Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/Qo9dO0xrotWNTP4g4kl8KEc6vqo.roa
File: Qo9dO0xrotWNTP4g4kl8KEc6vqo.roa (raw, json)
Hash identifier: SOgyP8w/BlCKUrK50PYZDvyxypLwl4aOV5sBezf6hHI=
Subject key identifier: 42:8F:5D:3B:4C:6B:A2:D5:8D:4C:FE:20:E2:49:7C:28:47:3A:BE:AA
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 06F5EBEB
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/Qo9dO0xrotWNTP4g4kl8KEc6vqo.roa
Signing time: Sat 01 Jan 2022 01:58:02 +0000
ROA not before: Sat 01 Jan 2022 01:58:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 262287
IP address blocks: 45.131.224.0/22 maxlen: 32
45.145.104.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116780011 (0x6f5ebeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: Jan 1 01:58:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=428f5d3b4c6ba2d58d4cfe20e2497c28473abeaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:53:0c:88:9d:c4:76:f6:bc:00:24:56:d9:08:
4e:e8:bc:13:4b:8d:7a:b7:29:78:77:a5:ab:99:ba:
8a:c5:33:de:79:b1:10:b8:64:bd:ec:04:ef:17:9d:
5e:e3:34:a6:32:55:3d:a3:fb:a5:d5:d9:e0:93:2e:
1f:54:6c:17:47:99:2c:e3:0b:00:0b:db:bf:b1:9b:
bc:17:47:c6:d3:33:b5:f4:c6:87:fb:49:f7:0d:27:
45:f5:9e:97:5e:52:a1:21:e4:be:01:35:9a:5f:df:
1b:df:93:8b:1a:f0:a4:99:47:8c:cc:cd:48:9c:1a:
6e:7b:32:7c:b6:dc:e2:ac:3c:99:78:1e:fa:3b:ea:
14:6f:fb:f9:8f:0b:f4:dc:32:b1:97:b6:10:bb:f5:
b6:a2:94:95:eb:ce:8c:22:c4:7d:9c:1c:61:6b:12:
c9:35:e7:98:93:b8:a7:c5:09:97:89:f3:e2:25:4e:
dd:e2:88:8c:36:f5:b4:64:21:34:34:0c:87:76:cf:
d0:69:f8:5a:c4:f6:93:71:b2:b4:c3:e4:cf:61:1d:
a0:bb:4b:8d:d6:74:0a:f7:0c:2d:ee:6c:b7:72:f7:
52:db:e6:f9:dd:de:4c:d0:f9:31:47:46:20:df:3a:
92:57:e1:96:80:dd:36:42:f8:1c:5f:2e:2e:e6:2d:
cf:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:8F:5D:3B:4C:6B:A2:D5:8D:4C:FE:20:E2:49:7C:28:47:3A:BE:AA
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/Qo9dO0xrotWNTP4g4kl8KEc6vqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.224.0/22
45.145.104.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:2e:8d:3c:72:24:0c:1d:22:73:94:9d:d1:8e:c9:5e:15:30:
93:36:50:dd:ed:38:7a:2b:51:6c:b6:9d:74:bb:50:49:93:9f:
13:0a:06:4a:d3:b1:d4:c0:bb:2a:9d:59:67:5d:f3:64:d4:0b:
b3:93:c2:45:12:de:35:65:8e:34:16:06:0c:81:b1:4b:fb:da:
dc:16:49:96:3b:60:d4:80:0d:7b:c6:67:d4:39:cf:d2:ea:ee:
01:11:23:12:06:37:1e:33:7f:f3:53:e0:ea:90:06:35:49:37:
11:10:e5:fa:3c:36:60:f8:b4:74:60:46:dc:96:73:b0:e2:13:
96:3a:15:e3:dc:83:54:3d:10:62:9b:4a:f9:bb:d8:34:6a:82:
4e:b1:16:5c:4e:27:53:2d:b1:f0:32:eb:c9:94:b1:1f:98:81:
ef:22:a4:99:8e:1f:86:2a:fc:bc:e3:aa:d1:45:48:1b:78:64:
b0:7e:f6:0a:1b:ed:7e:72:46:f8:ef:8d:3f:45:d6:4d:e1:99:
a8:97:ff:b4:39:7c:c1:d9:34:0d:30:45:7b:79:ea:bb:9a:44:
9e:96:c6:10:ef:c6:f6:dd:a9:df:a7:5e:49:19:70:98:e3:85:
08:44:93:6d:37:b4:54:74:23:0e:2b:0e:3d:7e:8c:db:7a:79:
7d:d8:8d:34
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBvXr6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzAzYTJjYWYyOTgwMTlmYmQ2Njg2MjE1MTZjOGM2ZTFkMTBlODNjMB4XDTIyMDEw
MTAxNTgwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDI4ZjVkM2I0YzZi
YTJkNThkNGNmZTIwZTI0OTdjMjg0NzNhYmVhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5TDIidxHb2vAAkVtkITui8E0uNercpeHelq5m6isUz3nmx
ELhkvewE7xedXuM0pjJVPaP7pdXZ4JMuH1RsF0eZLOMLAAvbv7GbvBdHxtMztfTG
h/tJ9w0nRfWel15SoSHkvgE1ml/fG9+TixrwpJlHjMzNSJwabnsyfLbc4qw8mXge
+jvqFG/7+Y8L9NwysZe2ELv1tqKUlevOjCLEfZwcYWsSyTXnmJO4p8UJl4nz4iVO
3eKIjDb1tGQhNDQMh3bP0Gn4WsT2k3GytMPkz2EdoLtLjdZ0CvcMLe5st3L3Utvm
+d3eTND5MUdGIN86klfhloDdNkL4HF8uLuYtz0kCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRCj107TGui1Y1M/iDiSXwoRzq+qjAfBgNVHSMEGDAWgBRsA6LK8pgBn71m
hiFRbIxuHRDoPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JBT2l5dktZQVotOVpvWWhVV3lNYmgwUTZEdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvMTZiOGU0LTEyNTMtNGQ5ZS1iZDQ5LWZjMzdmYjBjZDQzYi8x
L1FvOWRPMHhyb3RXTlRQNGc0a2w4S0VjNnZxby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
MTZiOGU0LTEyNTMtNGQ5ZS1iZDQ5LWZjMzdmYjBjZDQzYi8xL2JBT2l5dktZQVot
OVpvWWhVV3lNYmgwUTZEdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2D4AMEAi2RaDANBgkqhkiG9w0B
AQsFAAOCAQEAmi6NPHIkDB0ic5Sd0Y7JXhUwkzZQ3e04eitRbLaddLtQSZOfEwoG
StOx1MC7Kp1ZZ13zZNQLs5PCRRLeNWWONBYGDIGxS/va3BZJljtg1IANe8Zn1DnP
0uruAREjEgY3HjN/81Pg6pAGNUk3ERDl+jw2YPi0dGBG3JZzsOITljoV49yDVD0Q
YptK+bvYNGqCTrEWXE4nUy2x8DLryZSxH5iB7yKkmY4fhir8vOOq0UVIG3hksH72
ChvtfnJG+O+NP0XWTeGZqJf/tDl8wdk0DTBFe3nqu5pEnpbGEO/G9t2p36deSRlw
mOOFCESTbTe0VHQjDisOPX6M23p5fdiNNA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:43 2023 by rpki-client on console-fra.rpki-client.org