Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/gAX4mzyKGdtYc0BNlQLbu0hKotc.roa
File: gAX4mzyKGdtYc0BNlQLbu0hKotc.roa (raw, json)
Hash identifier: 6buQSZJaM9UL1+qJaEW8t5uOAEDESm2lW6HosKyZKpk=
Subject key identifier: 80:05:F8:9B:3C:8A:19:DB:58:73:40:4D:95:02:DB:BB:48:4A:A2:D7
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 138FB0D0
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/gAX4mzyKGdtYc0BNlQLbu0hKotc.roa
Signing time: Sat 01 Jan 2022 05:56:23 +0000
ROA not before: Sat 01 Jan 2022 05:56:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205770
IP address blocks: 45.145.40.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 328184016 (0x138fb0d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 05:56:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8005f89b3c8a19db5873404d9502dbbb484aa2d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8a:65:0a:c6:02:7d:43:ff:88:75:08:14:2a:
9f:f9:31:c7:53:19:64:94:4f:41:c5:b3:bd:1b:38:
0d:11:25:25:86:3b:70:fa:3b:f9:7e:cc:aa:56:3a:
dd:dc:a9:5f:ce:a2:e4:05:60:48:0b:e1:b6:76:c0:
f8:4e:92:cd:f2:0f:3b:e3:dc:30:6d:a4:b1:3b:b1:
a4:8f:0f:73:bd:8a:65:a7:64:4f:c8:1c:07:c0:db:
6b:01:5b:ef:9d:3c:78:d6:9b:4e:d1:ea:ed:82:9d:
4b:4e:83:72:e1:fe:73:ef:42:c1:57:67:6d:ed:64:
56:63:d0:0a:82:77:cc:e7:84:bb:d1:8b:2e:0f:23:
69:7c:96:6d:3f:ab:ec:b7:a6:fe:f7:d1:61:66:5d:
69:a9:e0:5f:62:0a:a5:29:c7:06:6d:1a:50:dc:dc:
c6:8f:99:13:6d:5e:a7:1c:85:09:b5:03:53:a8:5b:
ce:fa:e7:7d:ba:9b:d9:13:ea:8f:9b:cc:33:70:27:
fd:be:79:57:58:ac:a5:9c:cd:00:58:f8:6f:1a:29:
68:ca:69:97:ee:fe:58:d9:46:ea:97:36:96:01:b0:
b5:03:57:46:07:f5:d9:1e:d7:e1:30:d7:e2:e0:a1:
29:a4:8c:77:15:5f:af:72:48:88:43:46:04:58:e6:
6a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:05:F8:9B:3C:8A:19:DB:58:73:40:4D:95:02:DB:BB:48:4A:A2:D7
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/gAX4mzyKGdtYc0BNlQLbu0hKotc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.40.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:ec:53:31:61:05:25:75:78:37:6e:7f:0d:61:01:ee:37:89:
ca:cb:82:37:e0:6d:34:57:66:61:ab:9d:4b:1d:1b:6f:12:9c:
a4:49:32:27:1e:46:99:ef:c3:b6:eb:9b:6e:dc:d5:b4:12:51:
62:32:62:0f:d3:78:13:b3:dd:9d:0f:8e:08:06:75:e1:0b:fd:
3e:c7:63:83:f5:fb:e8:2d:41:16:f0:97:f7:94:10:0e:d4:8e:
e2:d6:8c:e9:c4:5d:ca:d4:03:91:ff:89:0a:61:ad:90:44:33:
c7:f1:04:e4:7a:ec:e7:d2:7a:f5:94:0a:70:a7:67:cb:73:b6:
2b:b2:79:b8:ab:1e:8b:7d:6c:46:27:81:91:e1:20:1c:56:9c:
ff:9f:47:fe:e0:33:72:10:02:a7:9c:d0:af:4f:7c:fe:96:46:
97:a5:51:fd:15:0d:ce:c0:41:32:cc:69:66:e6:37:89:fa:9e:
e0:8a:a8:33:02:bd:05:d2:6b:5f:0a:ae:4a:5c:24:35:28:3f:
55:53:2f:89:90:5f:a2:7a:d8:ad:9f:39:6b:c1:ed:c0:38:b5:
7d:94:84:ea:78:25:94:8a:f4:91:05:2d:d2:1b:3b:5a:c1:49:
bb:8f:e4:2d:6f:f3:5f:f3:4d:12:1c:d5:25:35:1e:24:76:fd:
57:c0:e3:1f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE4+w0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDEw
MTA1NTYyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODAwNWY4OWIzYzhh
MTlkYjU4NzM0MDRkOTUwMmRiYmI0ODRhYTJkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSKZQrGAn1D/4h1CBQqn/kxx1MZZJRPQcWzvRs4DRElJYY7
cPo7+X7MqlY63dypX86i5AVgSAvhtnbA+E6SzfIPO+PcMG2ksTuxpI8Pc72KZadk
T8gcB8DbawFb7508eNabTtHq7YKdS06DcuH+c+9CwVdnbe1kVmPQCoJ3zOeEu9GL
Lg8jaXyWbT+r7Lem/vfRYWZdaangX2IKpSnHBm0aUNzcxo+ZE21epxyFCbUDU6hb
zvrnfbqb2RPqj5vMM3An/b55V1ispZzNAFj4bxopaMppl+7+WNlG6pc2lgGwtQNX
Rgf12R7X4TDX4uChKaSMdxVfr3JIiENGBFjmaqkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSABfibPIoZ21hzQE2VAtu7SEqi1zAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L2dBWDRtenlLR2R0WWMwQk5sUUxidTBoS290Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2RKDANBgkqhkiG9w0BAQsFAAOC
AQEATexTMWEFJXV4N25/DWEB7jeJysuCN+BtNFdmYaudSx0bbxKcpEkyJx5Gme/D
tuubbtzVtBJRYjJiD9N4E7PdnQ+OCAZ14Qv9Psdjg/X76C1BFvCX95QQDtSO4taM
6cRdytQDkf+JCmGtkEQzx/EE5Hrs59J69ZQKcKdny3O2K7J5uKsei31sRieBkeEg
HFac/59H/uAzchACp5zQr098/pZGl6VR/RUNzsBBMsxpZuY3ifqe4IqoMwK9BdJr
XwquSlwkNSg/VVMviZBfonrYrZ85a8HtwDi1fZSE6ngllIr0kQUt0hs7WsFJu4/k
LW/zX/NNEhzVJTUeJHb9V8DjHw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org