Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/yaKkN4ky2EG9LsKs2FIN2c3t9E4.roa
File: yaKkN4ky2EG9LsKs2FIN2c3t9E4.roa (raw, json)
Hash identifier: QUUAG596xaqkjlZj0mot6qeu039IAZ68KY3KWaeJX90=
Subject key identifier: C9:A2:A4:37:89:32:D8:41:BD:2E:C2:AC:D8:52:0D:D9:CD:ED:F4:4E
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 018221C74A28AE58C6A551E05DE3C07F6805
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/yaKkN4ky2EG9LsKs2FIN2c3t9E4.roa
Signing time: Thu 21 Jul 2022 17:21:24 +0000
ROA not before: Thu 21 Jul 2022 17:21:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15830
IP address blocks: 145.43.0.0/16 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:21:c7:4a:28:ae:58:c6:a5:51:e0:5d:e3:c0:7f:68:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jul 21 17:21:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9a2a4378932d841bd2ec2acd8520dd9cdedf44e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:dc:1b:82:e7:8b:9a:0a:51:f8:08:0b:08:d8:
ad:27:d1:74:32:ba:f9:06:9e:fe:35:88:fd:2e:45:
2d:f4:32:2e:3c:99:6f:1a:ea:ff:06:28:ed:83:b5:
65:ea:e9:d1:e2:d8:b2:6e:4b:03:52:61:bf:f8:35:
65:3b:94:95:9b:9b:8b:10:65:b0:5e:7d:7f:48:a1:
43:8d:33:6c:2d:d2:a1:a7:47:3d:3e:d7:c4:63:5d:
06:11:1e:c2:89:2f:61:a6:f6:bc:c9:ea:cc:b5:49:
d6:a4:9f:2b:0c:4a:6a:cd:3f:c2:2d:16:1f:80:aa:
44:4f:53:32:c8:25:0e:2e:0f:6a:e2:14:c7:cc:28:
51:e9:c0:b2:7b:f5:44:76:7c:d9:e2:5d:a2:70:5b:
6c:81:32:2b:51:86:74:72:67:e0:2b:a1:ff:bb:39:
14:15:db:97:dc:8c:ae:3a:8f:6f:16:12:3b:e4:ce:
7e:62:4d:f8:f5:43:43:09:95:2b:eb:ea:ba:7e:af:
a5:96:6f:7e:02:c8:ab:44:83:f7:15:61:ee:bc:93:
62:31:cb:39:3c:64:cf:77:03:17:22:07:f7:ea:e9:
c7:a4:67:db:9a:40:6a:e4:5e:77:b8:11:33:ec:05:
1f:0e:33:92:71:42:67:db:db:b4:10:a4:e5:53:38:
ff:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A2:A4:37:89:32:D8:41:BD:2E:C2:AC:D8:52:0D:D9:CD:ED:F4:4E
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/yaKkN4ky2EG9LsKs2FIN2c3t9E4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.43.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:1d:59:45:57:50:79:23:87:ef:c7:47:77:94:80:13:e9:fb:
fe:bb:b5:3c:35:76:bb:f2:5b:b8:07:19:95:76:b5:9d:f5:6e:
77:e7:be:ee:64:ee:a8:40:3d:e7:6b:3b:8d:ac:b2:02:a0:1a:
aa:7c:5e:7f:f9:b5:8e:d2:d8:7f:50:0e:a6:eb:c9:b9:84:6b:
05:20:14:5b:fa:89:c5:9e:11:4d:59:bb:09:1d:32:88:01:4a:
7a:f2:e3:3e:4c:15:e4:d5:8f:2c:9d:00:80:a8:9c:f3:3c:f1:
bc:87:7b:c1:4f:2b:26:5b:b9:31:96:27:f6:d2:e4:e3:e1:70:
ec:c4:c4:22:c2:a6:cc:11:ab:ec:97:bd:f4:e4:26:5a:b4:9c:
c7:2c:23:be:3a:33:44:e7:20:a5:17:a9:b6:c7:5f:9b:5f:52:
88:4e:62:aa:2f:0e:1d:c4:ee:df:31:93:39:f3:89:e9:60:a3:
78:1c:67:99:ae:4c:68:dd:c2:3e:d1:46:17:61:b6:9a:37:40:
10:b1:1e:a0:de:8b:eb:7e:a0:5f:69:af:d8:d9:79:7d:b0:e8:
f8:e7:aa:78:93:ab:a6:57:ad:9b:a0:a0:d2:e0:cd:70:07:8e:
6d:6a:89:5b:f5:f1:e6:c4:94:f2:7f:ac:99:30:4a:d1:99:84:
59:1e:c1:ff
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYIhx0oorljGpVHgXePAf2gFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjIwNzIxMTcyMTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWEyYTQzNzg5MzJkODQxYmQyZWMyYWNkODUyMGRkOWNkZWRmNDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9wbgueLmgpR+AgLCNitJ9F0Mrr5
Bp7+NYj9LkUt9DIuPJlvGur/Bijtg7Vl6unR4tiybksDUmG/+DVlO5SVm5uLEGWw
Xn1/SKFDjTNsLdKhp0c9PtfEY10GER7CiS9hpva8yerMtUnWpJ8rDEpqzT/CLRYf
gKpET1MyyCUOLg9q4hTHzChR6cCye/VEdnzZ4l2icFtsgTIrUYZ0cmfgK6H/uzkU
FduX3IyuOo9vFhI75M5+Yk349UNDCZUr6+q6fq+llm9+AsirRIP3FWHuvJNiMcs5
PGTPdwMXIgf36unHpGfbmkBq5F53uBEz7AUfDjOScUJn29u0EKTlUzj/CwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFMmipDeJMthBvS7CrNhSDdnN7fROMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEveWFLa040a3kyRUc5THNLczJGSU4yYzN0OUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAkSswDQYJ
KoZIhvcNAQELBQADggEBAI0dWUVXUHkjh+/HR3eUgBPp+/67tTw1drvyW7gHGZV2
tZ31bnfnvu5k7qhAPedrO42ssgKgGqp8Xn/5tY7S2H9QDqbrybmEawUgFFv6icWe
EU1ZuwkdMogBSnry4z5MFeTVjyydAIConPM88byHe8FPKyZbuTGWJ/bS5OPhcOzE
xCLCpswRq+yXvfTkJlq0nMcsI746M0TnIKUXqbbHX5tfUohOYqovDh3E7t8xkznz
ielgo3gcZ5muTGjdwj7RRhdhtpo3QBCxHqDei+t+oF9pr9jZeX2w6PjnqniTq6ZX
rZugoNLgzXAHjm1qiVv18ebElPJ/rJkwStGZhFkewf8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:09 2024 by rpki-client on console-fra.rpki-client.org