Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/Xo6x7KkiT1efqzIx2kKUZXXMygE.roa
File: Xo6x7KkiT1efqzIx2kKUZXXMygE.roa (raw, json)
Hash identifier: hkSrLVLrn4eG1WqNFtkN8Y0AkMWPW2UUWrneQFpAXIg=
Subject key identifier: 5E:8E:B1:EC:A9:22:4F:57:9F:AB:32:31:DA:42:94:65:75:CC:CA:01
Certificate issuer: /CN=55698a5dfd2bbacaa0c2bb18d5afed1a3b98de95
Certificate serial: 0117FF30
Authority key identifier: 55:69:8A:5D:FD:2B:BA:CA:A0:C2:BB:18:D5:AF:ED:1A:3B:98:DE:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VWmKXf0rusqgwrsY1a_tGjuY3pU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/Xo6x7KkiT1efqzIx2kKUZXXMygE.roa
Signing time: Sat 01 Jan 2022 06:59:14 +0000
ROA not before: Sat 01 Jan 2022 06:59:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 45.82.168.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18349872 (0x117ff30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55698a5dfd2bbacaa0c2bb18d5afed1a3b98de95
Validity
Not Before: Jan 1 06:59:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e8eb1eca9224f579fab3231da42946575ccca01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:98:63:4e:22:c1:4f:3d:b4:c3:0d:e9:ad:77:
9e:53:af:88:12:7c:79:99:39:f5:65:9f:e4:70:6e:
fc:be:b2:2f:f2:82:88:40:de:8a:82:24:39:75:5e:
96:ba:35:08:4c:58:50:08:87:df:8b:b1:21:e8:ac:
10:3e:34:81:73:05:5b:f3:41:06:e1:e5:56:84:60:
86:a3:0a:a1:10:00:e0:5d:17:a9:9f:83:f8:50:1c:
54:65:37:d8:8c:4e:d1:ef:a2:c6:cc:0d:83:55:68:
6e:78:f8:f6:aa:16:44:ec:84:3a:dd:51:92:73:5a:
c7:89:bd:9c:85:8e:a1:43:ef:fc:25:cb:d4:68:c0:
14:51:81:52:bb:2e:69:58:76:b4:a9:40:d4:56:d6:
86:5c:46:a4:40:71:be:11:6e:28:71:89:13:54:2c:
2d:c0:54:86:8e:da:50:a7:a9:c9:09:78:88:97:5d:
05:b7:51:4e:89:f8:e3:8e:19:a2:e3:0f:d8:01:0b:
84:99:8a:0a:78:23:46:39:da:7a:52:bf:df:80:fa:
36:d0:e9:32:f7:ba:e1:61:60:2f:03:a9:43:cc:24:
99:8b:0a:88:cc:15:91:a0:88:ee:b8:72:78:f4:a3:
2b:89:8e:44:73:4c:34:a9:6b:c8:39:73:e7:f4:16:
90:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:8E:B1:EC:A9:22:4F:57:9F:AB:32:31:DA:42:94:65:75:CC:CA:01
X509v3 Authority Key Identifier:
keyid:55:69:8A:5D:FD:2B:BA:CA:A0:C2:BB:18:D5:AF:ED:1A:3B:98:DE:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VWmKXf0rusqgwrsY1a_tGjuY3pU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/Xo6x7KkiT1efqzIx2kKUZXXMygE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/VWmKXf0rusqgwrsY1a_tGjuY3pU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.168.0/22
Signature Algorithm: sha256WithRSAEncryption
63:23:f2:56:25:d6:81:1a:96:22:71:25:3a:80:6f:3e:98:a9:
fe:7b:43:3f:ea:93:8a:8f:29:28:fa:04:5f:f6:be:80:a9:46:
6f:19:2e:b9:df:f6:30:b6:25:9a:b7:30:e1:92:07:43:a2:53:
26:0a:81:b9:b6:a1:d3:d6:83:4b:40:29:d3:c6:7d:2e:73:ca:
aa:bc:23:44:6a:d0:15:b2:40:d5:8c:4a:17:ad:9a:1a:f1:54:
43:6a:58:ba:6d:77:01:dd:51:b8:5f:55:46:31:90:7d:fa:d9:
7c:38:4e:69:20:bd:2f:de:6a:08:7c:34:4c:ab:0e:42:58:3f:
03:9e:cd:43:bb:04:94:b6:b9:ba:fe:66:21:3d:5f:5c:cf:d1:
a9:b8:42:9e:91:2d:a8:d8:7e:01:1a:fe:8f:6a:7e:36:b0:6e:
72:6c:38:04:19:6d:a9:2d:7b:22:69:1e:8d:7d:26:bd:6d:6a:
f6:59:d4:25:d1:7a:11:c6:b9:33:7c:c5:c3:d8:37:fd:05:2c:
c8:be:ed:f6:7f:d5:51:19:fe:80:59:ca:de:ba:32:08:a4:e0:
15:9c:64:db:8a:e5:1f:dc:7c:80:8a:73:66:22:cc:69:15:58:
0e:be:4c:de:2a:05:07:f8:6e:f7:fc:b1:2f:a6:ee:59:cb:a1:
aa:26:aa:e4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEARf/MDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NTY5OGE1ZGZkMmJiYWNhYTBjMmJiMThkNWFmZWQxYTNiOThkZTk1MB4XDTIyMDEw
MTA2NTkxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWU4ZWIxZWNhOTIy
NGY1NzlmYWIzMjMxZGE0Mjk0NjU3NWNjY2EwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqYY04iwU89tMMN6a13nlOviBJ8eZk59WWf5HBu/L6yL/KC
iEDeioIkOXVelro1CExYUAiH34uxIeisED40gXMFW/NBBuHlVoRghqMKoRAA4F0X
qZ+D+FAcVGU32IxO0e+ixswNg1Vobnj49qoWROyEOt1RknNax4m9nIWOoUPv/CXL
1GjAFFGBUrsuaVh2tKlA1FbWhlxGpEBxvhFuKHGJE1QsLcBUho7aUKepyQl4iJdd
BbdRTon4444ZouMP2AELhJmKCngjRjnaelK/34D6NtDpMve64WFgLwOpQ8wkmYsK
iMwVkaCI7rhyePSjK4mORHNMNKlryDlz5/QWkJMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRejrHsqSJPV5+rMjHaQpRldczKATAfBgNVHSMEGDAWgBRVaYpd/Su6yqDC
uxjVr+0aO5jelTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZXbUtYZjBydXNxZ3dyc1kxYV90R2p1WTNwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvODAzNWYwLTUyMGQtNDYxMi1hYWI3LTdkZDdlMTNkMTY1Zi8x
L1hvNng3S2tpVDFlZnF6SXgya0tVWlhYTXlnRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
ODAzNWYwLTUyMGQtNDYxMi1hYWI3LTdkZDdlMTNkMTY1Zi8xL1ZXbUtYZjBydXNx
Z3dyc1kxYV90R2p1WTNwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1SqDANBgkqhkiG9w0BAQsFAAOC
AQEAYyPyViXWgRqWInElOoBvPpip/ntDP+qTio8pKPoEX/a+gKlGbxkuud/2MLYl
mrcw4ZIHQ6JTJgqBubah09aDS0Ap08Z9LnPKqrwjRGrQFbJA1YxKF62aGvFUQ2pY
um13Ad1RuF9VRjGQffrZfDhOaSC9L95qCHw0TKsOQlg/A57NQ7sElLa5uv5mIT1f
XM/RqbhCnpEtqNh+ARr+j2p+NrBucmw4BBltqS17ImkejX0mvW1q9lnUJdF6Eca5
M3zFw9g3/QUsyL7t9n/VURn+gFnK3royCKTgFZxk24rlH9x8gIpzZiLMaRVYDr5M
3ioFB/hu9/yxL6buWcuhqiaq5A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:57 2023 by rpki-client on console-fra.rpki-client.org