Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/T4ZmD-KejUJLtHfJlXcgyUSGRK4.roa
File: T4ZmD-KejUJLtHfJlXcgyUSGRK4.roa (raw, json)
Hash identifier: 7OWoegZBQKnwRH/KwIPa2L2w38a2GRSpRcRHtvrAkxo=
Subject key identifier: 4F:86:66:0F:E2:9E:8D:42:4B:B4:77:C9:95:77:20:C9:44:86:44:AE
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018529193167DCF77E128A2579D9FEAB165C
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/T4ZmD-KejUJLtHfJlXcgyUSGRK4.roa
Signing time: Mon 19 Dec 2022 06:36:34 +0000
ROA not before: Mon 19 Dec 2022 06:36:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 45.149.72.0/22 maxlen: 22
45.148.252.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:19:31:67:dc:f7:7e:12:8a:25:79:d9:fe:ab:16:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Dec 19 06:36:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f86660fe29e8d424bb477c9957720c9448644ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:53:22:da:88:4d:03:b1:8e:51:50:f6:1f:5d:
6c:7a:aa:3a:15:74:d1:fc:c7:9f:43:e4:47:f3:a1:
4b:1f:b1:68:10:4d:30:63:39:8f:74:6a:be:ae:71:
97:f3:6c:8c:ec:03:25:fe:c7:ec:2f:c9:7d:ca:bc:
c3:1d:b4:53:b1:f1:b4:ff:75:07:76:13:d1:b9:b7:
63:59:d3:3f:60:ce:83:5f:eb:d0:03:2e:36:bd:3e:
41:a1:98:e0:59:b9:76:8b:d9:7c:49:3d:c7:da:66:
99:28:f1:dc:98:7d:02:c2:56:55:59:9a:7e:7a:c0:
e5:06:0d:47:24:32:3f:0c:0c:7c:d2:f3:87:cf:28:
1f:bb:cb:b9:9e:d5:36:18:3f:32:46:89:a8:39:a3:
50:36:33:09:34:88:e0:15:20:a1:d1:d9:ca:cf:a3:
de:56:84:29:24:4b:cc:80:44:87:63:36:1f:4c:19:
fa:66:c3:5c:74:15:59:1d:bb:fa:1d:90:af:47:50:
87:a2:a5:6d:19:e1:c9:2d:2e:c1:f8:31:d2:97:46:
58:2b:37:3b:6f:c5:b9:b5:1a:19:56:ca:05:d7:85:
bd:65:13:28:52:9b:22:c6:16:ca:97:0d:14:de:be:
09:74:36:0f:1e:90:ee:5a:cb:6e:14:38:ce:e3:cc:
8b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:86:66:0F:E2:9E:8D:42:4B:B4:77:C9:95:77:20:C9:44:86:44:AE
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/T4ZmD-KejUJLtHfJlXcgyUSGRK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.252.0/22
45.149.72.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:79:51:e3:c5:88:17:44:b8:a2:02:9c:0b:15:b5:6b:97:38:
e4:ea:59:6b:a1:a8:41:f6:8c:8d:53:84:67:b1:5c:32:21:23:
e9:15:b8:5d:8a:d8:9d:19:ac:c6:4d:19:fb:f7:4a:5a:41:b2:
57:c2:a4:3a:90:88:4a:c8:16:0c:3f:cb:68:f2:9b:74:77:12:
6c:c2:7d:29:c6:f6:0d:80:6d:e5:b7:57:b3:81:fb:da:ec:c9:
92:ce:85:72:bf:25:72:d8:9e:74:62:2b:ce:5f:c3:40:0a:33:
1b:84:27:df:65:ff:b1:a6:b2:9a:94:db:c9:2d:1a:95:38:70:
c9:52:c3:a7:1c:7b:2e:c4:ef:53:25:e8:61:e0:0e:52:7e:81:
61:f6:79:1d:81:26:70:98:b7:c9:de:2b:84:14:aa:fa:f4:3b:
20:bf:4b:c7:d1:a5:e6:a0:fd:55:3f:63:18:08:2c:53:18:ac:
80:9c:1c:d7:b1:d2:fd:ef:87:4f:41:df:bc:10:32:81:12:66:
26:f7:1c:5a:e2:6c:57:d8:79:e0:34:68:fc:c4:59:e6:04:d1:
8d:07:0b:07:36:7b:13:d3:68:57:68:0c:37:0d:81:4c:f6:ba:
d3:62:64:38:d7:3e:89:39:d5:d7:67:e8:65:2c:2f:11:a9:ff:
38:c0:d5:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUpGTFn3Pd+Eooledn+qxZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjIxMjE5MDYzNjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Zjg2NjYwZmUyOWU4ZDQyNGJiNDc3Yzk5NTc3MjBjOTQ0ODY0NGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1Mi2ohNA7GOUVD2H11seqo6FXTR
/MefQ+RH86FLH7FoEE0wYzmPdGq+rnGX82yM7AMl/sfsL8l9yrzDHbRTsfG0/3UH
dhPRubdjWdM/YM6DX+vQAy42vT5BoZjgWbl2i9l8ST3H2maZKPHcmH0CwlZVWZp+
esDlBg1HJDI/DAx80vOHzygfu8u5ntU2GD8yRomoOaNQNjMJNIjgFSCh0dnKz6Pe
VoQpJEvMgESHYzYfTBn6ZsNcdBVZHbv6HZCvR1CHoqVtGeHJLS7B+DHSl0ZYKzc7
b8W5tRoZVsoF14W9ZRMoUpsixhbKlw0U3r4JdDYPHpDuWstuFDjO48yL+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE+GZg/ino1CS7R3yZV3IMlEhkSuMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvVDRabUQtS2VqVUpMdEhmSmxYY2d5VVNHUks0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZT8AwQC
LZVIMA0GCSqGSIb3DQEBCwUAA4IBAQA7eVHjxYgXRLiiApwLFbVrlzjk6llroahB
9oyNU4RnsVwyISPpFbhditidGazGTRn790paQbJXwqQ6kIhKyBYMP8to8pt0dxJs
wn0pxvYNgG3lt1ezgfva7MmSzoVyvyVy2J50YivOX8NACjMbhCffZf+xprKalNvJ
LRqVOHDJUsOnHHsuxO9TJehh4A5SfoFh9nkdgSZwmLfJ3iuEFKr69Dsgv0vH0aXm
oP1VP2MYCCxTGKyAnBzXsdL974dPQd+8EDKBEmYm9xxa4mxX2HngNGj8xFnmBNGN
BwsHNnsT02hXaAw3DYFM9rrTYmQ41z6JOdXXZ+hlLC8Rqf84wNWJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org