Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/sYkaaOo3AZECwQAYAuHHPRx-Z6k.roa
File: sYkaaOo3AZECwQAYAuHHPRx-Z6k.roa (raw, json)
Hash identifier: GaMsXxOZ941gA5ZW4C+Jg+T/6ZmfcBjyn7Pn/aQjshc=
Subject key identifier: B1:89:1A:68:EA:37:01:91:02:C1:00:18:02:E1:C7:3D:1C:7E:67:A9
Certificate issuer: /CN=41f282cc1c07697ff5b5190c714393d542406d43
Certificate serial: 01856DCAC20EFC185B4E5681B9F60F67092F
Authority key identifier: 41:F2:82:CC:1C:07:69:7F:F5:B5:19:0C:71:43:93:D5:42:40:6D:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfKCzBwHaX_1tRkMcUOT1UJAbUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/sYkaaOo3AZECwQAYAuHHPRx-Z6k.roa
Signing time: Sun 01 Jan 2023 14:44:42 +0000
ROA not before: Sun 01 Jan 2023 14:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208449
IP address blocks: 45.90.168.0/22 maxlen: 24
2a0d:f100::/29 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:c2:0e:fc:18:5b:4e:56:81:b9:f6:0f:67:09:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f282cc1c07697ff5b5190c714393d542406d43
Validity
Not Before: Jan 1 14:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1891a68ea37019102c1001802e1c73d1c7e67a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:12:b7:7f:c1:f7:e0:e0:99:e6:f5:f6:e5:65:
16:ad:3c:34:2b:54:06:de:28:ae:e2:d6:22:a2:fd:
b8:8d:3b:eb:80:fe:77:84:14:23:bd:67:78:7a:cf:
38:d6:23:7a:db:0f:b5:a7:10:3b:62:43:fe:f8:f1:
ce:a6:ab:c1:5d:6c:88:06:7c:10:b1:f0:bc:6f:64:
ee:fa:24:0b:cb:21:c6:31:9b:c4:46:ac:b8:56:d6:
0a:c3:e0:de:94:30:bb:15:5d:a7:94:ed:9e:8a:b5:
1c:d5:68:cd:46:47:3c:03:f8:13:86:c9:3e:20:f2:
b4:cc:ae:52:27:ba:4b:1d:59:eb:35:61:20:64:01:
b0:48:70:b0:22:20:6f:38:1e:92:3c:5d:ce:86:9c:
57:5b:02:d4:6a:13:95:aa:aa:b7:69:70:54:a4:1c:
3b:6c:69:fb:46:8d:fc:52:5e:f6:d4:90:c2:8e:2d:
db:ff:e1:c8:ad:ea:13:ae:8e:cd:c7:a4:bf:fa:4c:
41:49:5a:7b:9e:92:e8:ba:e4:43:da:d8:f1:49:73:
4b:9b:3f:fb:e0:45:10:fd:47:d8:e5:99:5e:10:30:
01:a1:91:d4:29:f6:8d:a9:f4:8a:a6:b4:5b:23:2e:
99:b4:6c:71:55:31:74:90:1a:53:34:43:32:fe:c5:
6a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:89:1A:68:EA:37:01:91:02:C1:00:18:02:E1:C7:3D:1C:7E:67:A9
X509v3 Authority Key Identifier:
keyid:41:F2:82:CC:1C:07:69:7F:F5:B5:19:0C:71:43:93:D5:42:40:6D:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfKCzBwHaX_1tRkMcUOT1UJAbUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/sYkaaOo3AZECwQAYAuHHPRx-Z6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/aeae95-40bd-4aad-ab14-e3eecf9dfaad/1/QfKCzBwHaX_1tRkMcUOT1UJAbUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.168.0/22
IPv6:
2a0d:f100::/29
Signature Algorithm: sha256WithRSAEncryption
72:3f:03:bc:44:40:0a:45:f7:6f:f6:2b:f8:21:31:ff:1b:66:
15:cf:71:d4:24:c1:95:ed:93:02:93:39:59:b6:79:78:58:12:
33:a6:e6:c5:41:c2:3a:3f:5c:a9:93:9e:01:d4:dc:91:26:4d:
a9:84:d1:5f:b5:54:43:fc:56:d5:e0:84:fa:02:9c:87:b7:f5:
a7:77:66:a6:4a:1e:3a:bc:8d:06:b3:a3:1e:d7:16:95:f2:5f:
7c:41:d3:3b:3c:db:48:c4:7b:c9:b2:b4:fb:a5:32:d9:56:a3:
0c:fc:cb:ad:4e:43:0b:60:12:68:c1:ae:aa:f6:57:58:10:64:
91:bb:38:04:17:71:42:d2:29:c0:9e:90:8e:87:76:b5:d6:c4:
e9:08:ff:6e:ed:7c:6c:ad:77:88:5d:87:96:d7:0d:3d:ad:4e:
54:09:10:79:63:e0:47:94:0e:4a:93:55:5a:ed:05:c1:72:34:
19:57:b2:3e:8f:13:71:56:10:58:b9:fe:7c:57:49:97:00:36:
b8:a6:1f:28:f4:d9:2e:10:3b:fe:8f:66:8e:e3:9c:2d:03:f6:
9c:54:2a:75:c7:87:46:e3:73:71:d1:2a:21:0c:00:8e:cd:e6:
6b:e0:95:34:49:93:b2:36:18:24:77:03:e7:e9:dd:b7:e6:af:
58:e7:5d:92
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtysIO/BhbTlaBufYPZwkvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjI4MmNjMWMwNzY5N2ZmNWI1MTkwYzcxNDM5M2Q1NDI0
MDZkNDMwHhcNMjMwMTAxMTQ0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTg5MWE2OGVhMzcwMTkxMDJjMTAwMTgwMmUxYzczZDFjN2U2N2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBK3f8H34OCZ5vX25WUWrTw0K1QG
3iiu4tYiov24jTvrgP53hBQjvWd4es841iN62w+1pxA7YkP++PHOpqvBXWyIBnwQ
sfC8b2Tu+iQLyyHGMZvERqy4VtYKw+DelDC7FV2nlO2eirUc1WjNRkc8A/gThsk+
IPK0zK5SJ7pLHVnrNWEgZAGwSHCwIiBvOB6SPF3OhpxXWwLUahOVqqq3aXBUpBw7
bGn7Ro38Ul721JDCji3b/+HIreoTro7Nx6S/+kxBSVp7npLouuRD2tjxSXNLmz/7
4EUQ/UfY5ZleEDABoZHUKfaNqfSKprRbIy6ZtGxxVTF0kBpTNEMy/sVqiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLGJGmjqNwGRAsEAGALhxz0cfmepMB8GA1UdIwQY
MBaAFEHygswcB2l/9bUZDHFDk9VCQG1DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZLQ3pCd0hhWF8xdFJrTWNVT1QxVUpBYlVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZWFlOTUtNDBiZC00YWFkLWFiMTQt
ZTNlZWNmOWRmYWFkLzEvc1lrYWFPbzNBWkVDd1FBWUF1SEhQUngtWjZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZWFlOTUtNDBiZC00YWFkLWFiMTQtZTNlZWNmOWRmYWFk
LzEvUWZLQ3pCd0hhWF8xdFJrTWNVT1QxVUpBYlVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVqoMA0E
AgACMAcDBQMqDfEAMA0GCSqGSIb3DQEBCwUAA4IBAQByPwO8REAKRfdv9iv4ITH/
G2YVz3HUJMGV7ZMCkzlZtnl4WBIzpubFQcI6P1ypk54B1NyRJk2phNFftVRD/FbV
4IT6ApyHt/Wnd2amSh46vI0Gs6Me1xaV8l98QdM7PNtIxHvJsrT7pTLZVqMM/Mut
TkMLYBJowa6q9ldYEGSRuzgEF3FC0inAnpCOh3a11sTpCP9u7XxsrXeIXYeW1w09
rU5UCRB5Y+BHlA5Kk1Va7QXBcjQZV7I+jxNxVhBYuf58V0mXADa4ph8o9NkuEDv+
j2aO45wtA/acVCp1x4dG43Nx0SohDACOzeZr4JU0SZOyNhgkdwPn6d235q9Y512S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:07 2024 by rpki-client on console-fra.rpki-client.org