Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/KQ3qNlzUdKSNJQUeo62hQb3523w.roa
File: KQ3qNlzUdKSNJQUeo62hQb3523w.roa (raw, json)
Hash identifier: qJU7BQ3c6ahvclWMpXeasK1yU6XRVOD0unHyirm5ySk=
Subject key identifier: 29:0D:EA:36:5C:D4:74:A4:8D:25:05:1E:A3:AD:A1:41:BD:F9:DB:7C
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018572C3874FB1D56CC85D90F3A91EF60C4E
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/KQ3qNlzUdKSNJQUeo62hQb3523w.roa
Signing time: Mon 02 Jan 2023 13:54:54 +0000
ROA not before: Mon 02 Jan 2023 13:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210818
IP address blocks: 45.90.72.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:87:4f:b1:d5:6c:c8:5d:90:f3:a9:1e:f6:0c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Jan 2 13:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=290dea365cd474a48d25051ea3ada141bdf9db7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a1:5c:67:92:c3:fc:1c:03:b6:1e:e7:fd:bc:
14:e0:d2:ae:9b:38:c9:d5:b4:f2:0d:1a:d6:17:93:
c3:35:c6:cf:9b:94:fa:b3:b7:d7:93:b4:32:a8:a4:
e6:41:d4:40:1a:e4:21:ba:19:d2:c5:8e:85:42:e0:
c0:dd:23:9a:03:f3:7d:8e:08:48:23:6d:e1:4d:76:
e4:a6:96:4d:52:e8:68:4b:db:c5:c2:33:e3:cc:1a:
a8:1b:d2:00:bb:1a:f2:f4:ff:79:15:01:58:90:25:
bf:70:2c:2a:ea:52:fd:6d:cc:da:58:94:5c:cd:2f:
18:e7:39:d0:ad:c2:6f:05:13:50:61:74:7a:5f:22:
5a:26:86:5c:bf:62:71:84:2c:43:3c:94:41:46:ee:
d6:b3:64:24:8c:dc:ea:81:7b:3b:0d:6c:2d:e6:cf:
7f:35:cf:d3:35:15:fe:47:f3:46:d1:36:da:ee:fd:
3b:bb:f3:39:f7:4f:19:98:92:f0:79:49:b3:6f:da:
ed:e8:c7:44:65:91:f3:f9:f9:98:9e:01:2e:76:b2:
d1:0f:1b:a4:a4:c9:55:d5:2a:3e:45:0b:e7:a0:72:
63:96:7e:84:a9:94:79:12:79:57:24:49:2f:ee:f7:
f2:3e:b7:1e:e4:21:0b:40:99:41:36:03:29:30:95:
53:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:0D:EA:36:5C:D4:74:A4:8D:25:05:1E:A3:AD:A1:41:BD:F9:DB:7C
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/KQ3qNlzUdKSNJQUeo62hQb3523w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.72.0/24
Signature Algorithm: sha256WithRSAEncryption
40:e8:06:44:f0:55:4a:5c:5a:e9:e5:85:00:8e:14:3b:f6:70:
d8:98:da:a6:44:06:89:42:c1:5e:a6:6d:2d:85:1b:8f:c9:e2:
ba:5b:75:46:65:a0:ee:77:f8:b1:5d:d7:6a:d8:b7:f7:7c:2a:
6b:d9:9b:61:d2:55:1d:3c:f3:cc:e0:15:ec:e9:54:a9:96:48:
97:85:f7:79:7e:06:77:22:0e:4f:62:02:d1:5b:68:30:e3:4a:
8a:30:c9:88:38:5a:26:f4:fe:a4:17:20:1f:a2:3f:45:e8:5e:
7e:0f:39:f5:39:39:f2:66:40:f8:e6:d6:10:d3:b5:8a:b6:ae:
43:c0:3e:47:c9:86:32:05:85:77:9b:76:a3:bc:e7:49:a3:20:
23:72:dd:91:6c:b5:98:7f:55:de:e0:10:6c:01:7c:aa:af:67:
53:76:33:8f:7f:75:1c:ca:b0:9f:63:27:eb:c5:30:ae:70:94:
b1:75:5f:3f:80:0e:bd:cd:f4:1f:02:60:a6:e7:36:ad:69:6b:
5b:d2:b5:ad:c9:e9:bd:06:8a:f4:11:0d:cf:17:8e:17:e5:52:
3b:28:c2:f8:e2:be:0a:8b:3c:09:3d:a7:29:e5:d2:48:6d:e6:
f6:75:51:d7:8a:91:c0:62:d8:c8:b2:cc:2e:df:11:9b:9b:93:
27:cf:8c:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyw4dPsdVsyF2Q86ke9gxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjMwMTAyMTM1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTBkZWEzNjVjZDQ3NGE0OGQyNTA1MWVhM2FkYTE0MWJkZjlkYjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKFcZ5LD/BwDth7n/bwU4NKumzjJ
1bTyDRrWF5PDNcbPm5T6s7fXk7QyqKTmQdRAGuQhuhnSxY6FQuDA3SOaA/N9jghI
I23hTXbkppZNUuhoS9vFwjPjzBqoG9IAuxry9P95FQFYkCW/cCwq6lL9bczaWJRc
zS8Y5znQrcJvBRNQYXR6XyJaJoZcv2JxhCxDPJRBRu7Ws2QkjNzqgXs7DWwt5s9/
Nc/TNRX+R/NG0Tba7v07u/M5908ZmJLweUmzb9rt6MdEZZHz+fmYngEudrLRDxuk
pMlV1So+RQvnoHJjln6EqZR5EnlXJEkv7vfyPrce5CELQJlBNgMpMJVTpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCkN6jZc1HSkjSUFHqOtoUG9+dt8MB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvS1EzcU5selVkS1NOSlFVZW82MmhRYjM1MjN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVpIMA0G
CSqGSIb3DQEBCwUAA4IBAQBA6AZE8FVKXFrp5YUAjhQ79nDYmNqmRAaJQsFepm0t
hRuPyeK6W3VGZaDud/ixXddq2Lf3fCpr2Zth0lUdPPPM4BXs6VSplkiXhfd5fgZ3
Ig5PYgLRW2gw40qKMMmIOFom9P6kFyAfoj9F6F5+Dzn1OTnyZkD45tYQ07WKtq5D
wD5HyYYyBYV3m3ajvOdJoyAjct2RbLWYf1Xe4BBsAXyqr2dTdjOPf3UcyrCfYyfr
xTCucJSxdV8/gA69zfQfAmCm5zataWtb0rWtyem9Bor0EQ3PF44X5VI7KML44r4K
izwJPacp5dJIbeb2dVHXipHAYtjIsswu3xGbm5Mnz4wn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:16 2024 by rpki-client on console-fra.rpki-client.org