5d:93:c5:93:bd:80:50:81:df:fb:
9d:d1:91:a5
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEARmDxjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZTFjMTE2NThkMjA0MWVhZjI1MDJmZTU0MDhlZDQ5M2JiZDRmMzE4MB4XDTIyMDEw
MTA2MDM0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Q1YmJmNWEyNTA5
YWFmMzk4ODUyMmNhZjBiMDk5YmUxMDFiZDlmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhDd0BD1NxGeGC9fMH5IFWd4jH3ABZ17E7bOVISwVI/3rAV
vNyf6YOup8c6L0U1of8Y1IPUAuPd3YesnntQPtPpTwZsggTIBaxy2RBmiqxfkqIu
5tcDA/GN5f4bmJPwdJogSgXrXXvq8+8MWS3p4yj8dBMjeY5f4FMtHFpOJwDcwXF2
ezPgekpJs8qYDsXP79XcEHioqsIDk4lkXw9jO+MW0r3oZmovcUdFouRIzTR4QBaT
6okjkYcmmWUPrUioKQlsFt04UhBqIKkZfH4ML1h8n8fK2ZPtyns+bmJRHxiHNua7
NYmn722m5fWPM0T6JkCx2wzZbfkwUX4Rfr7L/q8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBR9W79aJQmq85iFIsrwsJm+EBvZ8DAfBgNVHSMEGDAWgBSOHBFljSBB6vJQ
L+VAjtSTu9TzGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pod1JaWTBnUWVyeVVDX2xRSTdVazd2VTh4Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNzBiZjhiLWQ4YzQtNDBjMy05MDIyLTYzMzQ4Y2RiZjAyNC8x
L2ZWdV9XaVVKcXZPWWhTTEs4TENadmhBYjJmQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NzBiZjhiLWQ4YzQtNDBjMy05MDIyLTYzMzQ4Y2RiZjAyNC8xL2pod1JaWTBnUWVy
eVVDX2xRSTdVazd2VTh4Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2SPAMEAi2SwDANBgkqhkiG9w0B
AQsFAAOCAQEARlWPCqIohk6Rbhx/BnB0N2Q7/8GIUFFMIQVLTuaQAmtBNrj7lOBK
RJvBW5ZbYHNwGyJq9otzb4hFZ4wsqhe9Dn/2OZX+Z1yq4zicgkpzPRNUHOwRJkqM
Y+CRHGfqioLRjqBXNUZ/qQABJmalWGxToqU11d5KiRmq++WyE/JpsCkkh5w4kjpj
ogU7NJdnuvGM7K6emBhrzEWe6jA7vtbdpxawG9mnzGULcnL2Ito6LB98kkVSVm8i
Jk9ngVXorHNUZb1tr/GNIJKXjE1tYSm3wJHqBtp7muEYQ9loQxduiNnMOWalaaiJ
uFsY6tdfUpkIpnJdk8WTvYBQgd/7ndGRpQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:20 2025 by rpki-client