Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/UxTDzSeG98tKZshXrdw03UfAL5Y.roa
File: UxTDzSeG98tKZshXrdw03UfAL5Y.roa (raw, json)
Hash identifier: 0K9Cv3ZFnF/kJwss6xc/YLwyZlw91lEsG2q5PjvF13E=
Subject key identifier: 53:14:C3:CD:27:86:F7:CB:4A:66:C8:57:AD:DC:34:DD:47:C0:2F:96
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 0182B266293B53C4E8E48BA2B788D4E0E8AB
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/UxTDzSeG98tKZshXrdw03UfAL5Y.roa
Signing time: Thu 18 Aug 2022 19:20:15 +0000
ROA not before: Thu 18 Aug 2022 19:20:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 27176
IP address blocks: 45.134.28.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b2:66:29:3b:53:c4:e8:e4:8b:a2:b7:88:d4:e0:e8:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Aug 18 19:20:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5314c3cd2786f7cb4a66c857addc34dd47c02f96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:44:58:a4:58:06:c0:16:fc:44:46:b0:4c:51:
a6:14:80:0a:79:24:61:67:b9:f7:0d:e4:d8:2d:0c:
94:c6:2d:52:8f:10:be:4b:d0:25:2a:3f:87:ba:38:
bf:d2:a6:68:45:fc:20:85:1d:aa:dd:4b:84:57:2d:
d5:4b:db:16:81:41:81:4b:c8:f0:88:91:21:bd:f7:
af:e4:c0:91:af:60:9c:9a:f8:6b:51:8a:34:de:d8:
37:a4:4f:c7:70:d2:d2:37:aa:8c:4a:e0:3b:22:e6:
53:75:a1:0b:bd:85:dd:97:f3:30:78:20:6c:b9:c7:
ff:0a:57:72:a9:1c:8e:ad:2d:67:91:f5:71:3f:20:
4e:17:bb:d2:8d:17:16:fe:03:04:9e:cd:61:7a:20:
88:4e:12:d0:a0:2b:b3:fb:a2:a8:2d:88:07:d3:45:
18:40:be:8e:59:d2:42:bc:8f:c8:ef:cb:af:7c:a1:
cf:ae:50:80:9d:a8:7d:d6:f3:84:05:b5:17:9e:09:
37:c5:29:47:99:af:a9:45:dd:41:75:2b:00:50:8d:
bf:5a:f8:3d:3e:74:13:cd:dc:97:92:e9:d7:81:50:
4f:70:d2:0d:b0:a2:79:ed:ab:12:13:ee:41:fa:c2:
ba:45:33:ff:8e:1c:db:ec:2b:52:d0:3d:15:d2:fc:
eb:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:14:C3:CD:27:86:F7:CB:4A:66:C8:57:AD:DC:34:DD:47:C0:2F:96
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/UxTDzSeG98tKZshXrdw03UfAL5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.28.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:e6:fa:8e:f6:ea:a3:48:68:f1:db:ea:91:5e:93:fe:de:61:
f2:a2:7e:58:5d:5e:27:3a:7d:1f:47:fb:f6:a5:c1:b7:79:04:
91:ef:2d:a4:5d:a5:c4:32:c8:8d:7b:6a:42:30:f2:a4:0f:2b:
52:e2:6c:5d:57:90:af:2d:75:b2:0f:93:1c:02:02:3b:60:0c:
1b:38:d4:26:14:89:c7:5c:08:42:a0:27:16:2d:6a:70:56:f7:
e9:41:b1:b1:f8:c4:0b:3a:8c:00:b0:8f:dc:08:dd:d2:a7:be:
14:b6:6c:08:19:e9:0e:cd:c6:f6:c7:65:e3:af:12:00:f1:60:
1c:13:1e:69:31:62:31:ca:25:c3:cf:15:6f:22:55:41:22:44:
6b:ae:06:b6:3e:c1:04:6d:bf:31:3d:e3:d0:bc:02:df:2b:f4:
ec:a2:86:1b:07:66:d6:87:05:40:60:f9:dc:ef:1f:6d:76:ec:
34:94:3a:06:19:00:71:b3:6c:df:94:4f:e8:39:0f:02:5f:ec:
91:83:57:1f:47:bb:c2:3d:5d:f6:af:d7:8a:84:e9:e6:0e:da:
3b:bd:30:02:cf:b3:f2:56:43:0c:82:e4:8f:fc:71:50:8d:8e:
07:b6:96:df:de:53:98:c8:95:4c:d1:35:e0:a6:d3:e6:f2:35:
ae:9a:df:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKyZik7U8To5Iuit4jU4OirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjIwODE4MTkyMDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzE0YzNjZDI3ODZmN2NiNGE2NmM4NTdhZGRjMzRkZDQ3YzAyZjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnERYpFgGwBb8REawTFGmFIAKeSRh
Z7n3DeTYLQyUxi1SjxC+S9AlKj+Huji/0qZoRfwghR2q3UuEVy3VS9sWgUGBS8jw
iJEhvfev5MCRr2CcmvhrUYo03tg3pE/HcNLSN6qMSuA7IuZTdaELvYXdl/MweCBs
ucf/CldyqRyOrS1nkfVxPyBOF7vSjRcW/gMEns1heiCIThLQoCuz+6KoLYgH00UY
QL6OWdJCvI/I78uvfKHPrlCAnah91vOEBbUXngk3xSlHma+pRd1BdSsAUI2/Wvg9
PnQTzdyXkunXgVBPcNINsKJ57asSE+5B+sK6RTP/jhzb7CtS0D0V0vzrfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFMUw80nhvfLSmbIV63cNN1HwC+WMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvVXhURHpTZUc5OHRLWnNoWHJkdzAzVWZBTDVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYYcMA0G
CSqGSIb3DQEBCwUAA4IBAQAO5vqO9uqjSGjx2+qRXpP+3mHyon5YXV4nOn0fR/v2
pcG3eQSR7y2kXaXEMsiNe2pCMPKkDytS4mxdV5CvLXWyD5McAgI7YAwbONQmFInH
XAhCoCcWLWpwVvfpQbGx+MQLOowAsI/cCN3Sp74UtmwIGekOzcb2x2XjrxIA8WAc
Ex5pMWIxyiXDzxVvIlVBIkRrrga2PsEEbb8xPePQvALfK/TsooYbB2bWhwVAYPnc
7x9tduw0lDoGGQBxs2zflE/oOQ8CX+yRg1cfR7vCPV32r9eKhOnmDto7vTACz7Py
VkMMguSP/HFQjY4Htpbf3lOYyJVM0TXgptPm8jWumt+a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org