Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/dKbRrJcgGgXaAvocZAuz8c9rEKc.roa
File: dKbRrJcgGgXaAvocZAuz8c9rEKc.roa (raw, json)
Hash identifier: tT8fmHh82DpnJLCTdaKNMt6H44fps5b9VWVACSbPIzM=
Subject key identifier: 74:A6:D1:AC:97:20:1A:05:DA:02:FA:1C:64:0B:B3:F1:CF:6B:10:A7
Certificate issuer: /CN=41f282cc1c07697ff5b5190c714393d542406d43
Certificate serial: 060E89A7
Authority key identifier: 41:F2:82:CC:1C:07:69:7F:F5:B5:19:0C:71:43:93:D5:42:40:6D:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfKCzBwHaX_1tRkMcUOT1UJAbUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/dKbRrJcgGgXaAvocZAuz8c9rEKc.roa
Signing time: Sat 01 Jan 2022 04:58:09 +0000
ROA not before: Sat 01 Jan 2022 04:58:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21086
IP address blocks: 45.90.168.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101616039 (0x60e89a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f282cc1c07697ff5b5190c714393d542406d43
Validity
Not Before: Jan 1 04:58:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=74a6d1ac97201a05da02fa1c640bb3f1cf6b10a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1d:be:af:61:e0:0a:5a:6d:27:42:b8:33:25:
38:98:9b:f5:2c:2a:df:84:2d:f0:34:e7:a6:a4:74:
d3:1f:36:f1:d9:3e:ac:3c:25:d4:36:b4:1c:35:83:
d3:57:09:ae:84:12:85:35:f0:14:25:f4:4a:c8:8b:
90:91:9e:b3:f5:3c:e9:f6:19:70:61:5c:2b:aa:30:
33:61:59:14:a6:80:cb:8b:ae:84:87:f8:8c:83:b4:
41:b7:b1:1b:fd:2c:57:31:32:da:df:87:64:52:bd:
c1:fd:c1:2e:e8:cd:f9:b3:6b:2d:39:83:db:74:78:
f7:4c:04:f4:b5:78:21:2b:e8:68:15:43:32:b0:ec:
95:d0:96:fe:03:27:df:7d:3b:d5:af:85:cb:0a:0c:
42:08:50:35:08:73:7f:d0:0d:fe:7d:03:31:fe:2a:
73:c2:7d:11:8a:c9:8a:c7:5e:d9:7a:3a:e4:7e:7e:
5b:22:95:4d:27:73:7e:06:a8:08:73:5f:36:ae:1c:
20:e1:6f:7c:88:6c:0b:6c:17:47:2a:4a:24:05:e0:
da:9a:15:16:5f:e9:c0:a0:9b:a3:41:38:6e:23:c4:
d2:e7:81:b0:df:c5:eb:17:e3:0d:fd:0c:c3:37:ab:
ac:c7:5a:8c:65:0a:47:5e:55:b6:82:7b:08:2b:87:
fd:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:A6:D1:AC:97:20:1A:05:DA:02:FA:1C:64:0B:B3:F1:CF:6B:10:A7
X509v3 Authority Key Identifier:
keyid:41:F2:82:CC:1C:07:69:7F:F5:B5:19:0C:71:43:93:D5:42:40:6D:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfKCzBwHaX_1tRkMcUOT1UJAbUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/dKbRrJcgGgXaAvocZAuz8c9rEKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/QfKCzBwHaX_1tRkMcUOT1UJAbUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.168.0/22
Signature Algorithm: sha256WithRSAEncryption
17:6e:d1:f3:7a:c0:03:79:c9:40:2e:72:98:3a:5a:98:b5:5b:
57:43:98:aa:4e:d5:cd:d6:33:20:3b:35:b1:d0:86:09:71:eb:
38:83:d1:ee:1c:11:9c:cf:8f:2a:3c:5d:be:ab:3b:6f:78:3e:
26:6e:8a:af:91:7d:46:f5:39:48:6a:ed:6f:bc:7e:0e:d1:2c:
af:0c:53:ef:39:84:93:db:ba:f3:1d:6d:b8:d4:31:d6:a4:86:
3f:76:b6:ca:78:63:c4:f8:b3:a3:d9:7b:1e:c4:c0:d2:a5:81:
98:06:74:b6:29:40:dc:d7:46:63:9b:16:d3:49:08:25:01:36:
bd:a6:21:e3:ad:54:3b:41:e1:d4:67:9b:d7:90:b4:65:4b:db:
ec:2d:4f:f3:12:56:a0:bd:4a:56:98:f0:4a:5c:16:ac:d6:0d:
b2:29:5a:c3:18:8b:de:d5:9c:45:b4:67:49:28:11:0f:a8:1c:
b9:b1:8b:20:d8:34:3c:3f:38:38:89:50:fb:f0:2a:3f:e0:4c:
77:d6:af:65:e6:b7:42:6a:4b:1c:06:35:66:d8:17:df:a6:51:
ff:ac:dd:26:a1:4a:05:4e:c3:38:e2:00:9c:88:81:5c:e6:d1:
f9:98:a9:b8:be:3f:6a:fe:e5:8a:16:8c:7c:b7:f0:f8:2d:22:
75:33:ef:4f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBg6JpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MWYyODJjYzFjMDc2OTdmZjViNTE5MGM3MTQzOTNkNTQyNDA2ZDQzMB4XDTIyMDEw
MTA0NTgwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzRhNmQxYWM5NzIw
MWEwNWRhMDJmYTFjNjQwYmIzZjFjZjZiMTBhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgdvq9h4ApabSdCuDMlOJib9Swq34Qt8DTnpqR00x828dk+
rDwl1Da0HDWD01cJroQShTXwFCX0SsiLkJGes/U86fYZcGFcK6owM2FZFKaAy4uu
hIf4jIO0QbexG/0sVzEy2t+HZFK9wf3BLujN+bNrLTmD23R490wE9LV4ISvoaBVD
MrDsldCW/gMn33071a+FywoMQghQNQhzf9AN/n0DMf4qc8J9EYrJisde2Xo65H5+
WyKVTSdzfgaoCHNfNq4cIOFvfIhsC2wXRypKJAXg2poVFl/pwKCbo0E4biPE0ueB
sN/F6xfjDf0MwzerrMdajGUKR15VtoJ7CCuH/e0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR0ptGslyAaBdoC+hxkC7Pxz2sQpzAfBgNVHSMEGDAWgBRB8oLMHAdpf/W1
GQxxQ5PVQkBtQzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FmS0N6QndIYVhfMXRSa01jVU9UMVVKQWJVTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvYWVhZTk1LTQwYmQtNGFhZC1hYjE0LWUzZWVjZjlkZmFhZC8x
L2RLYlJySmNnR2dYYUF2b2NaQXV6OGM5ckVLYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
YWVhZTk1LTQwYmQtNGFhZC1hYjE0LWUzZWVjZjlkZmFhZC8xL1FmS0N6QndIYVhf
MXRSa01jVU9UMVVKQWJVTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1aqDANBgkqhkiG9w0BAQsFAAOC
AQEAF27R83rAA3nJQC5ymDpamLVbV0OYqk7VzdYzIDs1sdCGCXHrOIPR7hwRnM+P
Kjxdvqs7b3g+Jm6Kr5F9RvU5SGrtb7x+DtEsrwxT7zmEk9u68x1tuNQx1qSGP3a2
ynhjxPizo9l7HsTA0qWBmAZ0tilA3NdGY5sW00kIJQE2vaYh461UO0Hh1Geb15C0
ZUvb7C1P8xJWoL1KVpjwSlwWrNYNsilawxiL3tWcRbRnSSgRD6gcubGLINg0PD84
OIlQ+/AqP+BMd9avZea3QmpLHAY1ZtgX36ZR/6zdJqFKBU7DOOIAnIiBXObR+Zip
uL4/av7lihaMfLfw+C0idTPvTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:39 2024 by rpki-client on console-ams.rpki-client.org