Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/HQo528JK7ZjddStXOCaFI0dHtxs.roa
File: HQo528JK7ZjddStXOCaFI0dHtxs.roa (raw, json)
Hash identifier: H4mFkDVKcM+tDS3vuNJR2yIRwNQC/fshr5w2qP6fQ84=
Subject key identifier: 1D:0A:39:DB:C2:4A:ED:98:DD:75:2B:57:38:26:85:23:47:47:B7:1B
Certificate issuer: /CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Certificate serial: 018573038F88F77E40E16339C57A104F23DF
Authority key identifier: 2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/HQo528JK7ZjddStXOCaFI0dHtxs.roa
Signing time: Mon 02 Jan 2023 15:04:51 +0000
ROA not before: Mon 02 Jan 2023 15:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49729
IP address blocks: 45.132.205.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:03:8f:88:f7:7e:40:e1:63:39:c5:7a:10:4f:23:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Validity
Not Before: Jan 2 15:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d0a39dbc24aed98dd752b57382685234747b71b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c8:52:45:39:ec:6a:ba:6d:91:31:42:13:17:
d6:2f:c9:b7:26:bf:f5:73:de:c7:03:38:06:07:14:
df:94:f7:f5:e4:74:75:e1:1f:60:94:f9:4d:fa:8c:
93:40:63:48:e6:d0:2e:d5:b3:ae:90:6b:c6:ed:f4:
84:88:6e:6d:b7:58:5d:5d:94:e2:29:9b:c0:dc:f1:
62:e8:44:bd:d7:ba:03:56:01:e9:81:2e:52:f7:4a:
95:cc:f8:5f:cc:09:ef:4b:50:b4:45:89:dd:9e:ce:
a5:80:b6:a0:34:14:b0:0c:f9:50:93:6f:72:db:56:
cf:e8:00:ce:a3:09:e9:09:4a:2e:72:7e:9f:3e:f2:
b7:2d:4b:fc:48:9a:a2:56:d1:98:4e:a8:9c:93:b5:
61:a8:9a:64:0a:f2:36:34:28:39:0a:6e:8b:d9:1b:
59:ca:e1:d9:e5:3c:5b:84:a5:3f:96:38:f4:a1:5a:
a3:1e:8f:02:b6:d9:ba:4c:91:3c:a4:8d:93:fe:bd:
32:2a:c7:0b:87:49:94:f0:5c:32:a8:61:16:64:1b:
0a:2d:50:a2:4c:cb:97:3f:fa:16:a7:19:68:3b:f3:
a8:2e:a6:e3:4f:1c:3b:40:4a:8d:71:b0:af:9d:e5:
bd:3e:44:4c:59:db:20:fc:7f:75:c4:57:bc:da:73:
b9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:0A:39:DB:C2:4A:ED:98:DD:75:2B:57:38:26:85:23:47:47:B7:1B
X509v3 Authority Key Identifier:
keyid:2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/HQo528JK7ZjddStXOCaFI0dHtxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/L1yrigmp_eI8ljX44WSu8J4XlIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.205.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:ca:76:58:3f:da:33:77:44:23:3b:c8:51:94:4a:58:03:84:
69:d2:18:07:11:7b:61:44:8a:41:36:b6:71:e6:79:4a:fd:26:
54:80:17:58:ae:c2:0a:af:33:28:b2:8a:c2:7f:5c:f2:51:df:
39:6f:d9:87:fe:81:e0:8d:76:54:0d:78:d3:53:a9:fc:e1:2a:
4d:00:e0:c2:d2:92:54:31:e4:64:36:bd:92:10:99:3e:8c:bc:
19:b8:65:5b:ec:84:b2:44:00:2d:8d:8e:fd:bf:3f:4d:21:ef:
c6:82:34:08:2b:ff:ff:74:55:87:69:43:00:68:00:24:b9:f4:
6f:fd:21:b9:bb:13:92:f0:20:a1:78:17:09:58:a8:a5:e0:6b:
9b:6e:de:1f:11:4f:34:a9:89:9d:61:ef:d5:b0:e9:43:91:bd:
62:14:ed:0a:ff:c1:93:f5:49:d9:79:f5:2f:67:52:fa:f6:da:
c1:9d:a0:6b:f1:81:ec:87:38:59:2f:69:87:0c:99:1d:d5:9b:
26:53:85:b8:3b:4f:eb:49:e2:c3:4f:c9:c1:a0:fc:36:c8:da:
1a:d1:ac:5d:d0:0a:3d:33:08:e2:e8:86:f1:03:ec:29:ea:1d:
45:7e:92:36:82:4e:ae:80:90:71:da:26:96:4a:c1:fe:ec:f1:
6a:49:3b:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzA4+I935A4WM5xXoQTyPfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNWNhYjhhMDlhOWZkZTIzYzk2MzVmOGUxNjRhZWYwOWUx
Nzk0OGMwHhcNMjMwMTAyMTUwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDBhMzlkYmMyNGFlZDk4ZGQ3NTJiNTczODI2ODUyMzQ3NDdiNzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8hSRTnsarptkTFCExfWL8m3Jr/1
c97HAzgGBxTflPf15HR14R9glPlN+oyTQGNI5tAu1bOukGvG7fSEiG5tt1hdXZTi
KZvA3PFi6ES917oDVgHpgS5S90qVzPhfzAnvS1C0RYndns6lgLagNBSwDPlQk29y
21bP6ADOownpCUoucn6fPvK3LUv8SJqiVtGYTqick7VhqJpkCvI2NCg5Cm6L2RtZ
yuHZ5TxbhKU/ljj0oVqjHo8Cttm6TJE8pI2T/r0yKscLh0mU8FwyqGEWZBsKLVCi
TMuXP/oWpxloO/OoLqbjTxw7QEqNcbCvneW9PkRMWdsg/H91xFe82nO5xwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB0KOdvCSu2Y3XUrVzgmhSNHR7cbMB8GA1UdIwQY
MBaAFC9cq4oJqf3iPJY1+OFkrvCeF5SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUt
MDAyZjI2ZTNiODk4LzEvSFFvNTI4Sks3WmpkZFN0WE9DYUZJMGRIdHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUtMDAyZjI2ZTNiODk4
LzEvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYTNMA0G
CSqGSIb3DQEBCwUAA4IBAQCtynZYP9ozd0QjO8hRlEpYA4Rp0hgHEXthRIpBNrZx
5nlK/SZUgBdYrsIKrzMosorCf1zyUd85b9mH/oHgjXZUDXjTU6n84SpNAODC0pJU
MeRkNr2SEJk+jLwZuGVb7ISyRAAtjY79vz9NIe/GgjQIK///dFWHaUMAaAAkufRv
/SG5uxOS8CCheBcJWKil4Gubbt4fEU80qYmdYe/VsOlDkb1iFO0K/8GT9UnZefUv
Z1L69trBnaBr8YHshzhZL2mHDJkd1ZsmU4W4O0/rSeLDT8nBoPw2yNoa0axd0Ao9
Mwji6IbxA+wp6h1FfpI2gk6ugJBx2iaWSsH+7PFqSTt4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:32 2023 by rpki-client on console-ams.rpki-client.org