Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/W3alt6RKCPeamUR-CawaVBtK7Vs.roa
File: W3alt6RKCPeamUR-CawaVBtK7Vs.roa (raw, json)
Hash identifier: YC/x/6f0XHaw6CVutU8qBkyWuqxFMLvw7dUyhpCVao4=
Subject key identifier: 5B:76:A5:B7:A4:4A:08:F7:9A:99:44:7E:09:AC:1A:54:1B:4A:ED:5B
Certificate issuer: /CN=55698a5dfd2bbacaa0c2bb18d5afed1a3b98de95
Certificate serial: 01856FE6F853ADD97D8E865BE3D136919276
Authority key identifier: 55:69:8A:5D:FD:2B:BA:CA:A0:C2:BB:18:D5:AF:ED:1A:3B:98:DE:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VWmKXf0rusqgwrsY1a_tGjuY3pU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/W3alt6RKCPeamUR-CawaVBtK7Vs.roa
Signing time: Mon 02 Jan 2023 00:34:45 +0000
ROA not before: Mon 02 Jan 2023 00:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 45.82.168.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e6:f8:53:ad:d9:7d:8e:86:5b:e3:d1:36:91:92:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55698a5dfd2bbacaa0c2bb18d5afed1a3b98de95
Validity
Not Before: Jan 2 00:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b76a5b7a44a08f79a99447e09ac1a541b4aed5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3b:d4:88:52:bb:93:3c:7e:53:04:bf:f2:ff:
09:db:4a:ab:11:0d:d1:ee:6a:9a:30:d0:d0:d7:87:
5c:c6:f7:e7:ff:f2:b9:69:d6:59:0d:d5:2c:45:78:
0d:2a:17:8b:75:dd:cb:ff:98:49:16:49:b5:e8:c2:
94:c7:45:d2:d5:da:d0:9d:6d:ea:4b:38:2e:30:fa:
cb:7b:b5:ef:fa:ae:ec:44:d6:83:21:67:6a:43:ff:
4e:93:91:80:27:a4:97:78:4c:ef:23:26:17:4f:4e:
99:ee:5f:d1:32:83:3c:44:fb:0e:06:7e:cd:89:5e:
7e:29:cd:e1:d3:f4:35:54:53:84:25:45:2f:00:47:
d3:3d:91:96:c7:7b:5c:9b:c5:67:ed:ea:3a:5c:76:
55:28:f2:d4:89:45:64:c1:97:b4:9f:6e:e0:5a:2f:
ff:2f:ec:76:2e:4b:b7:66:8a:77:d9:d4:24:f8:e0:
31:b7:95:70:52:5c:a3:db:26:ba:79:8e:7c:56:3e:
10:ef:09:11:94:10:31:fc:4c:68:e6:7c:8c:bf:52:
37:a0:fa:53:de:dc:d4:42:f2:60:f5:a2:46:91:26:
c0:c0:f6:4b:18:eb:a7:70:b6:0a:76:a8:31:ee:ce:
25:43:43:8a:59:5a:23:11:bb:3b:0e:fe:87:86:e7:
9a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:76:A5:B7:A4:4A:08:F7:9A:99:44:7E:09:AC:1A:54:1B:4A:ED:5B
X509v3 Authority Key Identifier:
keyid:55:69:8A:5D:FD:2B:BA:CA:A0:C2:BB:18:D5:AF:ED:1A:3B:98:DE:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VWmKXf0rusqgwrsY1a_tGjuY3pU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/W3alt6RKCPeamUR-CawaVBtK7Vs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/VWmKXf0rusqgwrsY1a_tGjuY3pU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.168.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:d9:03:c2:ce:56:39:a0:c3:a2:c6:fb:3f:ab:c5:8e:97:97:
af:25:7b:82:42:98:3f:87:52:2c:2f:90:e6:0b:6d:c6:61:3a:
f4:4e:a9:e9:3b:84:c7:8a:aa:4f:ba:bf:36:ab:42:08:3e:8b:
3c:29:d3:69:2f:f2:89:76:c8:a8:71:16:83:8e:7f:37:a9:46:
11:c9:64:9e:02:08:f9:20:40:13:da:c4:f0:92:9e:96:0e:fd:
9a:e7:45:cf:39:60:bd:83:b7:90:28:cb:1f:29:75:4c:01:2f:
58:d7:56:c3:07:bc:77:7b:ae:7b:8f:ea:ee:d9:0d:fc:7e:50:
1e:a8:03:39:19:34:10:15:e5:e3:0f:23:61:5f:ae:78:54:b5:
22:86:e8:b6:52:c0:c5:44:e5:6e:19:f6:e7:6a:4b:14:6f:f6:
67:13:9d:80:68:15:72:65:65:90:27:2a:65:13:98:04:f5:de:
9e:de:ab:a1:7a:a7:9a:f6:a2:ae:b1:f1:bf:72:53:1d:cf:4f:
32:45:83:1d:2d:87:c5:29:fd:ee:e8:e6:80:4c:78:48:51:c3:
87:9a:cf:da:77:48:ee:88:ed:34:7d:b1:ff:28:a7:71:6c:72:
01:5c:94:f8:eb:44:c6:93:10:f7:2f:e6:88:68:0f:f3:e3:e1:
f4:bd:92:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5vhTrdl9joZb49E2kZJ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1Njk4YTVkZmQyYmJhY2FhMGMyYmIxOGQ1YWZlZDFhM2I5
OGRlOTUwHhcNMjMwMTAyMDAzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yjc2YTViN2E0NGEwOGY3OWE5OTQ0N2UwOWFjMWE1NDFiNGFlZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszvUiFK7kzx+UwS/8v8J20qrEQ3R
7mqaMNDQ14dcxvfn//K5adZZDdUsRXgNKheLdd3L/5hJFkm16MKUx0XS1drQnW3q
SzguMPrLe7Xv+q7sRNaDIWdqQ/9Ok5GAJ6SXeEzvIyYXT06Z7l/RMoM8RPsOBn7N
iV5+Kc3h0/Q1VFOEJUUvAEfTPZGWx3tcm8Vn7eo6XHZVKPLUiUVkwZe0n27gWi//
L+x2Lku3Zop32dQk+OAxt5VwUlyj2ya6eY58Vj4Q7wkRlBAx/Exo5nyMv1I3oPpT
3tzUQvJg9aJGkSbAwPZLGOuncLYKdqgx7s4lQ0OKWVojEbs7Dv6HhueakwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFt2pbekSgj3mplEfgmsGlQbSu1bMB8GA1UdIwQY
MBaAFFVpil39K7rKoMK7GNWv7Ro7mN6VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVldtS1hmMHJ1c3Fnd3JzWTFhX3RHanVZM3BVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84MDM1ZjAtNTIwZC00NjEyLWFhYjct
N2RkN2UxM2QxNjVmLzEvVzNhbHQ2UktDUGVhbVVSLUNhd2FWQnRLN1ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS84MDM1ZjAtNTIwZC00NjEyLWFhYjctN2RkN2UxM2QxNjVm
LzEvVldtS1hmMHJ1c3Fnd3JzWTFhX3RHanVZM3BVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVKoMA0G
CSqGSIb3DQEBCwUAA4IBAQCg2QPCzlY5oMOixvs/q8WOl5evJXuCQpg/h1IsL5Dm
C23GYTr0TqnpO4THiqpPur82q0IIPos8KdNpL/KJdsiocRaDjn83qUYRyWSeAgj5
IEAT2sTwkp6WDv2a50XPOWC9g7eQKMsfKXVMAS9Y11bDB7x3e657j+ru2Q38flAe
qAM5GTQQFeXjDyNhX654VLUihui2UsDFROVuGfbnaksUb/ZnE52AaBVyZWWQJypl
E5gE9d6e3quheqea9qKusfG/clMdz08yRYMdLYfFKf3u6OaATHhIUcOHms/ad0ju
iO00fbH/KKdxbHIBXJT460TGkxD3L+aIaA/z4+H0vZId
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:57 2023 by rpki-client on console-fra.rpki-client.org