Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/RzBnJSTo5nDEgN0KA5zdBb3ouos.roa
File: RzBnJSTo5nDEgN0KA5zdBb3ouos.roa (raw, json)
Hash identifier: axwJB69WWGYujEq1gzrMdc4MCNOAdd4rchbvzeKmK/k=
Subject key identifier: 47:30:67:25:24:E8:E6:70:C4:80:DD:0A:03:9C:DD:05:BD:E8:BA:8B
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 38D25DAF
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/RzBnJSTo5nDEgN0KA5zdBb3ouos.roa
Signing time: Sat 01 Jan 2022 07:55:12 +0000
ROA not before: Sat 01 Jan 2022 07:55:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3257
IP address blocks: 145.8.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 953310639 (0x38d25daf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 1 07:55:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4730672524e8e670c480dd0a039cdd05bde8ba8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3b:34:ff:8b:85:ac:cf:f3:9e:9b:07:80:16:
80:09:88:c7:7f:5d:f3:83:65:59:ef:34:55:4b:f5:
00:cd:be:83:0b:ee:d4:5e:32:d0:bf:af:56:a8:57:
0d:59:6f:98:12:27:43:a2:6b:df:2d:d9:a4:db:56:
8f:6f:20:ce:bd:98:1e:1a:8d:a9:e3:80:6d:d9:12:
7b:d8:1c:e8:a8:64:0e:8d:7a:2d:0b:df:13:7d:47:
3d:1f:88:a4:7f:96:c7:c2:f2:af:b0:02:3e:2a:66:
9a:1e:26:02:17:3a:1e:13:97:d0:91:df:80:67:52:
9f:eb:9f:56:a7:6f:e9:3e:61:94:bb:29:37:ba:5b:
44:07:be:b7:52:b8:4d:15:bf:b6:c3:02:8c:df:60:
1e:d0:b4:44:98:48:f5:4d:b4:60:2c:6a:2a:28:31:
0a:36:d5:97:d1:1c:92:ef:08:1e:8f:24:8f:a3:7d:
e9:96:d3:4e:bb:dd:90:38:c1:1d:e6:af:44:8b:1d:
63:43:ee:56:95:23:ee:99:9e:6e:94:c9:04:ea:e4:
c5:cb:9e:14:1f:b3:32:07:f1:98:f9:b5:21:3b:dd:
95:94:72:12:ab:b3:f5:90:9c:66:4a:d2:1e:0c:12:
44:5f:ee:b2:92:1c:30:4d:ae:c6:69:78:2c:a6:9d:
ff:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:30:67:25:24:E8:E6:70:C4:80:DD:0A:03:9C:DD:05:BD:E8:BA:8B
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/RzBnJSTo5nDEgN0KA5zdBb3ouos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.8.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:4b:c4:30:56:8e:8e:33:41:83:9b:5b:7d:b4:0a:8a:fc:98:
f8:29:60:fb:1c:83:2b:e1:07:27:04:1f:e1:6e:cd:d9:a0:e4:
90:b6:72:0a:53:9d:ff:8e:32:0d:b1:1f:1a:80:94:5b:a1:55:
c0:40:71:a8:18:53:1a:46:46:b7:de:5b:f2:31:4c:b4:82:d3:
a9:03:24:89:13:cd:a3:29:57:24:3b:39:31:ae:1d:dc:5d:71:
35:61:17:d2:7f:5b:25:51:7a:3f:01:df:6f:ff:63:23:00:ab:
1b:0c:bb:ce:9c:a8:79:96:54:af:3d:3f:b4:61:47:7b:bb:19:
54:53:d1:8f:71:d8:a5:23:13:59:4e:f9:ca:56:14:8c:07:6d:
8a:89:3e:93:74:4e:32:a7:9c:e2:5e:7a:29:5c:55:ed:11:1b:
2c:49:dd:86:10:c3:f6:33:79:39:27:30:7d:45:f8:00:0a:ee:
4d:82:3e:43:f5:36:cd:d8:1e:be:34:4a:f7:06:02:ed:81:be:
f2:00:7f:dc:98:db:cb:8d:93:28:76:94:66:d1:ce:bc:fd:bd:
d2:19:6c:b6:b1:18:1d:66:42:62:6c:a1:ab:db:f7:3d:b3:bd:
f2:cf:0c:71:97:7c:c6:32:0c:72:7d:b6:b2:3f:79:fc:9c:2f:
b1:5c:83:73
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIEONJdrzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NzczZGIxNzc5NWQyYmYxYjRiNTM0NWM1YjI5MzkwZGJhZjQ1MjNlMB4XDTIyMDEw
MTA3NTUxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDczMDY3MjUyNGU4
ZTY3MGM0ODBkZDBhMDM5Y2RkMDViZGU4YmE4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJY7NP+LhazP856bB4AWgAmIx39d84NlWe80VUv1AM2+gwvu
1F4y0L+vVqhXDVlvmBInQ6Jr3y3ZpNtWj28gzr2YHhqNqeOAbdkSe9gc6KhkDo16
LQvfE31HPR+IpH+Wx8Lyr7ACPipmmh4mAhc6HhOX0JHfgGdSn+ufVqdv6T5hlLsp
N7pbRAe+t1K4TRW/tsMCjN9gHtC0RJhI9U20YCxqKigxCjbVl9Ecku8IHo8kj6N9
6ZbTTrvdkDjBHeavRIsdY0PuVpUj7pmebpTJBOrkxcueFB+zMgfxmPm1ITvdlZRy
Equz9ZCcZkrSHgwSRF/uspIcME2uxml4LKad/6cCAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBRHMGclJOjmcMSA3QoDnN0Fvei6izAfBgNVHSMEGDAWgBQXc9sXeV0r8bS1
NFxbKTkNuvRSPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0YzUGJGM2xkS19HMHRUUmNXeWs1RGJyMFVqNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvZjc3Y2JkLTg5M2ItNDYxNi05ZDc2LTU0ODYxZjIzMjQ5ZC8x
L1J6Qm5KU1RvNW5ERWdOMEtBNXpkQmIzb3Vvcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
Zjc3Y2JkLTg5M2ItNDYxNi05ZDc2LTU0ODYxZjIzMjQ5ZC8xL0YzUGJGM2xkS19H
MHRUUmNXeWs1RGJyMFVqNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJEIMA0GCSqGSIb3DQEBCwUAA4IB
AQBHS8QwVo6OM0GDm1t9tAqK/Jj4KWD7HIMr4QcnBB/hbs3ZoOSQtnIKU53/jjIN
sR8agJRboVXAQHGoGFMaRka33lvyMUy0gtOpAySJE82jKVckOzkxrh3cXXE1YRfS
f1slUXo/Ad9v/2MjAKsbDLvOnKh5llSvPT+0YUd7uxlUU9GPcdilIxNZTvnKVhSM
B22KiT6TdE4yp5ziXnopXFXtERssSd2GEMP2M3k5JzB9RfgACu5Ngj5D9TbN2B6+
NEr3BgLtgb7yAH/cmNvLjZModpRm0c68/b3SGWy2sRgdZkJibKGr2/c9s73yzwxx
l3zGMgxyfbayP3n8nC+xXINz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:35 2023 by rpki-client on console-fra.rpki-client.org