Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/wzIBc-CbAL3jzg1fodRIki903Io.roa
File: wzIBc-CbAL3jzg1fodRIki903Io.roa (raw, json)
Hash identifier: 4zejJ49+hreiicHnSvMm+fH89bWXy+ibeNXIk1QBtlA=
Subject key identifier: C3:32:01:73:E0:9B:00:BD:E3:CE:0D:5F:A1:D4:48:92:2F:74:DC:8A
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01833D267F2C3CD414E5262C47AFC5F11BC2
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/wzIBc-CbAL3jzg1fodRIki903Io.roa
Signing time: Wed 14 Sep 2022 17:57:56 +0000
ROA not before: Wed 14 Sep 2022 17:57:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 45.149.72.0/22 maxlen: 22
45.148.252.0/22 maxlen: 22
2a0e:a580::/29 maxlen: 29
2a0e:bac0::/29 maxlen: 29
2a0e:a3c0::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3d:26:7f:2c:3c:d4:14:e5:26:2c:47:af:c5:f1:1b:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Sep 14 17:57:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c3320173e09b00bde3ce0d5fa1d448922f74dc8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:20:4c:e0:51:35:49:bc:fe:46:f5:5a:68:a8:
06:ee:d5:94:d9:a8:f5:a4:b7:24:ba:0b:50:34:84:
f9:c5:66:8e:c6:ac:a1:7b:0a:5a:07:48:a5:7c:57:
b8:ed:4b:91:49:50:14:a8:f0:47:a1:9e:e2:ae:54:
34:3e:d4:2d:fb:80:2d:c9:5a:24:fd:62:f5:69:e9:
b7:7d:00:00:e7:69:18:49:f4:6e:65:b4:7f:d7:80:
08:27:7c:e8:bf:7c:09:55:82:ae:be:06:8a:df:d6:
b5:dc:90:98:e9:ca:9e:ae:7c:33:94:82:cd:2f:8e:
1a:77:d9:b4:19:75:4c:6e:c8:d2:3b:b8:dc:e8:1c:
92:85:43:d2:fb:5d:fc:61:3e:74:92:77:39:5f:ac:
4e:ad:ef:74:ba:be:ea:b5:be:d7:9d:1c:75:2f:e1:
cc:f7:c3:2f:58:76:93:d1:8d:e2:3d:05:39:b0:83:
95:c5:47:49:cb:27:c0:c9:a9:68:27:7b:cb:79:28:
d2:f6:27:7b:14:1c:40:87:65:bd:1f:32:fe:6d:48:
e7:a6:17:eb:1f:a2:81:f6:15:f5:e5:80:ed:db:88:
3d:21:ea:34:97:25:7b:e2:62:47:d0:a9:fc:16:38:
b1:9d:e9:1a:72:10:a2:e9:cf:da:21:19:d1:c3:28:
6b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:32:01:73:E0:9B:00:BD:E3:CE:0D:5F:A1:D4:48:92:2F:74:DC:8A
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/wzIBc-CbAL3jzg1fodRIki903Io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.252.0/22
45.149.72.0/22
IPv6:
2a0e:a3c0::/29
2a0e:a580::/29
2a0e:bac0::/29
Signature Algorithm: sha256WithRSAEncryption
8a:2b:c9:1e:b3:2e:a9:03:93:9b:63:93:23:26:9a:a2:1d:c1:
45:2e:9b:47:3a:04:96:a4:55:24:18:2d:b1:28:ea:f7:9c:e2:
cf:6b:63:ad:bf:36:67:73:dc:71:d1:69:22:28:0f:3e:64:31:
f7:8a:4a:31:24:b6:07:f3:d8:2d:31:df:0a:05:3f:0e:d5:a4:
9a:51:cc:44:c9:9c:e0:2e:26:e0:33:7a:1d:e7:96:95:15:dc:
48:5b:0c:df:b6:1d:cd:84:6f:e8:bd:29:43:17:b5:6a:01:2f:
2f:e1:f9:3a:8c:2a:1e:9c:75:41:e5:ff:43:2f:41:4a:18:85:
a2:0a:7b:8d:5e:fa:b4:a0:ef:b4:1d:07:da:07:f5:3d:2c:3b:
2b:e9:8a:8e:71:f0:1d:48:cf:35:88:87:7f:84:e3:71:29:72:
cd:0a:61:0c:e1:f3:ad:20:c8:94:c1:4a:83:4e:5c:ca:2b:99:
db:40:30:2f:b7:b2:1c:f7:5c:31:08:89:7f:07:d1:3a:d1:39:
cf:10:3c:0c:e9:39:02:65:9f:61:d0:8b:38:45:a4:1d:fd:9d:
c5:b7:8d:44:e5:12:d4:b5:52:3c:01:84:ed:f1:c4:01:f1:bb:
9f:e8:4e:7f:cc:ed:bd:26:4e:99:a5:7e:31:a4:0a:07:74:2e:
ae:17:5a:71
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYM9Jn8sPNQU5SYsR6/F8RvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjIwOTE0MTc1NzU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzMyMDE3M2UwOWIwMGJkZTNjZTBkNWZhMWQ0NDg5MjJmNzRkYzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSBM4FE1Sbz+RvVaaKgG7tWU2aj1
pLckugtQNIT5xWaOxqyhewpaB0ilfFe47UuRSVAUqPBHoZ7irlQ0PtQt+4AtyVok
/WL1aem3fQAA52kYSfRuZbR/14AIJ3zov3wJVYKuvgaK39a13JCY6cqernwzlILN
L44ad9m0GXVMbsjSO7jc6ByShUPS+138YT50knc5X6xOre90ur7qtb7XnRx1L+HM
98MvWHaT0Y3iPQU5sIOVxUdJyyfAyaloJ3vLeSjS9id7FBxAh2W9HzL+bUjnphfr
H6KB9hX15YDt24g9Ieo0lyV74mJH0Kn8FjixnekachCi6c/aIRnRwyhr5wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMMyAXPgmwC9484NX6HUSJIvdNyKMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvd3pJQmMtQ2JBTDNqemcxZm9kUklraTkwM0lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQCLZT8AwQC
LZVIMBsEAgACMBUDBQMqDqPAAwUDKg6lgAMFAyoOusAwDQYJKoZIhvcNAQELBQAD
ggEBAIoryR6zLqkDk5tjkyMmmqIdwUUum0c6BJakVSQYLbEo6vec4s9rY62/Nmdz
3HHRaSIoDz5kMfeKSjEktgfz2C0x3woFPw7VpJpRzETJnOAuJuAzeh3nlpUV3Ehb
DN+2Hc2Eb+i9KUMXtWoBLy/h+TqMKh6cdUHl/0MvQUoYhaIKe41e+rSg77QdB9oH
9T0sOyvpio5x8B1IzzWIh3+E43Epcs0KYQzh860gyJTBSoNOXMormdtAMC+3shz3
XDEIiX8H0TrROc8QPAzpOQJln2HQizhFpB39ncW3jUTlEtS1UjwBhO3xxAHxu5/o
Tn/M7b0mTpmlfjGkCgd0Lq4XWnE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org