Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/KJLWF70kw3Cclh5hBW6nE8gfgEA.roa
File: KJLWF70kw3Cclh5hBW6nE8gfgEA.roa (raw, json)
Hash identifier: JyIAF129Q/gPnFWudrsbsGoR/x6fPAS5S8UlDRGoGkc=
Subject key identifier: 28:92:D6:17:BD:24:C3:70:9C:96:1E:61:05:6E:A7:13:C8:1F:80:40
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 018E9EDFD336C93D41A0BB5669228593AE19
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/KJLWF70kw3Cclh5hBW6nE8gfgEA.roa
Signing time: Tue 02 Apr 2024 12:54:12 +0000
ROA not before: Tue 02 Apr 2024 12:54:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 45.90.44.0/24 maxlen: 24
45.90.47.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:df:d3:36:c9:3d:41:a0:bb:56:69:22:85:93:ae:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Apr 2 12:54:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2892d617bd24c3709c961e61056ea713c81f8040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ea:6c:c9:ea:23:0a:43:82:03:b4:65:ca:ea:
aa:85:63:89:eb:e5:88:c1:da:f0:38:20:68:bc:72:
c8:25:9e:ab:ab:7d:cf:d2:44:47:7f:22:4a:42:a2:
b7:62:d7:ef:0a:88:96:2f:2e:06:89:77:27:97:39:
99:5f:4e:ef:90:aa:5d:e3:3a:fc:8b:cb:c9:1a:1f:
0d:1d:3f:c4:a9:66:4d:38:d2:45:ba:be:ae:86:92:
3f:cf:51:d8:7a:ba:15:1e:36:9e:6a:96:58:cd:5c:
85:ae:b0:69:db:20:54:22:96:eb:0d:76:d5:6b:08:
fa:d1:c5:9d:67:86:13:fe:24:ce:11:14:aa:80:35:
04:dd:e7:22:ae:78:a6:f4:e9:1c:e5:ff:e2:4d:11:
ee:c4:34:37:d4:f5:ce:84:40:ce:81:a5:05:ed:be:
5e:91:b8:fd:ec:24:fb:b8:c9:39:68:bf:30:9e:9f:
e3:18:bf:c4:79:45:87:46:a8:0b:94:75:0d:71:42:
da:c0:ad:88:24:65:cd:6e:df:7e:b6:19:87:ed:2f:
3c:cd:81:ce:07:9e:00:62:b5:b2:ec:a4:c1:e0:d7:
c0:66:eb:80:d9:2a:ba:4b:22:81:53:e1:dd:cd:d0:
23:7b:d9:78:92:7c:aa:8a:91:76:a5:1d:07:56:40:
09:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:92:D6:17:BD:24:C3:70:9C:96:1E:61:05:6E:A7:13:C8:1F:80:40
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/KJLWF70kw3Cclh5hBW6nE8gfgEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.44.0/24
45.90.47.0/24
Signature Algorithm: sha256WithRSAEncryption
61:3c:5e:e9:3f:5f:53:ac:b3:73:8a:c9:3d:b2:db:2b:62:16:
b3:3e:7c:fc:0c:af:e7:2b:7f:b2:dd:a2:0d:80:e3:1e:d3:48:
bc:11:70:9b:a9:3b:48:9f:8e:21:56:75:98:e7:11:82:3e:58:
89:99:f6:16:06:ff:1c:a4:77:3c:a4:9c:43:f2:3d:dd:a5:dd:
df:3a:7c:e9:62:be:24:2d:3d:92:ce:8b:30:0c:be:ef:bc:d2:
c8:a6:83:91:2b:7b:a2:77:29:4a:e5:b6:8f:24:fc:04:1e:ae:
e6:1d:e3:50:03:7c:b7:1a:b1:09:19:49:9f:b2:b0:5d:60:20:
ad:72:07:23:d3:99:df:cb:b8:61:54:f0:e3:f0:78:66:ca:f9:
dc:e7:58:82:b5:20:c8:b5:df:72:58:51:5b:e1:4d:e5:63:69:
b0:08:e8:18:db:0b:64:d9:71:a0:0c:2d:05:04:2d:d1:b5:7c:
8b:d8:ca:a0:ff:f5:c2:3a:3e:3d:7f:c8:a9:6a:2e:c2:f8:14:
0a:79:e6:ea:80:e3:ee:60:57:40:21:71:8a:ea:5c:5f:5c:3c:
1a:35:a8:c7:5e:63:61:33:98:0e:43:bf:7c:dc:26:50:22:e7:
5b:f8:a2:f3:4b:65:7e:b9:95:71:4e:b7:32:de:4e:b5:cd:ff:
15:25:86:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6e39M2yT1BoLtWaSKFk64ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjQwNDAyMTI1NDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODkyZDYxN2JkMjRjMzcwOWM5NjFlNjEwNTZlYTcxM2M4MWY4MDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgupsyeojCkOCA7RlyuqqhWOJ6+WI
wdrwOCBovHLIJZ6rq33P0kRHfyJKQqK3YtfvCoiWLy4GiXcnlzmZX07vkKpd4zr8
i8vJGh8NHT/EqWZNONJFur6uhpI/z1HYeroVHjaeapZYzVyFrrBp2yBUIpbrDXbV
awj60cWdZ4YT/iTOERSqgDUE3ecirnim9Okc5f/iTRHuxDQ31PXOhEDOgaUF7b5e
kbj97CT7uMk5aL8wnp/jGL/EeUWHRqgLlHUNcULawK2IJGXNbt9+thmH7S88zYHO
B54AYrWy7KTB4NfAZuuA2Sq6SyKBU+HdzdAje9l4knyqipF2pR0HVkAJOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCiS1he9JMNwnJYeYQVupxPIH4BAMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvS0pMV0Y3MGt3M0NjbGg1aEJXNm5FOGdmZ0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVosAwQA
LVovMA0GCSqGSIb3DQEBCwUAA4IBAQBhPF7pP19TrLNzisk9stsrYhazPnz8DK/n
K3+y3aINgOMe00i8EXCbqTtIn44hVnWY5xGCPliJmfYWBv8cpHc8pJxD8j3dpd3f
OnzpYr4kLT2SzoswDL7vvNLIpoORK3uidylK5baPJPwEHq7mHeNQA3y3GrEJGUmf
srBdYCCtcgcj05nfy7hhVPDj8Hhmyvnc51iCtSDItd9yWFFb4U3lY2mwCOgY2wtk
2XGgDC0FBC3RtXyL2Mqg//XCOj49f8ipai7C+BQKeebqgOPuYFdAIXGK6lxfXDwa
NajHXmNhM5gOQ7983CZQIudb+KLzS2V+uZVxTrcy3k61zf8VJYbF
-----END CERTIFICATE-----
Generated at Fri Aug 30 09:05:03 2024 by rpki-client on console-ams.rpki-client.org