Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/d67iHlq8JKkQd9uNHPZab8DMyRU.roa
File: d67iHlq8JKkQd9uNHPZab8DMyRU.roa (raw, json)
Hash identifier: DOTfIIAYOQLmZz377Iyv+efJKMzDvMxiwIOI4gtohqA=
Subject key identifier: 77:AE:E2:1E:5A:BC:24:A9:10:77:DB:8D:1C:F6:5A:6F:C0:CC:C9:15
Certificate issuer: /CN=55698a5dfd2bbacaa0c2bb18d5afed1a3b98de95
Certificate serial: 01856FE6F6801BCA888AFD3D66392496204C
Authority key identifier: 55:69:8A:5D:FD:2B:BA:CA:A0:C2:BB:18:D5:AF:ED:1A:3B:98:DE:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VWmKXf0rusqgwrsY1a_tGjuY3pU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/d67iHlq8JKkQd9uNHPZab8DMyRU.roa
Signing time: Mon 02 Jan 2023 00:34:45 +0000
ROA not before: Mon 02 Jan 2023 00:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 45.82.168.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e6:f6:80:1b:ca:88:8a:fd:3d:66:39:24:96:20:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55698a5dfd2bbacaa0c2bb18d5afed1a3b98de95
Validity
Not Before: Jan 2 00:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77aee21e5abc24a91077db8d1cf65a6fc0ccc915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:72:0c:bb:84:bb:53:cd:b8:fc:de:3a:d3:73:
32:07:56:c0:78:f0:32:05:12:77:4a:b1:db:35:6f:
9e:33:6a:4d:4d:ec:c1:fa:d8:98:ed:fd:b5:45:69:
2a:1e:57:09:b8:4c:53:b6:30:80:80:31:ca:af:12:
2c:d5:1b:7f:ad:a6:a8:85:eb:bd:4a:a1:0b:8a:ab:
81:20:14:5f:1f:c0:b5:c6:06:3c:7b:02:fb:05:35:
27:3c:f2:55:4a:39:b7:ba:23:d0:15:06:14:f8:8f:
a0:a8:6b:e0:6c:c1:d4:99:48:53:8b:15:16:92:3a:
ff:46:8a:d3:91:c9:94:a2:a4:ed:92:31:5f:72:45:
63:0d:35:f1:4d:e7:57:0b:4d:96:a1:21:f6:0b:67:
25:69:c8:38:97:a8:f2:ab:2f:51:c2:d7:e8:99:ed:
3d:17:5a:3c:fc:b1:8c:2c:0f:a0:a2:b3:e4:54:da:
15:78:d4:18:f7:fa:17:56:12:97:f6:9d:9f:6e:a8:
2c:a3:39:1e:29:7d:0a:36:9c:21:76:53:44:82:7f:
35:1a:ee:20:7c:6d:d2:e5:a5:27:f1:4e:38:50:bf:
34:84:ec:26:22:e0:ac:7b:bb:48:3d:de:46:72:2b:
87:c6:5a:e4:2e:47:dd:f4:a9:eb:4e:f1:62:d3:f4:
ab:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:AE:E2:1E:5A:BC:24:A9:10:77:DB:8D:1C:F6:5A:6F:C0:CC:C9:15
X509v3 Authority Key Identifier:
keyid:55:69:8A:5D:FD:2B:BA:CA:A0:C2:BB:18:D5:AF:ED:1A:3B:98:DE:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VWmKXf0rusqgwrsY1a_tGjuY3pU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/d67iHlq8JKkQd9uNHPZab8DMyRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8035f0-520d-4612-aab7-7dd7e13d165f/1/VWmKXf0rusqgwrsY1a_tGjuY3pU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.168.0/22
Signature Algorithm: sha256WithRSAEncryption
62:da:71:f9:74:ac:33:62:6d:33:53:88:9f:5d:7b:d8:24:9e:
6a:9a:18:79:41:46:06:64:c2:cd:29:1f:75:80:b1:f3:f6:41:
7b:57:b2:ed:ca:a4:f1:c5:ae:35:e1:a5:5f:6f:db:10:e0:0e:
33:9a:f5:da:3a:26:1e:dc:4d:3d:7a:99:2c:03:c5:cb:3a:f4:
b8:6a:50:6f:ca:16:94:84:16:d6:f6:24:d5:09:4a:00:f2:6b:
fe:28:78:aa:08:94:62:38:7d:a8:c4:d9:08:94:a3:38:3d:e4:
58:67:3a:6a:d2:64:a0:ff:be:dd:34:48:f8:14:1a:a3:a7:07:
fd:4b:64:7b:64:47:7d:dd:16:52:e8:e1:ba:48:a9:49:93:59:
a5:94:2c:91:86:e9:d4:5e:43:46:85:b0:15:82:f7:7b:66:07:
4a:29:10:10:fb:f4:48:a1:60:98:db:86:15:8f:36:84:7f:18:
8f:29:39:be:a4:b0:8a:6f:cc:d5:28:59:2e:f5:85:fe:80:d9:
8f:9f:bf:9a:d4:2f:dc:9b:33:45:f4:54:18:06:46:a7:c3:17:
1c:b7:78:a3:08:e9:b3:37:e4:69:2d:11:80:bd:b1:85:5d:0e:
0e:24:a2:13:5e:5a:e8:4f:bc:f6:60:86:a6:29:c5:c1:26:e2:
17:2d:57:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5vaAG8qIiv09ZjkkliBMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1Njk4YTVkZmQyYmJhY2FhMGMyYmIxOGQ1YWZlZDFhM2I5
OGRlOTUwHhcNMjMwMTAyMDAzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2FlZTIxZTVhYmMyNGE5MTA3N2RiOGQxY2Y2NWE2ZmMwY2NjOTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunIMu4S7U824/N4603MyB1bAePAy
BRJ3SrHbNW+eM2pNTezB+tiY7f21RWkqHlcJuExTtjCAgDHKrxIs1Rt/raaoheu9
SqELiquBIBRfH8C1xgY8ewL7BTUnPPJVSjm3uiPQFQYU+I+gqGvgbMHUmUhTixUW
kjr/RorTkcmUoqTtkjFfckVjDTXxTedXC02WoSH2C2clacg4l6jyqy9Rwtfome09
F1o8/LGMLA+gorPkVNoVeNQY9/oXVhKX9p2fbqgsozkeKX0KNpwhdlNEgn81Gu4g
fG3S5aUn8U44UL80hOwmIuCse7tIPd5GciuHxlrkLkfd9KnrTvFi0/SrAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHeu4h5avCSpEHfbjRz2Wm/AzMkVMB8GA1UdIwQY
MBaAFFVpil39K7rKoMK7GNWv7Ro7mN6VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVldtS1hmMHJ1c3Fnd3JzWTFhX3RHanVZM3BVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84MDM1ZjAtNTIwZC00NjEyLWFhYjct
N2RkN2UxM2QxNjVmLzEvZDY3aUhscThKS2tRZDl1TkhQWmFiOERNeVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS84MDM1ZjAtNTIwZC00NjEyLWFhYjctN2RkN2UxM2QxNjVm
LzEvVldtS1hmMHJ1c3Fnd3JzWTFhX3RHanVZM3BVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVKoMA0G
CSqGSIb3DQEBCwUAA4IBAQBi2nH5dKwzYm0zU4ifXXvYJJ5qmhh5QUYGZMLNKR91
gLHz9kF7V7LtyqTxxa414aVfb9sQ4A4zmvXaOiYe3E09epksA8XLOvS4alBvyhaU
hBbW9iTVCUoA8mv+KHiqCJRiOH2oxNkIlKM4PeRYZzpq0mSg/77dNEj4FBqjpwf9
S2R7ZEd93RZS6OG6SKlJk1mllCyRhunUXkNGhbAVgvd7ZgdKKRAQ+/RIoWCY24YV
jzaEfxiPKTm+pLCKb8zVKFku9YX+gNmPn7+a1C/cmzNF9FQYBkanwxcct3ijCOmz
N+RpLRGAvbGFXQ4OJKITXlroT7z2YIamKcXBJuIXLVd4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:50 2023 by rpki-client on console-ams.rpki-client.org