Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/aHNmwcyYNrls16_o22HBMhQdzUo.roa
File: aHNmwcyYNrls16_o22HBMhQdzUo.roa (raw, json)
Hash identifier: 2Qn3OZBk3tyQbW2G/Fe5f1xh0pEew5MgYXqNL8ISI+4=
Subject key identifier: 68:73:66:C1:CC:98:36:B9:6C:D7:AF:E8:DB:61:C1:32:14:1D:CD:4A
Certificate issuer: /CN=55698a5dfd2bbacaa0c2bb18d5afed1a3b98de95
Certificate serial: 01856FE6F9878C39B5B503798FA8FD7BEC10
Authority key identifier: 55:69:8A:5D:FD:2B:BA:CA:A0:C2:BB:18:D5:AF:ED:1A:3B:98:DE:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VWmKXf0rusqgwrsY1a_tGjuY3pU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/aHNmwcyYNrls16_o22HBMhQdzUo.roa
Signing time: Mon 02 Jan 2023 00:34:46 +0000
ROA not before: Mon 02 Jan 2023 00:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 45.82.168.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e6:f9:87:8c:39:b5:b5:03:79:8f:a8:fd:7b:ec:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55698a5dfd2bbacaa0c2bb18d5afed1a3b98de95
Validity
Not Before: Jan 2 00:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=687366c1cc9836b96cd7afe8db61c132141dcd4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:77:9c:14:d5:f7:3a:4a:3b:c5:c0:7d:fb:65:
b6:8b:cb:1a:d9:67:8b:d6:c7:58:c1:c2:5d:a7:52:
aa:ad:fe:33:b1:58:53:d5:a2:7e:70:2e:2e:32:ca:
e3:78:bb:a7:99:83:38:7b:47:32:e3:7d:21:f0:10:
07:d4:d4:12:03:3e:6c:39:21:45:34:75:d3:0a:2c:
e0:32:67:37:5c:9e:a7:e7:4d:f0:67:d8:01:66:37:
5b:bc:07:40:f4:3f:25:d2:d0:76:9b:76:b7:f4:bd:
7e:8e:c1:6c:21:39:15:1e:36:ff:78:be:3c:60:65:
01:c1:b0:a0:4a:6b:ca:ff:53:f3:76:85:1a:83:d2:
3a:63:e1:75:cf:87:ca:d0:d6:13:ae:78:35:84:57:
8a:24:18:69:99:af:42:2d:62:3d:2e:2a:03:ab:33:
1d:33:74:d9:31:bc:53:58:8b:0f:b2:a9:bc:2f:0c:
18:ca:32:24:c1:82:7f:4a:34:04:cf:c8:5a:cf:42:
55:c8:4e:5d:ba:20:71:69:a3:92:7e:8c:c0:43:0f:
02:ae:6c:1d:7f:05:ba:07:09:61:53:0d:48:4c:28:
6c:13:7d:d3:c9:c6:da:ea:19:58:73:eb:ad:24:50:
53:64:0d:ff:b3:92:25:e4:68:a5:19:c9:5c:8d:14:
ee:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:73:66:C1:CC:98:36:B9:6C:D7:AF:E8:DB:61:C1:32:14:1D:CD:4A
X509v3 Authority Key Identifier:
keyid:55:69:8A:5D:FD:2B:BA:CA:A0:C2:BB:18:D5:AF:ED:1A:3B:98:DE:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VWmKXf0rusqgwrsY1a_tGjuY3pU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/aHNmwcyYNrls16_o22HBMhQdzUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/VWmKXf0rusqgwrsY1a_tGjuY3pU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.168.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:a3:ab:ac:36:71:94:4c:b0:74:90:e8:a4:da:88:c4:31:bd:
2d:56:a7:2e:49:3b:77:3a:e7:71:bf:5c:8d:44:e8:6a:13:89:
1f:e0:ca:6d:95:24:ec:23:34:a5:81:85:39:41:ce:fd:a2:31:
d0:a4:27:94:c6:81:37:35:26:5d:de:36:b6:a4:0f:8a:c5:68:
79:8f:d0:a2:fe:a4:bc:a0:44:9e:ac:ec:9d:67:b4:39:e2:ab:
3f:3e:d7:76:0b:df:80:55:ec:9a:ce:eb:d2:3b:94:eb:9f:93:
4f:d4:13:47:f0:c6:ae:37:94:cc:98:59:09:f6:c2:d9:f4:21:
03:d8:b2:29:ec:50:e2:a1:14:46:7b:71:eb:3b:1d:4d:a5:d2:
6a:c2:f6:01:3b:a4:50:2d:b4:3d:63:51:b4:32:5b:32:e5:6b:
bb:7c:e5:e7:de:45:53:35:55:38:a3:e9:c4:9d:d4:ea:e2:93:
ab:d6:1f:59:21:9d:99:04:d2:5a:14:f6:2f:b4:73:dd:2f:45:
82:10:99:28:50:38:da:93:8d:69:48:81:89:1d:57:b9:71:b4:
6b:54:5e:44:c0:aa:58:6f:44:36:22:bd:02:da:7f:06:8f:55:
72:d6:61:94:c8:5b:2c:f8:cf:cf:5d:16:dd:c9:2e:6f:a0:4e:
bd:dd:4b:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5vmHjDm1tQN5j6j9e+wQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1Njk4YTVkZmQyYmJhY2FhMGMyYmIxOGQ1YWZlZDFhM2I5
OGRlOTUwHhcNMjMwMTAyMDAzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODczNjZjMWNjOTgzNmI5NmNkN2FmZThkYjYxYzEzMjE0MWRjZDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHecFNX3Oko7xcB9+2W2i8sa2WeL
1sdYwcJdp1Kqrf4zsVhT1aJ+cC4uMsrjeLunmYM4e0cy430h8BAH1NQSAz5sOSFF
NHXTCizgMmc3XJ6n503wZ9gBZjdbvAdA9D8l0tB2m3a39L1+jsFsITkVHjb/eL48
YGUBwbCgSmvK/1PzdoUag9I6Y+F1z4fK0NYTrng1hFeKJBhpma9CLWI9LioDqzMd
M3TZMbxTWIsPsqm8LwwYyjIkwYJ/SjQEz8haz0JVyE5duiBxaaOSfozAQw8Crmwd
fwW6BwlhUw1ITChsE33Tycba6hlYc+utJFBTZA3/s5Il5GilGclcjRTu7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhzZsHMmDa5bNev6NthwTIUHc1KMB8GA1UdIwQY
MBaAFFVpil39K7rKoMK7GNWv7Ro7mN6VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVldtS1hmMHJ1c3Fnd3JzWTFhX3RHanVZM3BVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84MDM1ZjAtNTIwZC00NjEyLWFhYjct
N2RkN2UxM2QxNjVmLzEvYUhObXdjeVlOcmxzMTZfbzIySEJNaFFkelVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS84MDM1ZjAtNTIwZC00NjEyLWFhYjctN2RkN2UxM2QxNjVm
LzEvVldtS1hmMHJ1c3Fnd3JzWTFhX3RHanVZM3BVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVKoMA0G
CSqGSIb3DQEBCwUAA4IBAQC7o6usNnGUTLB0kOik2ojEMb0tVqcuSTt3Oudxv1yN
ROhqE4kf4MptlSTsIzSlgYU5Qc79ojHQpCeUxoE3NSZd3ja2pA+KxWh5j9Ci/qS8
oESerOydZ7Q54qs/Ptd2C9+AVeyazuvSO5Trn5NP1BNH8MauN5TMmFkJ9sLZ9CED
2LIp7FDioRRGe3HrOx1NpdJqwvYBO6RQLbQ9Y1G0Mlsy5Wu7fOXn3kVTNVU4o+nE
ndTq4pOr1h9ZIZ2ZBNJaFPYvtHPdL0WCEJkoUDjak41pSIGJHVe5cbRrVF5EwKpY
b0Q2Ir0C2n8Gj1Vy1mGUyFss+M/PXRbdyS5voE693UtO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:50 2023 by rpki-client on console-ams.rpki-client.org