Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/rm2-5PvoyD8tqTyOAlHJRWmlM5w.roa
File: rm2-5PvoyD8tqTyOAlHJRWmlM5w.roa (raw, json)
Hash identifier: my0lwoB7fi516OkYRtV0UHD3l8WmTuC4GPmBtVl3e+g=
Subject key identifier: AE:6D:BE:E4:FB:E8:C8:3F:2D:A9:3C:8E:02:51:C9:45:69:A5:33:9C
Certificate issuer: /CN=41f282cc1c07697ff5b5190c714393d542406d43
Certificate serial: 01856DCAC111B1FEC4C94D4B447B490E833D
Authority key identifier: 41:F2:82:CC:1C:07:69:7F:F5:B5:19:0C:71:43:93:D5:42:40:6D:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfKCzBwHaX_1tRkMcUOT1UJAbUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/rm2-5PvoyD8tqTyOAlHJRWmlM5w.roa
Signing time: Sun 01 Jan 2023 14:44:42 +0000
ROA not before: Sun 01 Jan 2023 14:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21086
IP address blocks: 45.90.168.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:c1:11:b1:fe:c4:c9:4d:4b:44:7b:49:0e:83:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f282cc1c07697ff5b5190c714393d542406d43
Validity
Not Before: Jan 1 14:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae6dbee4fbe8c83f2da93c8e0251c94569a5339c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:53:25:d7:63:9f:d1:7a:d9:09:2d:ac:55:42:
26:35:8b:04:55:08:e5:c3:a0:b3:ba:3d:eb:b0:da:
82:a2:35:7e:b6:fa:1f:d6:17:2c:d7:9c:63:ba:25:
6c:56:86:4b:1d:21:af:77:c6:35:4d:6c:58:31:3c:
58:99:e8:2c:32:bf:b4:eb:a0:c9:e9:7f:79:0b:46:
b5:a3:8d:da:a5:59:b3:61:70:5c:0f:8d:3a:b7:03:
aa:f5:8d:d8:e9:68:8d:57:49:7d:30:45:6a:2e:8c:
30:47:d4:a5:4d:fb:52:2e:fa:49:41:bb:66:d8:bc:
4a:78:28:d2:cd:59:bc:58:ce:39:4b:a9:0d:ee:e5:
b6:bc:0d:d6:0f:47:1e:df:ce:36:4b:06:7f:c9:15:
f4:cb:03:20:d0:30:7e:79:af:6f:e2:f6:a9:57:e3:
96:6f:39:15:14:8f:97:d8:64:23:c1:df:f7:15:e6:
cb:46:ef:40:1c:9b:17:09:b4:24:a2:65:4d:26:3a:
22:ff:44:f4:a5:06:d3:c5:9f:22:ef:82:7e:20:6f:
fc:e0:b7:16:8b:e1:76:c7:e9:e8:d7:d1:2d:f0:56:
a5:f3:41:61:93:3d:e7:de:79:52:29:5e:82:ea:33:
b4:75:0d:e1:b4:6d:2f:0e:e2:e2:20:6d:68:8d:2c:
a2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:6D:BE:E4:FB:E8:C8:3F:2D:A9:3C:8E:02:51:C9:45:69:A5:33:9C
X509v3 Authority Key Identifier:
keyid:41:F2:82:CC:1C:07:69:7F:F5:B5:19:0C:71:43:93:D5:42:40:6D:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfKCzBwHaX_1tRkMcUOT1UJAbUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/rm2-5PvoyD8tqTyOAlHJRWmlM5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/QfKCzBwHaX_1tRkMcUOT1UJAbUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.168.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:cb:ae:f2:bd:00:77:10:57:b7:85:13:9f:b5:15:39:58:ff:
b0:1e:81:ae:8d:dd:77:56:ed:a0:b8:29:40:20:30:9c:51:8f:
ca:1d:af:e2:08:bb:e5:48:ce:7f:2a:9e:89:c5:43:d9:88:66:
d4:12:fa:81:20:91:06:c8:9a:55:f6:7a:c0:0d:2d:1e:35:21:
61:39:d1:5a:4a:02:03:a4:5e:f4:a1:25:7c:f4:d5:56:66:c0:
ac:bb:e2:03:5c:49:7c:52:ad:54:63:36:df:89:87:6f:ec:88:
d3:75:e6:ef:8b:9f:1f:97:0d:b2:10:48:44:72:a6:01:c0:ba:
03:84:be:88:1e:c6:69:79:3a:39:57:43:a3:c7:f7:61:d8:a2:
d8:0d:be:f9:4f:d6:e2:32:8b:b5:c2:10:8c:53:8b:45:20:94:
b6:78:cd:96:bb:96:0f:95:e0:bb:f9:53:89:e3:dc:42:9e:36:
fc:6c:a1:d7:8a:e1:f4:ef:ff:02:5c:78:bb:23:08:b1:2d:b4:
3b:48:c6:a4:90:68:8b:06:cc:0c:5f:82:7e:7d:da:15:9c:50:
f3:fa:15:d2:ec:95:d3:af:50:a2:2f:8d:c3:b5:c3:96:4b:74:
31:9a:b5:e2:96:9e:5f:0f:55:25:59:fc:2e:af:e8:6a:23:f4:
58:db:76:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtysERsf7EyU1LRHtJDoM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjI4MmNjMWMwNzY5N2ZmNWI1MTkwYzcxNDM5M2Q1NDI0
MDZkNDMwHhcNMjMwMTAxMTQ0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTZkYmVlNGZiZThjODNmMmRhOTNjOGUwMjUxYzk0NTY5YTUzMzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1Ml12Of0XrZCS2sVUImNYsEVQjl
w6Czuj3rsNqCojV+tvof1hcs15xjuiVsVoZLHSGvd8Y1TWxYMTxYmegsMr+066DJ
6X95C0a1o43apVmzYXBcD406twOq9Y3Y6WiNV0l9MEVqLowwR9SlTftSLvpJQbtm
2LxKeCjSzVm8WM45S6kN7uW2vA3WD0ce3842SwZ/yRX0ywMg0DB+ea9v4vapV+OW
bzkVFI+X2GQjwd/3FebLRu9AHJsXCbQkomVNJjoi/0T0pQbTxZ8i74J+IG/84LcW
i+F2x+no19Et8Fal80Fhkz3n3nlSKV6C6jO0dQ3htG0vDuLiIG1ojSyixwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK5tvuT76Mg/Lak8jgJRyUVppTOcMB8GA1UdIwQY
MBaAFEHygswcB2l/9bUZDHFDk9VCQG1DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZLQ3pCd0hhWF8xdFJrTWNVT1QxVUpBYlVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZWFlOTUtNDBiZC00YWFkLWFiMTQt
ZTNlZWNmOWRmYWFkLzEvcm0yLTVQdm95RDh0cVR5T0FsSEpSV21sTTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZWFlOTUtNDBiZC00YWFkLWFiMTQtZTNlZWNmOWRmYWFk
LzEvUWZLQ3pCd0hhWF8xdFJrTWNVT1QxVUpBYlVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVqoMA0G
CSqGSIb3DQEBCwUAA4IBAQBdy67yvQB3EFe3hROftRU5WP+wHoGujd13Vu2guClA
IDCcUY/KHa/iCLvlSM5/Kp6JxUPZiGbUEvqBIJEGyJpV9nrADS0eNSFhOdFaSgID
pF70oSV89NVWZsCsu+IDXEl8Uq1UYzbfiYdv7IjTdebvi58flw2yEEhEcqYBwLoD
hL6IHsZpeTo5V0Ojx/dh2KLYDb75T9biMou1whCMU4tFIJS2eM2Wu5YPleC7+VOJ
49xCnjb8bKHXiuH07/8CXHi7IwixLbQ7SMakkGiLBswMX4J+fdoVnFDz+hXS7JXT
r1CiL43DtcOWS3QxmrXilp5fD1UlWfwur+hqI/RY23aP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:07 2024 by rpki-client on console-fra.rpki-client.org