Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/cb3a04-4442-40f9-adcf-c751a612b5c0/1/yHT7FcUGtRwPNLSJT3PkHB-WNzI.roa
File: yHT7FcUGtRwPNLSJT3PkHB-WNzI.roa (raw, json)
Hash identifier: ZTQ24/jW27w2ICWEiK9l9VqKYHYamD7aSKkiNQ1UKpw=
Subject key identifier: C8:74:FB:15:C5:06:B5:1C:0F:34:B4:89:4F:73:E4:1C:1F:96:37:32
Certificate issuer: /CN=7ba9977d0c656ce119e6c8a1db34aa3148afa868
Certificate serial: D573A6
Authority key identifier: 7B:A9:97:7D:0C:65:6C:E1:19:E6:C8:A1:DB:34:AA:31:48:AF:A8:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6mXfQxlbOEZ5sih2zSqMUivqGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/cb3a04-4442-40f9-adcf-c751a612b5c0/1/yHT7FcUGtRwPNLSJT3PkHB-WNzI.roa
Signing time: Sat 01 Jan 2022 11:55:16 +0000
ROA not before: Sat 01 Jan 2022 11:55:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 45.151.188.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13988774 (0xd573a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ba9977d0c656ce119e6c8a1db34aa3148afa868
Validity
Not Before: Jan 1 11:55:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c874fb15c506b51c0f34b4894f73e41c1f963732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2b:18:ca:15:95:68:2c:f3:30:6f:d6:72:b1:
ac:87:44:41:37:84:cd:f2:ea:0c:aa:08:92:88:af:
4b:1b:99:e5:63:88:99:d5:10:fc:16:fe:01:c6:4b:
c3:59:2f:64:62:c6:23:f1:72:98:5c:e7:93:1d:5e:
c5:a1:90:4d:4e:b7:a8:75:dc:8b:b6:6d:cb:a1:16:
f6:ed:44:4a:1f:0f:55:6f:e9:8b:39:af:68:d1:61:
b5:f0:ba:b2:91:fe:57:c1:5c:c4:15:60:8e:8c:ce:
e1:6b:ad:a0:22:95:58:f8:20:41:e7:62:6d:a3:9e:
b2:d3:3b:1c:6b:be:01:63:29:8e:6b:46:6f:70:7d:
6c:a0:d6:f6:d3:69:45:2f:24:57:ef:bf:51:fd:f3:
68:7e:8c:82:d2:14:a1:e7:8a:25:86:78:0d:40:25:
71:71:00:bd:1e:82:df:eb:60:83:70:da:29:30:70:
aa:8e:80:f1:38:ef:dc:4f:f8:1c:58:87:99:bc:4b:
5b:10:58:11:e2:b9:e8:45:4c:99:37:d3:ac:ca:eb:
c6:3d:fc:c3:78:3a:cf:47:2c:14:d5:4e:80:8d:b5:
c6:6c:00:94:a9:dc:09:70:6c:bb:c0:a8:fc:73:19:
51:80:68:17:87:71:e1:fd:2d:d8:71:3c:51:b2:94:
14:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:74:FB:15:C5:06:B5:1C:0F:34:B4:89:4F:73:E4:1C:1F:96:37:32
X509v3 Authority Key Identifier:
keyid:7B:A9:97:7D:0C:65:6C:E1:19:E6:C8:A1:DB:34:AA:31:48:AF:A8:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6mXfQxlbOEZ5sih2zSqMUivqGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/cb3a04-4442-40f9-adcf-c751a612b5c0/1/yHT7FcUGtRwPNLSJT3PkHB-WNzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/cb3a04-4442-40f9-adcf-c751a612b5c0/1/e6mXfQxlbOEZ5sih2zSqMUivqGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.188.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:8a:26:b6:40:54:75:7f:e7:b6:8f:85:f2:df:dc:82:58:94:
db:3f:24:60:47:27:a2:15:4f:2a:92:2e:68:2f:bb:72:c5:9c:
7a:01:18:e7:f3:03:1e:25:b8:92:2a:c1:70:0c:d9:fd:d5:09:
27:fa:35:46:e8:cb:f6:e6:d1:af:ec:a6:56:29:ef:70:8e:da:
d1:13:2f:2c:4c:75:55:27:c9:29:28:84:d3:5b:57:d2:ad:d9:
77:18:af:f6:4d:d4:c5:8c:63:6c:28:34:44:ff:7f:80:aa:df:
39:14:33:35:4e:1d:0b:4d:3f:7c:78:9f:22:06:b0:06:af:9f:
60:91:a5:3c:f7:c6:62:1d:13:a4:5e:67:ce:46:13:e9:e4:2d:
23:c7:f5:a9:d5:39:ee:72:5f:ac:7e:7b:55:84:7a:86:2d:7f:
d5:c7:a9:25:58:71:d9:a4:08:0f:4a:6e:ff:07:78:20:0a:d7:
f2:b6:53:a7:2e:fb:07:b6:97:a5:86:8f:23:db:c7:cc:4f:9a:
6a:ab:5c:93:82:e9:11:f6:c2:4d:8d:fe:89:92:42:13:7b:cc:
15:b5:20:c9:30:74:05:2a:ca:60:75:2d:36:d4:60:fe:21:0b:
94:2b:0a:de:3a:65:da:3e:39:73:ce:9f:6e:02:b4:d7:8a:33:
f3:db:ef:db
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEANVzpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YmE5OTc3ZDBjNjU2Y2UxMTllNmM4YTFkYjM0YWEzMTQ4YWZhODY4MB4XDTIyMDEw
MTExNTUxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzg3NGZiMTVjNTA2
YjUxYzBmMzRiNDg5NGY3M2U0MWMxZjk2MzczMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKArGMoVlWgs8zBv1nKxrIdEQTeEzfLqDKoIkoivSxuZ5WOI
mdUQ/Bb+AcZLw1kvZGLGI/FymFznkx1exaGQTU63qHXci7Zty6EW9u1ESh8PVW/p
izmvaNFhtfC6spH+V8FcxBVgjozO4WutoCKVWPggQedibaOestM7HGu+AWMpjmtG
b3B9bKDW9tNpRS8kV++/Uf3zaH6MgtIUoeeKJYZ4DUAlcXEAvR6C3+tgg3DaKTBw
qo6A8Tjv3E/4HFiHmbxLWxBYEeK56EVMmTfTrMrrxj38w3g6z0csFNVOgI21xmwA
lKncCXBsu8Co/HMZUYBoF4dx4f0t2HE8UbKUFAkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTIdPsVxQa1HA80tIlPc+QcH5Y3MjAfBgNVHSMEGDAWgBR7qZd9DGVs4Rnm
yKHbNKoxSK+oaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2U2bVhmUXhsYk9FWjVzaWgyelNxTVVpdnFHZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvY2IzYTA0LTQ0NDItNDBmOS1hZGNmLWM3NTFhNjEyYjVjMC8x
L3lIVDdGY1VHdFJ3UE5MU0pUM1BrSEItV056SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
Y2IzYTA0LTQ0NDItNDBmOS1hZGNmLWM3NTFhNjEyYjVjMC8xL2U2bVhmUXhsYk9F
WjVzaWgyelNxTVVpdnFHZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2XvDANBgkqhkiG9w0BAQsFAAOC
AQEAS4omtkBUdX/nto+F8t/cgliU2z8kYEcnohVPKpIuaC+7csWcegEY5/MDHiW4
kirBcAzZ/dUJJ/o1RujL9ubRr+ymVinvcI7a0RMvLEx1VSfJKSiE01tX0q3Zdxiv
9k3UxYxjbCg0RP9/gKrfORQzNU4dC00/fHifIgawBq+fYJGlPPfGYh0TpF5nzkYT
6eQtI8f1qdU57nJfrH57VYR6hi1/1cepJVhx2aQID0pu/wd4IArX8rZTpy77B7aX
pYaPI9vHzE+aaqtck4LpEfbCTY3+iZJCE3vMFbUgyTB0BSrKYHUtNtRg/iELlCsK
3jpl2j45c86fbgK014oz89vv2w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:39 2023 by rpki-client on console-ams.rpki-client.org