Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/213b9a-08b8-4ec6-9a4d-3caed94d99d5/1/3LZi-gKBI_qU9e0z5z_TE_zc9Gc.roa
File: 3LZi-gKBI_qU9e0z5z_TE_zc9Gc.roa (raw, json)
Hash identifier: HqA829vC40nRCQjT472TJ0KjTr0tt+f/lBzOp6Qg5hE=
Subject key identifier: DC:B6:62:FA:02:81:23:FA:94:F5:ED:33:E7:3F:D3:13:FC:DC:F4:67
Certificate issuer: /CN=c684b099a8a6e5262bf4b55049d50e7fcc40a73d
Certificate serial: 0187FC5127254A0C9E08905B6B4094FDC8A8
Authority key identifier: C6:84:B0:99:A8:A6:E5:26:2B:F4:B5:50:49:D5:0E:7F:CC:40:A7:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xoSwmaim5SYr9LVQSdUOf8xApz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/213b9a-08b8-4ec6-9a4d-3caed94d99d5/1/3LZi-gKBI_qU9e0z5z_TE_zc9Gc.roa
Signing time: Mon 08 May 2023 17:03:09 +0000
ROA not before: Mon 08 May 2023 17:03:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48146
IP address blocks: 45.13.168.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:fc:51:27:25:4a:0c:9e:08:90:5b:6b:40:94:fd:c8:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c684b099a8a6e5262bf4b55049d50e7fcc40a73d
Validity
Not Before: May 8 17:03:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcb662fa028123fa94f5ed33e73fd313fcdcf467
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fe:3e:a3:fc:34:1e:6e:e7:6f:52:f7:6c:5b:
0a:a5:91:fa:18:41:cc:51:d4:55:d4:3c:f2:57:ba:
78:58:c9:5b:32:63:47:c5:46:8f:0e:a6:1e:4d:bc:
40:3d:78:86:98:4c:84:ee:32:ff:39:f8:02:6c:16:
4d:7a:0c:4d:d2:04:35:d2:b3:4f:f6:8e:29:a8:46:
b4:4a:50:90:df:fa:a9:64:3b:1f:71:08:e3:19:58:
7a:0f:45:98:b4:34:11:ac:84:46:89:9f:cb:7b:cf:
4c:cd:12:39:ff:70:e1:1a:65:a8:f5:37:b2:bf:73:
27:80:14:d3:31:68:2b:db:f0:47:ce:3a:b2:77:97:
ae:6a:e1:f9:7f:95:53:70:c8:90:44:2e:36:a2:0f:
b0:62:ad:0e:87:6c:8b:3b:91:70:08:1e:e7:67:6c:
e5:08:1e:7d:e0:7b:c9:53:14:f5:e4:69:4f:af:d4:
45:9f:8c:b1:a7:4a:7e:c5:93:2a:7b:c3:82:6f:b7:
ef:d5:ef:2e:8e:0f:ad:3f:29:e5:8f:d2:92:16:07:
48:a7:6d:5d:ed:4d:fd:f8:22:be:24:00:59:2d:82:
92:59:29:e3:f1:52:8d:32:fe:29:2a:1d:56:03:24:
8c:9c:ca:ee:fb:c0:da:2a:fc:f9:54:47:7c:19:7f:
7c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:B6:62:FA:02:81:23:FA:94:F5:ED:33:E7:3F:D3:13:FC:DC:F4:67
X509v3 Authority Key Identifier:
keyid:C6:84:B0:99:A8:A6:E5:26:2B:F4:B5:50:49:D5:0E:7F:CC:40:A7:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xoSwmaim5SYr9LVQSdUOf8xApz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/213b9a-08b8-4ec6-9a4d-3caed94d99d5/1/3LZi-gKBI_qU9e0z5z_TE_zc9Gc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/213b9a-08b8-4ec6-9a4d-3caed94d99d5/1/xoSwmaim5SYr9LVQSdUOf8xApz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.168.0/24
Signature Algorithm: sha256WithRSAEncryption
20:f1:cb:67:8c:60:eb:5c:11:db:42:44:3c:3e:9a:06:ee:a4:
d0:ad:05:f9:a4:f0:1d:60:13:13:6c:77:2e:5a:8d:59:ec:d3:
0d:0a:da:2c:dc:a6:14:65:9a:82:2e:de:ce:a7:97:bc:e5:e0:
60:af:ee:cc:67:c7:39:61:f7:94:f9:36:2c:31:bb:f6:38:07:
cd:dd:2b:d0:bb:b4:85:2c:15:54:96:07:82:77:70:96:30:98:
d8:64:c6:b5:9b:eb:79:d6:19:84:2a:2c:15:3e:46:13:6f:8e:
99:b9:81:32:9f:29:1e:b0:af:81:66:23:98:a9:98:2f:4b:26:
18:3c:02:ba:67:4a:92:65:2c:2b:3c:c4:18:b1:f0:b3:22:5c:
00:ab:fc:6b:e2:e8:70:f7:b8:f0:24:86:74:3e:27:49:c4:52:
b2:3b:98:40:e6:db:7b:68:45:ed:82:a5:be:33:eb:b2:2c:22:
cc:a1:07:87:54:71:28:23:ea:97:75:7e:e7:5f:d7:c7:cc:b6:
3d:50:72:80:ef:97:7c:f0:90:d4:18:87:95:e5:81:8c:b4:d2:
fc:8b:30:01:9d:3a:84:fb:aa:e3:35:27:be:97:ef:59:a6:68:
4c:0a:3b:93:bf:b2:f3:c2:01:73:6c:e5:0c:7c:c5:d5:5d:9a:
2c:4c:eb:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYf8USclSgyeCJBba0CU/cioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ODRiMDk5YThhNmU1MjYyYmY0YjU1MDQ5ZDUwZTdmY2M0
MGE3M2QwHhcNMjMwNTA4MTcwMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2I2NjJmYTAyODEyM2ZhOTRmNWVkMzNlNzNmZDMxM2ZjZGNmNDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/4+o/w0Hm7nb1L3bFsKpZH6GEHM
UdRV1DzyV7p4WMlbMmNHxUaPDqYeTbxAPXiGmEyE7jL/OfgCbBZNegxN0gQ10rNP
9o4pqEa0SlCQ3/qpZDsfcQjjGVh6D0WYtDQRrIRGiZ/Le89MzRI5/3DhGmWo9Tey
v3MngBTTMWgr2/BHzjqyd5euauH5f5VTcMiQRC42og+wYq0Oh2yLO5FwCB7nZ2zl
CB594HvJUxT15GlPr9RFn4yxp0p+xZMqe8OCb7fv1e8ujg+tPynlj9KSFgdIp21d
7U39+CK+JABZLYKSWSnj8VKNMv4pKh1WAySMnMru+8DaKvz5VEd8GX98GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNy2YvoCgSP6lPXtM+c/0xP83PRnMB8GA1UdIwQY
MBaAFMaEsJmopuUmK/S1UEnVDn/MQKc9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG9Td21haW01U1lyOUxWUVNkVU9mOHhBcHowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi8yMTNiOWEtMDhiOC00ZWM2LTlhNGQt
M2NhZWQ5NGQ5OWQ1LzEvM0xaaS1nS0JJX3FVOWUwejV6X1RFX3pjOUdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi8yMTNiOWEtMDhiOC00ZWM2LTlhNGQtM2NhZWQ5NGQ5OWQ1
LzEveG9Td21haW01U1lyOUxWUVNkVU9mOHhBcHowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ2oMA0G
CSqGSIb3DQEBCwUAA4IBAQAg8ctnjGDrXBHbQkQ8PpoG7qTQrQX5pPAdYBMTbHcu
Wo1Z7NMNCtos3KYUZZqCLt7Op5e85eBgr+7MZ8c5YfeU+TYsMbv2OAfN3SvQu7SF
LBVUlgeCd3CWMJjYZMa1m+t51hmEKiwVPkYTb46ZuYEynykesK+BZiOYqZgvSyYY
PAK6Z0qSZSwrPMQYsfCzIlwAq/xr4uhw97jwJIZ0PidJxFKyO5hA5tt7aEXtgqW+
M+uyLCLMoQeHVHEoI+qXdX7nX9fHzLY9UHKA75d88JDUGIeV5YGMtNL8izABnTqE
+6rjNSe+l+9ZpmhMCjuTv7LzwgFzbOUMfMXVXZosTOvG
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:34 2023 by rpki-client on console-ams.rpki-client.org