Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/HTryYagEsH-lMgxbhbBKjYqK-yc.roa
File: HTryYagEsH-lMgxbhbBKjYqK-yc.roa (raw, json)
Hash identifier: sz2eN4GvfjIvJz34o3IXk1D3BhZ0l84aeWbqtzbm6ik=
Subject key identifier: 1D:3A:F2:61:A8:04:B0:7F:A5:32:0C:5B:85:B0:4A:8D:8A:8A:FB:27
Certificate issuer: /CN=0283a8c69a2630cd8f6fa70af2a53fe019f2cc07
Certificate serial: 059FBF95
Authority key identifier: 02:83:A8:C6:9A:26:30:CD:8F:6F:A7:0A:F2:A5:3F:E0:19:F2:CC:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/HTryYagEsH-lMgxbhbBKjYqK-yc.roa
Signing time: Sun 05 Jun 2022 21:27:20 +0000
ROA not before: Sun 05 Jun 2022 21:27:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16322
IP address blocks: 46.224.64.0/19 maxlen: 19
77.42.96.0/19 maxlen: 19
46.225.32.0/19 maxlen: 19
46.224.96.0/20 maxlen: 20
46.225.64.0/19 maxlen: 19
46.224.224.0/19 maxlen: 19
77.42.32.0/19 maxlen: 19
46.225.192.0/19 maxlen: 19
46.224.32.0/19 maxlen: 19
77.42.64.0/19 maxlen: 19
46.225.0.0/19 maxlen: 19
77.42.64.0/18 maxlen: 18
46.224.160.0/19 maxlen: 19
77.42.0.0/17 maxlen: 17
77.42.0.0/18 maxlen: 18
77.42.0.0/19 maxlen: 19
46.224.192.0/19 maxlen: 19
46.167.128.0/19 maxlen: 19
46.225.160.0/19 maxlen: 19
46.224.112.0/20 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94355349 (0x59fbf95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0283a8c69a2630cd8f6fa70af2a53fe019f2cc07
Validity
Not Before: Jun 5 21:27:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d3af261a804b07fa5320c5b85b04a8d8a8afb27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:0d:d8:b0:ae:9d:79:c6:2b:a6:71:dd:77:98:
31:4c:c7:ac:a8:ee:10:bb:4f:cd:b1:b1:4c:0c:f5:
37:72:69:b0:bc:8d:b4:a0:aa:4d:fd:94:24:d0:14:
8e:6f:d7:37:23:36:10:2f:b1:f4:30:36:8d:6d:0d:
c2:4f:1b:54:aa:b4:ec:54:d3:60:06:58:3c:b2:74:
88:72:0a:f4:c7:ad:1e:aa:e2:d3:94:31:c7:a8:c9:
74:83:c1:ca:38:ff:73:94:02:0d:24:a3:75:3d:bb:
3f:93:b0:62:ee:2c:3e:7f:66:1b:b5:d8:5c:6e:17:
a2:55:1a:60:b0:af:a0:ab:bd:67:6e:82:3a:65:3c:
76:1a:d3:be:ec:9a:ac:3f:42:52:80:b4:e7:c1:28:
56:87:7d:c4:47:76:f2:51:9b:62:c7:74:2d:b7:0e:
61:88:17:83:62:71:01:53:72:37:0f:f6:8f:3e:3c:
db:42:8d:5a:02:2e:9c:bd:92:8b:23:22:dc:c5:94:
3f:61:ae:af:d5:2d:6e:14:b4:51:7d:45:d0:d8:bf:
4f:d9:ef:64:a4:8e:f5:14:85:f9:a8:2e:88:a3:66:
1f:60:a8:ca:11:b3:25:7d:f5:c0:d5:b2:e4:0d:ee:
fd:ee:ba:4a:6b:d0:4f:ca:7b:fb:0d:3a:ae:4b:e2:
ab:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:3A:F2:61:A8:04:B0:7F:A5:32:0C:5B:85:B0:4A:8D:8A:8A:FB:27
X509v3 Authority Key Identifier:
keyid:02:83:A8:C6:9A:26:30:CD:8F:6F:A7:0A:F2:A5:3F:E0:19:F2:CC:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/HTryYagEsH-lMgxbhbBKjYqK-yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/AoOoxpomMM2Pb6cK8qU_4BnyzAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.167.128.0/19
46.224.32.0-46.224.127.255
46.224.160.0-46.225.95.255
46.225.160.0-46.225.223.255
77.42.0.0/17
Signature Algorithm: sha256WithRSAEncryption
13:43:f8:ae:8a:c3:af:41:e4:74:ee:94:5a:51:13:72:84:85:
da:34:67:70:83:69:df:e1:af:5e:db:6f:96:30:25:79:5b:94:
64:06:2a:9c:e4:ac:a1:1b:8e:54:a1:75:1d:19:d8:20:35:5f:
0a:d8:fc:40:6c:0f:bc:6c:4f:30:d6:bb:f0:87:39:db:75:b4:
c9:8e:05:ee:52:c5:d6:28:0a:8a:ca:ff:46:ef:66:54:a8:9e:
da:f1:e2:0d:b8:fb:5c:9a:5d:19:ef:35:0f:1c:56:3b:a4:a5:
7f:3c:d9:65:b7:1b:d2:f3:5f:0a:c1:3f:b3:20:20:c5:43:a9:
d5:97:9d:c8:fb:cf:18:8a:ad:cd:1f:7f:f6:2d:9a:75:a8:0a:
e8:05:c7:85:ba:7c:e8:64:6d:26:77:43:33:f4:96:0b:09:a0:
27:03:20:50:e0:fb:d7:e3:11:f3:b9:10:20:b5:7a:ee:ce:81:
85:3b:6a:ee:92:49:f6:db:00:4a:ba:b3:1c:0d:5f:34:88:3c:
8f:59:38:97:bd:05:3b:5b:e2:ab:14:97:3a:c2:a5:64:97:46:
a1:d1:e7:38:8b:77:e6:32:df:79:37:31:e0:98:67:ac:63:43:
e5:ae:11:0b:fc:2c:a7:57:41:0e:eb:ff:d1:e7:db:21:c4:7b:
c4:26:88:5b
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEBZ+/lTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MjgzYThjNjlhMjYzMGNkOGY2ZmE3MGFmMmE1M2ZlMDE5ZjJjYzA3MB4XDTIyMDYw
NTIxMjcyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQzYWYyNjFhODA0
YjA3ZmE1MzIwYzViODViMDRhOGQ4YThhZmIyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANkN2LCunXnGK6Zx3XeYMUzHrKjuELtPzbGxTAz1N3JpsLyN
tKCqTf2UJNAUjm/XNyM2EC+x9DA2jW0Nwk8bVKq07FTTYAZYPLJ0iHIK9MetHqri
05Qxx6jJdIPByjj/c5QCDSSjdT27P5OwYu4sPn9mG7XYXG4XolUaYLCvoKu9Z26C
OmU8dhrTvuyarD9CUoC058EoVod9xEd28lGbYsd0LbcOYYgXg2JxAVNyNw/2jz48
20KNWgIunL2SiyMi3MWUP2Gur9UtbhS0UX1F0Ni/T9nvZKSO9RSF+aguiKNmH2Co
yhGzJX31wNWy5A3u/e66SmvQT8p7+w06rkviq/0CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQdOvJhqASwf6UyDFuFsEqNior7JzAfBgNVHSMEGDAWgBQCg6jGmiYwzY9v
pwrypT/gGfLMBzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FvT294cG9tTU0yUGI2Y0s4cVVfNEJueXpBYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvMWMyNGFkLTI0YjQtNGM5OC1hNjU5LTU5MmMwZGNkYWY3OS8x
L0hUcnlZYWdFc0gtbE1neGJoYkJLallxSy15Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
MWMyNGFkLTI0YjQtNGM5OC1hNjU5LTU5MmMwZGNkYWY3OS8xL0FvT294cG9tTU0y
UGI2Y0s4cVVfNEJueXpBYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEBS6ngDAMAwQFLuAgAwQHLuAAMAwD
BAUu4KADBAUu4UAwDAMEBS7hoAMEBS7hwAMEB00qADANBgkqhkiG9w0BAQsFAAOC
AQEAE0P4rorDr0HkdO6UWlETcoSF2jRncINp3+GvXttvljAleVuUZAYqnOSsoRuO
VKF1HRnYIDVfCtj8QGwPvGxPMNa78Ic523W0yY4F7lLF1igKisr/Ru9mVKie2vHi
Dbj7XJpdGe81DxxWO6SlfzzZZbcb0vNfCsE/syAgxUOp1ZedyPvPGIqtzR9/9i2a
dagK6AXHhbp86GRtJndDM/SWCwmgJwMgUOD71+MR87kQILV67s6BhTtq7pJJ9tsA
SrqzHA1fNIg8j1k4l70FO1viqxSXOsKlZJdGodHnOIt35jLfeTcx4JhnrGND5a4R
C/wsp1dBDuv/0efbIcR7xCaIWw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:28 2023 by rpki-client on console-ams.rpki-client.org