Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/jeyNZNyBhFkrA5WiHzx7OtRmYKQ.roa
File: jeyNZNyBhFkrA5WiHzx7OtRmYKQ.roa (raw, json)
Hash identifier: onIr0RNNFJgrTTpcewHQbaM8X1G4WXOkgJ4zjLimzSg=
Subject key identifier: 8D:EC:8D:64:DC:81:84:59:2B:03:95:A2:1F:3C:7B:3A:D4:66:60:A4
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018571A7B42EA88ABB69C43A28075A4B2AB0
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/jeyNZNyBhFkrA5WiHzx7OtRmYKQ.roa
Signing time: Mon 02 Jan 2023 08:44:54 +0000
ROA not before: Mon 02 Jan 2023 08:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205770
IP address blocks: 45.145.40.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:b4:2e:a8:8a:bb:69:c4:3a:28:07:5a:4b:2a:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 2 08:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8dec8d64dc8184592b0395a21f3c7b3ad46660a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ed:6d:43:cc:2a:10:02:f1:b3:4c:20:cc:87:
e3:4b:a2:7a:df:8c:5e:a4:62:71:c4:7f:3b:8a:80:
e9:22:f6:89:36:08:6a:97:8e:8b:d2:a8:69:75:2b:
16:e6:74:1c:35:ea:ec:cc:c5:4f:c5:d1:76:02:47:
37:67:47:a3:6e:4e:a2:2d:de:83:e9:e6:7e:ca:d9:
21:98:04:d2:9f:37:f3:ae:ba:14:e2:a7:c9:f5:32:
b4:a6:f8:fd:f4:3b:b5:2b:b6:56:ec:02:5c:a3:33:
a2:74:8d:f7:45:95:9b:9d:5b:5c:f8:0f:01:d6:e9:
b0:2c:ec:b8:25:16:44:6a:66:75:27:63:61:77:06:
a1:8c:f6:fc:05:56:17:e4:1f:d2:cb:bb:62:84:fc:
e2:e9:12:8e:68:a7:ff:1c:71:3a:d9:6e:e0:03:30:
81:77:f2:70:67:2a:4b:39:6a:d6:4b:4e:8d:69:b7:
18:d5:5d:c1:85:9b:82:64:98:64:ca:8f:0b:c7:9f:
e2:8e:4d:13:44:34:40:3a:33:54:8a:dc:c2:75:aa:
87:72:44:aa:01:40:52:a5:49:79:14:4d:cd:4f:0b:
3b:2f:b5:df:cf:a8:dd:33:21:24:78:af:e6:dc:54:
4d:c9:a0:e3:75:a5:4e:12:85:5b:3a:be:b6:26:3c:
51:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:EC:8D:64:DC:81:84:59:2B:03:95:A2:1F:3C:7B:3A:D4:66:60:A4
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/jeyNZNyBhFkrA5WiHzx7OtRmYKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.40.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:15:96:89:09:44:ed:13:46:ae:8a:19:9b:01:ef:08:98:c2:
c7:9b:c9:f9:65:a3:9f:dc:25:c3:fc:30:6d:12:b1:98:97:d8:
53:b1:29:87:78:bc:b0:b3:41:51:c0:32:c4:9b:65:38:54:e5:
69:4c:85:4c:93:b3:1a:3a:db:06:cd:fa:b1:54:60:27:86:13:
0b:5f:25:a5:da:86:46:bb:60:6a:51:8c:3e:0c:b0:a6:16:ad:
e9:ca:d7:f3:4b:94:8e:71:b7:16:eb:6a:f8:ec:7b:64:9b:f1:
52:42:f7:64:da:9a:a3:7c:9c:39:e4:9b:9a:87:9a:6d:98:3d:
8d:b0:ee:04:dc:69:e4:f2:4e:43:c1:3c:2c:6b:e1:ad:b3:14:
c1:dd:dd:04:d9:ba:bd:42:3a:26:9b:41:ad:fb:62:30:74:95:
be:32:c3:61:6c:12:b4:35:b6:c0:de:24:ef:62:9f:cf:c6:5c:
c7:0b:d3:97:43:d0:2c:ea:c6:9f:6e:2a:05:b1:ad:95:43:ef:
e4:c6:45:99:42:c9:13:52:1b:a9:56:ca:63:f7:3f:31:14:e2:
82:37:08:9c:ed:6b:28:3c:31:5e:e4:87:02:ff:6b:46:c8:a1:
eb:92:b3:b4:07:e2:93:33:f1:15:d2:22:8f:d3:37:b4:4c:bd:
ae:d2:fb:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp7QuqIq7acQ6KAdaSyqwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGVjOGQ2NGRjODE4NDU5MmIwMzk1YTIxZjNjN2IzYWQ0NjY2MGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlu1tQ8wqEALxs0wgzIfjS6J634xe
pGJxxH87ioDpIvaJNghql46L0qhpdSsW5nQcNerszMVPxdF2Akc3Z0ejbk6iLd6D
6eZ+ytkhmATSnzfzrroU4qfJ9TK0pvj99Du1K7ZW7AJcozOidI33RZWbnVtc+A8B
1umwLOy4JRZEamZ1J2NhdwahjPb8BVYX5B/Sy7tihPzi6RKOaKf/HHE62W7gAzCB
d/JwZypLOWrWS06NabcY1V3BhZuCZJhkyo8Lx5/ijk0TRDRAOjNUitzCdaqHckSq
AUBSpUl5FE3NTws7L7Xfz6jdMyEkeK/m3FRNyaDjdaVOEoVbOr62JjxRIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI3sjWTcgYRZKwOVoh88ezrUZmCkMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvamV5TlpOeUJoRmtyQTVXaUh6eDdPdFJtWUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZEoMA0G
CSqGSIb3DQEBCwUAA4IBAQAqFZaJCUTtE0auihmbAe8ImMLHm8n5ZaOf3CXD/DBt
ErGYl9hTsSmHeLyws0FRwDLEm2U4VOVpTIVMk7MaOtsGzfqxVGAnhhMLXyWl2oZG
u2BqUYw+DLCmFq3pytfzS5SOcbcW62r47Htkm/FSQvdk2pqjfJw55Juah5ptmD2N
sO4E3Gnk8k5DwTwsa+GtsxTB3d0E2bq9Qjomm0Gt+2IwdJW+MsNhbBK0NbbA3iTv
Yp/PxlzHC9OXQ9As6safbioFsa2VQ+/kxkWZQskTUhupVspj9z8xFOKCNwic7Wso
PDFe5IcC/2tGyKHrkrO0B+KTM/EV0iKP0ze0TL2u0vvv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org