Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/yJI1FPFkY_rlDhDHnX9GCy2c9zI.roa
File: yJI1FPFkY_rlDhDHnX9GCy2c9zI.roa (raw, json)
Hash identifier: I8OLXj2USbWl6cxvBSfEKgwuwY+kOwFV9pTA1FQQ2C0=
Subject key identifier: C8:92:35:14:F1:64:63:FA:E5:0E:10:C7:9D:7F:46:0B:2D:9C:F7:32
Certificate issuer: /CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Certificate serial: 04390C59
Authority key identifier: AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/yJI1FPFkY_rlDhDHnX9GCy2c9zI.roa
Signing time: Fri 08 Apr 2022 09:21:57 +0000
ROA not before: Fri 08 Apr 2022 09:21:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200918
IP address blocks: 45.140.40.0/22 maxlen: 22
45.145.220.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70847577 (0x4390c59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af5e93f902354ce4804b4cb049cf68b20f76aeb2
Validity
Not Before: Apr 8 09:21:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8923514f16463fae50e10c79d7f460b2d9cf732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b9:3d:6c:52:44:0e:13:45:d5:70:12:18:0b:
0b:75:32:5d:a5:d4:21:32:c2:5e:8c:30:6a:0b:e2:
04:e1:7b:2e:0d:00:15:9e:92:48:dc:a9:35:80:cc:
95:bb:20:24:d6:66:29:d3:cf:57:c0:b9:c0:90:9e:
f3:31:f2:08:d7:62:a1:37:1e:d3:8d:ba:bc:a5:a3:
92:08:12:e0:0e:f3:3c:4c:1c:55:58:b2:22:c2:95:
18:34:40:71:73:ab:9d:c4:98:b7:f3:8b:41:c5:f8:
a3:7e:bf:78:33:89:43:d6:75:08:92:94:5d:ff:4a:
32:8f:25:a3:2f:8c:a1:38:9f:81:7f:68:f7:48:30:
2f:6e:ff:cd:fd:10:c2:af:0c:90:a9:c5:4f:b9:15:
ab:c0:c1:04:b7:d0:0f:09:48:f7:22:bc:6a:dc:a6:
6c:ec:0c:44:1a:ef:55:26:fc:b1:1f:ac:98:52:e7:
e3:38:18:e6:81:e7:af:35:10:9f:bd:ad:ea:2a:18:
9b:80:4c:38:76:54:78:39:9b:a2:b0:f4:3b:79:27:
60:7d:6d:f9:45:db:c4:3b:11:34:b7:ae:08:02:77:
6b:a7:05:22:8e:e0:04:49:59:fd:bf:81:16:96:cd:
10:f8:40:44:d9:3c:60:71:65:3d:ad:8d:97:4f:3f:
53:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:92:35:14:F1:64:63:FA:E5:0E:10:C7:9D:7F:46:0B:2D:9C:F7:32
X509v3 Authority Key Identifier:
keyid:AF:5E:93:F9:02:35:4C:E4:80:4B:4C:B0:49:CF:68:B2:0F:76:AE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r16T-QI1TOSAS0ywSc9osg92rrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/yJI1FPFkY_rlDhDHnX9GCy2c9zI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f4004b-d602-475d-931b-7e05ad0190ce/1/r16T-QI1TOSAS0ywSc9osg92rrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.40.0/22
45.145.220.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:f2:37:00:16:8b:07:33:87:56:94:20:97:bd:2a:e1:f9:2b:
3b:80:9a:e6:08:ec:63:d2:a0:79:c3:74:f3:90:81:79:18:e9:
c9:3c:f7:ba:ff:cc:cb:e4:66:47:f9:f4:18:a7:1a:3e:5d:81:
76:bc:ca:d6:4e:5e:79:2c:16:83:1f:94:56:51:c3:0f:b7:8b:
ad:6f:b2:4d:6c:a6:a2:11:57:36:b0:f0:71:7a:be:3f:3e:12:
a5:db:69:32:84:3e:a8:70:0c:cc:30:49:e3:de:1e:93:39:d0:
0c:c1:61:a6:b8:ef:bb:41:18:13:bf:15:b0:32:49:ec:24:23:
84:c7:d7:af:75:7f:77:f2:52:60:1e:fd:93:3e:37:5f:71:b0:
60:b3:5c:50:29:d6:7f:b1:54:a4:eb:00:69:3d:af:90:d2:7a:
4d:98:43:58:25:29:83:54:3a:17:68:c0:76:d6:f9:e7:79:2e:
8f:8f:2f:c9:3b:26:97:4e:a5:1c:e6:41:13:64:61:89:47:c7:
c4:0d:2e:41:35:9b:41:b7:29:73:07:62:78:da:c8:bb:f7:96:
3e:35:be:89:90:7c:90:36:84:1d:dc:26:f1:66:4c:cd:60:4d:
cf:6a:96:b0:43:42:70:a4:3b:c0:c1:16:ec:a8:4a:ff:d7:39:
e6:42:1a:ba
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBDkMWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjVlOTNmOTAyMzU0Y2U0ODA0YjRjYjA0OWNmNjhiMjBmNzZhZWIyMB4XDTIyMDQw
ODA5MjE1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzg5MjM1MTRmMTY0
NjNmYWU1MGUxMGM3OWQ3ZjQ2MGIyZDljZjczMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMO5PWxSRA4TRdVwEhgLC3UyXaXUITLCXowwagviBOF7Lg0A
FZ6SSNypNYDMlbsgJNZmKdPPV8C5wJCe8zHyCNdioTce0426vKWjkggS4A7zPEwc
VViyIsKVGDRAcXOrncSYt/OLQcX4o36/eDOJQ9Z1CJKUXf9KMo8loy+MoTifgX9o
90gwL27/zf0Qwq8MkKnFT7kVq8DBBLfQDwlI9yK8atymbOwMRBrvVSb8sR+smFLn
4zgY5oHnrzUQn72t6ioYm4BMOHZUeDmborD0O3knYH1t+UXbxDsRNLeuCAJ3a6cF
Io7gBElZ/b+BFpbNEPhARNk8YHFlPa2Nl08/U1sCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTIkjUU8WRj+uUOEMedf0YLLZz3MjAfBgNVHSMEGDAWgBSvXpP5AjVM5IBL
TLBJz2iyD3ausjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3IxNlQtUUkxVE9TQVMweXdTYzlvc2c5MnJySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDIvZjQwMDRiLWQ2MDItNDc1ZC05MzFiLTdlMDVhZDAxOTBjZS8x
L3lKSTFGUEZrWV9ybERoREhuWDlHQ3kyYzl6SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIv
ZjQwMDRiLWQ2MDItNDc1ZC05MzFiLTdlMDVhZDAxOTBjZS8xL3IxNlQtUUkxVE9T
QVMweXdTYzlvc2c5MnJySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2MKAMEAi2R3DANBgkqhkiG9w0B
AQsFAAOCAQEATfI3ABaLBzOHVpQgl70q4fkrO4Ca5gjsY9KgecN085CBeRjpyTz3
uv/My+RmR/n0GKcaPl2BdrzK1k5eeSwWgx+UVlHDD7eLrW+yTWymohFXNrDwcXq+
Pz4SpdtpMoQ+qHAMzDBJ494ekznQDMFhprjvu0EYE78VsDJJ7CQjhMfXr3V/d/JS
YB79kz43X3GwYLNcUCnWf7FUpOsAaT2vkNJ6TZhDWCUpg1Q6F2jAdtb553kuj48v
yTsml06lHOZBE2RhiUfHxA0uQTWbQbcpcwdieNrIu/eWPjW+iZB8kDaEHdwm8WZM
zWBNz2qWsENCcKQ7wMEW7KhK/9c55kIaug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:30 2024 by rpki-client on console-ams.rpki-client.org