Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/1eRSPql3-RpW2RtOQiB4gD66Pms.roa
File: 1eRSPql3-RpW2RtOQiB4gD66Pms.roa (raw, json)
Hash identifier: UeYM0SMR71NvH01xy9NAAiVMHT20wHgRNJdfm/WqJww=
Subject key identifier: D5:E4:52:3E:A9:77:F9:1A:56:D9:1B:4E:42:20:78:80:3E:BA:3E:6B
Certificate issuer: /CN=55698a5dfd2bbacaa0c2bb18d5afed1a3b98de95
Certificate serial: 01856FE6FA19F51CAD830463EF302D9D6986
Authority key identifier: 55:69:8A:5D:FD:2B:BA:CA:A0:C2:BB:18:D5:AF:ED:1A:3B:98:DE:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VWmKXf0rusqgwrsY1a_tGjuY3pU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/1eRSPql3-RpW2RtOQiB4gD66Pms.roa
Signing time: Mon 02 Jan 2023 00:34:46 +0000
ROA not before: Mon 02 Jan 2023 00:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42881
IP address blocks: 45.82.168.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e6:fa:19:f5:1c:ad:83:04:63:ef:30:2d:9d:69:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55698a5dfd2bbacaa0c2bb18d5afed1a3b98de95
Validity
Not Before: Jan 2 00:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5e4523ea977f91a56d91b4e422078803eba3e6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f8:91:fa:66:52:90:af:a2:6d:79:5d:39:a1:
b1:26:b2:e4:ad:08:7e:8e:3f:88:fc:1e:ba:92:56:
81:09:de:9e:06:2e:f2:a1:0d:72:68:06:29:fb:15:
58:b8:c7:bd:59:47:43:1c:64:6c:65:dc:db:d5:bf:
74:c1:8e:28:b1:a7:70:52:11:3e:f9:92:1c:58:3d:
98:8f:9b:7f:fe:91:3f:a8:c3:e1:cd:61:63:ee:1c:
73:59:98:dd:c2:b8:26:b4:1b:fd:c1:7e:63:de:93:
71:d8:c4:1a:20:92:81:ce:af:50:2b:85:bc:dd:cc:
21:3b:3e:7a:c7:82:7e:a4:17:60:ba:a3:1a:bd:0b:
78:bc:79:be:7d:97:af:6e:e6:f2:d5:e8:cf:11:f2:
bc:d6:88:cd:08:a7:eb:b1:3a:cc:b8:80:2f:fe:8d:
0a:be:c0:c2:c2:df:92:b5:66:a2:e0:34:ec:6a:7a:
e3:3e:48:b1:37:63:72:7c:f0:a2:05:ec:b7:92:2d:
60:4d:e4:a3:24:b8:5b:a3:ba:9f:17:70:ff:fc:26:
5a:0f:a9:e3:39:57:64:8c:5e:85:f6:8c:39:99:79:
23:99:8f:4d:31:19:74:d2:84:07:49:41:ef:51:58:
93:eb:04:4c:ee:46:ba:5f:f8:d8:ad:0b:3a:f5:69:
05:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E4:52:3E:A9:77:F9:1A:56:D9:1B:4E:42:20:78:80:3E:BA:3E:6B
X509v3 Authority Key Identifier:
keyid:55:69:8A:5D:FD:2B:BA:CA:A0:C2:BB:18:D5:AF:ED:1A:3B:98:DE:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VWmKXf0rusqgwrsY1a_tGjuY3pU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/1eRSPql3-RpW2RtOQiB4gD66Pms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/VWmKXf0rusqgwrsY1a_tGjuY3pU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.168.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:1a:c8:34:3e:b2:9d:a9:81:4f:aa:b5:63:23:82:19:3a:24:
b5:b5:ed:2a:c9:f9:48:aa:d3:3d:33:4f:a6:a0:a1:e9:9a:5f:
a3:7c:93:84:6b:fb:5e:71:f2:67:e0:8b:bf:63:e0:bb:d8:35:
d3:5f:d4:47:9a:d9:3d:2b:e7:fd:f2:5e:5a:79:6d:b2:4d:10:
03:4d:f6:3c:da:fc:e9:08:6c:cd:d3:c4:c8:f8:f8:56:9c:02:
2c:58:63:6c:b7:18:91:96:23:18:8b:34:a9:88:61:ef:66:28:
5a:fc:9a:a4:d7:46:2a:43:41:f1:f8:45:43:64:8a:e8:1c:99:
1e:cf:0e:70:4b:cc:a2:d3:39:53:38:56:5d:42:e0:bd:e5:c1:
5f:c8:b0:59:b4:d7:0f:ee:1d:05:b3:ac:0e:b5:7f:6c:55:ec:
14:8b:79:d6:63:77:81:85:6d:3e:f5:4a:b3:b7:48:64:18:87:
d5:3f:43:04:40:45:1a:45:f9:73:34:94:9f:2b:96:09:91:ca:
e3:44:85:61:fc:22:5f:b1:a7:45:b0:0d:05:81:df:9a:f0:9d:
7e:c5:21:65:79:d8:cb:f5:11:59:04:06:d0:c9:05:7b:56:8d:
65:97:52:af:24:89:94:0f:f4:fc:68:a7:d4:97:3a:17:b9:13:
7c:83:ea:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5voZ9RytgwRj7zAtnWmGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1Njk4YTVkZmQyYmJhY2FhMGMyYmIxOGQ1YWZlZDFhM2I5
OGRlOTUwHhcNMjMwMTAyMDAzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWU0NTIzZWE5NzdmOTFhNTZkOTFiNGU0MjIwNzg4MDNlYmEzZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPiR+mZSkK+ibXldOaGxJrLkrQh+
jj+I/B66klaBCd6eBi7yoQ1yaAYp+xVYuMe9WUdDHGRsZdzb1b90wY4osadwUhE+
+ZIcWD2Yj5t//pE/qMPhzWFj7hxzWZjdwrgmtBv9wX5j3pNx2MQaIJKBzq9QK4W8
3cwhOz56x4J+pBdguqMavQt4vHm+fZevbuby1ejPEfK81ojNCKfrsTrMuIAv/o0K
vsDCwt+StWai4DTsanrjPkixN2NyfPCiBey3ki1gTeSjJLhbo7qfF3D//CZaD6nj
OVdkjF6F9ow5mXkjmY9NMRl00oQHSUHvUViT6wRM7ka6X/jYrQs69WkFOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNXkUj6pd/kaVtkbTkIgeIA+uj5rMB8GA1UdIwQY
MBaAFFVpil39K7rKoMK7GNWv7Ro7mN6VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVldtS1hmMHJ1c3Fnd3JzWTFhX3RHanVZM3BVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84MDM1ZjAtNTIwZC00NjEyLWFhYjct
N2RkN2UxM2QxNjVmLzEvMWVSU1BxbDMtUnBXMlJ0T1FpQjRnRDY2UG1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS84MDM1ZjAtNTIwZC00NjEyLWFhYjctN2RkN2UxM2QxNjVm
LzEvVldtS1hmMHJ1c3Fnd3JzWTFhX3RHanVZM3BVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVKoMA0G
CSqGSIb3DQEBCwUAA4IBAQBLGsg0PrKdqYFPqrVjI4IZOiS1te0qyflIqtM9M0+m
oKHpml+jfJOEa/tecfJn4Iu/Y+C72DXTX9RHmtk9K+f98l5aeW2yTRADTfY82vzp
CGzN08TI+PhWnAIsWGNstxiRliMYizSpiGHvZiha/Jqk10YqQ0Hx+EVDZIroHJke
zw5wS8yi0zlTOFZdQuC95cFfyLBZtNcP7h0Fs6wOtX9sVewUi3nWY3eBhW0+9Uqz
t0hkGIfVP0MEQEUaRflzNJSfK5YJkcrjRIVh/CJfsadFsA0Fgd+a8J1+xSFledjL
9RFZBAbQyQV7Vo1ll1KvJImUD/T8aKfUlzoXuRN8g+rI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:50 2023 by rpki-client on console-ams.rpki-client.org