Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/cb3a04-4442-40f9-adcf-c751a612b5c0/1/PRxizJiwAJkL1lohlksfKcWH7aw.roa
File: PRxizJiwAJkL1lohlksfKcWH7aw.roa (raw, json)
Hash identifier: UKxncZNuLmWxXOjWsTCfXIw8fi9qYHv/ebgtXT1At44=
Subject key identifier: 3D:1C:62:CC:98:B0:00:99:0B:D6:5A:21:96:4B:1F:29:C5:87:ED:AC
Certificate issuer: /CN=7ba9977d0c656ce119e6c8a1db34aa3148afa868
Certificate serial: 0183B801FFFD59D8BDF7F19140D2A6A20F66
Authority key identifier: 7B:A9:97:7D:0C:65:6C:E1:19:E6:C8:A1:DB:34:AA:31:48:AF:A8:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6mXfQxlbOEZ5sih2zSqMUivqGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/cb3a04-4442-40f9-adcf-c751a612b5c0/1/PRxizJiwAJkL1lohlksfKcWH7aw.roa
Signing time: Sat 08 Oct 2022 14:31:22 +0000
ROA not before: Sat 08 Oct 2022 14:31:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42881
IP address blocks: 45.151.188.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b8:01:ff:fd:59:d8:bd:f7:f1:91:40:d2:a6:a2:0f:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ba9977d0c656ce119e6c8a1db34aa3148afa868
Validity
Not Before: Oct 8 14:31:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d1c62cc98b000990bd65a21964b1f29c587edac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:35:38:db:45:3f:6d:fd:b3:51:45:fd:c9:94:
11:10:df:3e:55:19:6c:79:0c:0e:85:1b:b3:cc:e0:
1b:22:57:2f:54:e3:87:46:99:de:4e:33:64:2e:d5:
4f:e1:1a:de:9d:d3:8f:ae:9c:30:bc:6d:53:8e:46:
ab:fa:95:6d:fd:20:28:0c:09:ba:97:79:e0:18:a8:
6a:14:48:ae:37:d8:bd:1c:f8:c3:bf:4a:31:f2:07:
c8:52:cf:b0:b7:2f:7b:22:93:2b:19:b2:af:02:33:
74:aa:0e:db:f1:ae:32:3d:2e:15:42:3f:89:c5:81:
0d:f5:42:a7:9f:8a:16:d1:e2:7b:86:31:72:87:55:
d6:b2:34:e8:d7:9c:aa:ef:36:29:c1:ad:34:10:3c:
e3:d0:b5:03:9e:0a:e9:ae:64:26:96:14:e4:6f:a2:
ee:fd:10:f1:35:52:6f:30:d1:b3:cc:c2:15:34:50:
52:62:d1:22:75:a8:c3:2f:78:ad:6a:37:c5:20:56:
7c:c7:70:4d:b6:d1:f1:be:41:c1:2f:fb:9d:28:54:
3e:a2:d6:46:eb:bd:67:8e:2e:44:fc:e7:d5:6f:33:
c1:7c:8a:e2:1a:88:f6:f3:c7:0b:9f:42:a4:e1:d9:
ff:cb:b5:57:58:7c:0c:61:63:9f:c6:17:ee:0c:4d:
3d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:1C:62:CC:98:B0:00:99:0B:D6:5A:21:96:4B:1F:29:C5:87:ED:AC
X509v3 Authority Key Identifier:
keyid:7B:A9:97:7D:0C:65:6C:E1:19:E6:C8:A1:DB:34:AA:31:48:AF:A8:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6mXfQxlbOEZ5sih2zSqMUivqGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/cb3a04-4442-40f9-adcf-c751a612b5c0/1/PRxizJiwAJkL1lohlksfKcWH7aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/cb3a04-4442-40f9-adcf-c751a612b5c0/1/e6mXfQxlbOEZ5sih2zSqMUivqGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.188.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:d6:b6:fc:00:05:26:1c:16:a1:1c:8f:1e:2a:97:34:49:b6:
f0:4c:a9:eb:37:15:ee:c2:4e:58:fd:a7:1f:a8:87:62:89:b6:
26:a9:23:4b:22:2c:25:37:a3:d5:d3:7c:4f:ab:da:5b:21:d5:
a8:77:8b:be:99:aa:14:9f:ac:4c:95:80:22:fa:63:94:95:21:
74:90:a6:2b:b5:90:c7:d8:62:98:f3:51:03:ba:b9:9d:b4:ce:
a5:9a:fd:66:55:fc:6a:4b:77:8e:32:d8:37:5c:3b:dd:72:5b:
89:17:61:49:e6:c6:48:52:00:91:9a:a5:f6:35:4b:8a:9f:bc:
e0:f0:2b:8d:43:ec:0c:bc:bc:8a:a4:e2:2e:79:7b:cf:87:b6:
49:1c:96:fa:f3:27:d2:b1:7f:07:22:58:98:3a:92:0e:e8:05:
87:f0:b4:6d:ee:ee:a8:9d:cc:f8:93:13:b0:ce:85:53:38:a2:
ed:4a:cc:50:6d:81:5f:22:63:b5:d1:f3:20:f5:79:e5:d6:ba:
e9:44:ca:5c:97:b0:36:e6:08:95:cd:c6:b1:e1:63:89:30:4d:
2f:30:48:3c:72:fe:ee:b0:72:30:b2:20:ed:68:d7:f3:b0:d0:
e7:94:c5:69:22:0c:e2:65:64:a9:13:22:69:8a:f2:d6:70:93:
ab:bb:f1:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYO4Af/9Wdi99/GRQNKmog9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTk5NzdkMGM2NTZjZTExOWU2YzhhMWRiMzRhYTMxNDhh
ZmE4NjgwHhcNMjIxMDA4MTQzMTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDFjNjJjYzk4YjAwMDk5MGJkNjVhMjE5NjRiMWYyOWM1ODdlZGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjU420U/bf2zUUX9yZQREN8+VRls
eQwOhRuzzOAbIlcvVOOHRpneTjNkLtVP4RrendOPrpwwvG1Tjkar+pVt/SAoDAm6
l3ngGKhqFEiuN9i9HPjDv0ox8gfIUs+wty97IpMrGbKvAjN0qg7b8a4yPS4VQj+J
xYEN9UKnn4oW0eJ7hjFyh1XWsjTo15yq7zYpwa00EDzj0LUDngrprmQmlhTkb6Lu
/RDxNVJvMNGzzMIVNFBSYtEidajDL3itajfFIFZ8x3BNttHxvkHBL/udKFQ+otZG
671nji5E/OfVbzPBfIriGoj288cLn0Kk4dn/y7VXWHwMYWOfxhfuDE09FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD0cYsyYsACZC9ZaIZZLHynFh+2sMB8GA1UdIwQY
MBaAFHupl30MZWzhGebIods0qjFIr6hoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZtWGZReGxiT0VaNXNpaDJ6U3FNVWl2cUdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9jYjNhMDQtNDQ0Mi00MGY5LWFkY2Yt
Yzc1MWE2MTJiNWMwLzEvUFJ4aXpKaXdBSmtMMWxvaGxrc2ZLY1dIN2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9jYjNhMDQtNDQ0Mi00MGY5LWFkY2YtYzc1MWE2MTJiNWMw
LzEvZTZtWGZReGxiT0VaNXNpaDJ6U3FNVWl2cUdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZe8MA0G
CSqGSIb3DQEBCwUAA4IBAQCc1rb8AAUmHBahHI8eKpc0SbbwTKnrNxXuwk5Y/acf
qIdiibYmqSNLIiwlN6PV03xPq9pbIdWod4u+maoUn6xMlYAi+mOUlSF0kKYrtZDH
2GKY81EDurmdtM6lmv1mVfxqS3eOMtg3XDvdcluJF2FJ5sZIUgCRmqX2NUuKn7zg
8CuNQ+wMvLyKpOIueXvPh7ZJHJb68yfSsX8HIliYOpIO6AWH8LRt7u6oncz4kxOw
zoVTOKLtSsxQbYFfImO10fMg9Xnl1rrpRMpcl7A25giVzcax4WOJME0vMEg8cv7u
sHIwsiDtaNfzsNDnlMVpIgziZWSpEyJpivLWcJOru/Hx
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:49 2023 by rpki-client on console-fra.rpki-client.org