Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/hJMslAZXNYOKAT8YPqBKZuCaIlk.roa
File: hJMslAZXNYOKAT8YPqBKZuCaIlk.roa (raw, json)
Hash identifier: yD+OHkfkYm8U3T8rxjj6yDzn8XZWX9IsmCoogwWN5PM=
Subject key identifier: 84:93:2C:94:06:57:35:83:8A:01:3F:18:3E:A0:4A:66:E0:9A:22:59
Certificate issuer: /CN=41f282cc1c07697ff5b5190c714393d542406d43
Certificate serial: 018CC2DB0300CFD9AE574E89873FCB3228F4
Authority key identifier: 41:F2:82:CC:1C:07:69:7F:F5:B5:19:0C:71:43:93:D5:42:40:6D:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfKCzBwHaX_1tRkMcUOT1UJAbUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/hJMslAZXNYOKAT8YPqBKZuCaIlk.roa
Signing time: Mon 01 Jan 2024 02:29:42 +0000
ROA not before: Mon 01 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21086
IP address blocks: 45.90.168.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:03:00:cf:d9:ae:57:4e:89:87:3f:cb:32:28:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f282cc1c07697ff5b5190c714393d542406d43
Validity
Not Before: Jan 1 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84932c94065735838a013f183ea04a66e09a2259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f9:f0:e5:af:86:71:ad:08:a0:a7:ec:c2:d7:
d0:27:79:9b:6b:e2:2f:de:34:bf:ad:12:ca:72:6f:
6c:84:67:9c:4d:4d:3a:fb:6d:cb:2d:50:b5:ca:82:
c1:a4:03:97:0d:32:e6:d9:23:cf:1b:f9:f3:c1:18:
a5:5f:d7:5e:29:ec:b7:17:10:7a:c8:ad:5d:5a:72:
00:3b:06:c8:5e:2c:30:c5:38:8d:dc:15:f6:5c:e8:
2b:11:4e:b7:6d:9b:d2:1f:22:be:7f:34:12:7b:96:
11:51:77:23:32:85:e4:a3:ec:2d:47:f0:36:90:7a:
9c:64:1e:77:be:fa:57:fb:79:e2:fd:42:02:9f:54:
63:11:db:53:4f:e8:0a:da:55:82:b4:98:78:7d:b4:
f4:96:0a:2d:f7:a7:17:f3:be:87:79:09:06:bb:56:
df:e2:ed:5f:f0:8d:36:b1:11:bb:d1:da:1f:56:fb:
ef:b7:f4:84:cf:38:a7:64:73:83:bf:af:a5:de:e7:
f2:7a:4a:76:cb:ca:8c:d5:95:2e:02:8f:d4:fe:cb:
87:cf:d3:bc:2e:d2:f4:28:eb:9a:e8:6b:2a:b7:a1:
2d:53:8d:94:83:7a:62:fd:fb:77:15:9b:ac:cb:c7:
82:00:bb:0c:a6:06:bf:ff:2a:72:7f:77:56:48:1c:
c5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:93:2C:94:06:57:35:83:8A:01:3F:18:3E:A0:4A:66:E0:9A:22:59
X509v3 Authority Key Identifier:
keyid:41:F2:82:CC:1C:07:69:7F:F5:B5:19:0C:71:43:93:D5:42:40:6D:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfKCzBwHaX_1tRkMcUOT1UJAbUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/hJMslAZXNYOKAT8YPqBKZuCaIlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/QfKCzBwHaX_1tRkMcUOT1UJAbUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.168.0/22
Signature Algorithm: sha256WithRSAEncryption
93:f3:10:42:d1:38:f4:e8:da:ec:d8:f2:26:f8:07:be:6c:87:
64:9f:82:b1:81:fb:6e:4f:e1:9b:75:7e:49:3d:d8:24:68:bd:
e4:2b:60:07:f7:d9:f0:78:2b:80:f9:cb:65:86:16:f9:71:38:
6e:84:b1:ba:b2:87:6e:42:81:1d:0b:e4:af:61:3c:97:f1:0f:
f7:2e:42:bd:6b:8e:3f:45:f8:79:9e:d3:ac:22:b3:d2:85:70:
de:1a:38:8e:c6:83:bb:d9:7c:c4:6f:22:72:b3:4d:66:46:62:
a7:1c:b7:86:e2:fb:8f:26:f6:34:34:e4:1e:f5:ec:56:22:45:
8c:ad:a3:93:a3:ed:23:48:73:93:4e:b6:e4:0a:b2:81:71:fe:
b4:04:0a:f9:e5:d1:c3:e0:d5:a7:d0:05:52:90:10:d9:5d:ce:
81:45:d6:ff:a2:15:91:22:c3:4b:60:8c:6b:15:b0:8e:a8:e8:
a9:ec:5a:0b:7b:2d:60:79:0a:f8:bc:f9:be:1b:15:dc:2e:2b:
e3:13:ba:43:91:3d:b4:f5:82:bf:0e:c1:8b:54:66:ef:b8:83:
95:f6:0d:e9:c7:b5:af:db:60:ad:30:b3:dc:bf:c8:b1:5a:3a:
e5:28:ef:bd:e2:00:89:a9:b4:a8:64:7b:87:d3:26:b1:f5:47:
50:24:53:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2wMAz9muV06Jhz/LMij0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjI4MmNjMWMwNzY5N2ZmNWI1MTkwYzcxNDM5M2Q1NDI0
MDZkNDMwHhcNMjQwMTAxMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDkzMmM5NDA2NTczNTgzOGEwMTNmMTgzZWEwNGE2NmUwOWEyMjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfnw5a+Gca0IoKfswtfQJ3mba+Iv
3jS/rRLKcm9shGecTU06+23LLVC1yoLBpAOXDTLm2SPPG/nzwRilX9deKey3FxB6
yK1dWnIAOwbIXiwwxTiN3BX2XOgrEU63bZvSHyK+fzQSe5YRUXcjMoXko+wtR/A2
kHqcZB53vvpX+3ni/UICn1RjEdtTT+gK2lWCtJh4fbT0lgot96cX876HeQkGu1bf
4u1f8I02sRG70dofVvvvt/SEzzinZHODv6+l3ufyekp2y8qM1ZUuAo/U/suHz9O8
LtL0KOua6Gsqt6EtU42Ug3pi/ft3FZusy8eCALsMpga//ypyf3dWSBzF/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFISTLJQGVzWDigE/GD6gSmbgmiJZMB8GA1UdIwQY
MBaAFEHygswcB2l/9bUZDHFDk9VCQG1DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZLQ3pCd0hhWF8xdFJrTWNVT1QxVUpBYlVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZWFlOTUtNDBiZC00YWFkLWFiMTQt
ZTNlZWNmOWRmYWFkLzEvaEpNc2xBWlhOWU9LQVQ4WVBxQktadUNhSWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZWFlOTUtNDBiZC00YWFkLWFiMTQtZTNlZWNmOWRmYWFk
LzEvUWZLQ3pCd0hhWF8xdFJrTWNVT1QxVUpBYlVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVqoMA0G
CSqGSIb3DQEBCwUAA4IBAQCT8xBC0Tj06Nrs2PIm+Ae+bIdkn4KxgftuT+GbdX5J
PdgkaL3kK2AH99nweCuA+ctlhhb5cThuhLG6soduQoEdC+SvYTyX8Q/3LkK9a44/
Rfh5ntOsIrPShXDeGjiOxoO72XzEbyJys01mRmKnHLeG4vuPJvY0NOQe9exWIkWM
raOTo+0jSHOTTrbkCrKBcf60BAr55dHD4NWn0AVSkBDZXc6BRdb/ohWRIsNLYIxr
FbCOqOip7FoLey1geQr4vPm+GxXcLivjE7pDkT209YK/DsGLVGbvuIOV9g3px7Wv
22CtMLPcv8ixWjrlKO+94gCJqbSoZHuH0yax9UdQJFOb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:07 2024 by rpki-client on console-fra.rpki-client.org