Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/rENBAWpwbTMU6cYgt6R2CXhHGBw.roa
File: rENBAWpwbTMU6cYgt6R2CXhHGBw.roa (raw, json)
Hash identifier: OTI0kWdgJ4pJaq/jVU9z8bDimITr7BSwp9J5I3N7ChE=
Subject key identifier: AC:43:41:01:6A:70:6D:33:14:E9:C6:20:B7:A4:76:09:78:47:18:1C
Certificate issuer: /CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Certificate serial: 02791A4C
Authority key identifier: 8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/rENBAWpwbTMU6cYgt6R2CXhHGBw.roa
Signing time: Sat 01 Jan 2022 00:52:50 +0000
ROA not before: Sat 01 Jan 2022 00:52:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7922
IP address blocks: 45.90.20.0/22 maxlen: 22
194.99.112.0/24 maxlen: 24
194.102.239.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41491020 (0x2791a4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Validity
Not Before: Jan 1 00:52:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac4341016a706d3314e9c620b7a476097847181c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:da:2a:38:73:40:ec:5c:be:7d:01:25:51:b0:
eb:fa:23:eb:af:c4:55:60:1f:2b:8b:f6:f7:35:63:
3b:23:51:0a:b3:c0:b2:5c:85:ab:20:58:2b:5e:2e:
40:a7:05:a5:4e:46:07:04:66:d2:07:76:1a:c6:f1:
9f:db:97:39:df:97:9a:20:8e:a8:81:50:07:da:e3:
56:28:6e:e3:fe:37:ab:b8:72:04:fe:bd:85:35:0d:
c9:c9:a4:9d:ea:86:2a:74:74:d4:a2:ee:c3:cc:c9:
b2:2f:78:76:fe:82:97:3c:3f:96:fe:45:21:9b:e1:
db:e4:9a:91:06:97:05:c1:a0:ae:f3:d7:06:1f:77:
c3:82:28:a6:0f:cb:64:1d:25:e7:dd:e9:7b:e3:d5:
6e:3b:9d:50:07:8e:ed:3e:f4:7c:01:dc:ac:e2:da:
8d:02:d0:b6:d9:43:68:cd:9d:36:da:7e:fe:6f:1c:
88:30:08:a8:15:c1:29:39:17:8e:3b:c4:42:55:1c:
89:65:91:c1:09:f1:b2:f7:af:4e:c7:61:38:4e:88:
48:05:dc:cb:03:0d:a6:ac:23:85:9e:7a:a7:ad:df:
6d:a3:e0:10:f4:f1:7c:97:ed:49:d7:b3:24:54:be:
a7:2a:5a:37:8e:5c:8e:72:cd:9c:ba:90:cf:87:03:
5e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:43:41:01:6A:70:6D:33:14:E9:C6:20:B7:A4:76:09:78:47:18:1C
X509v3 Authority Key Identifier:
keyid:8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/rENBAWpwbTMU6cYgt6R2CXhHGBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.20.0/22
194.99.112.0/24
194.102.239.0/24
Signature Algorithm: sha256WithRSAEncryption
76:e6:ac:01:88:1d:23:16:54:bc:13:33:00:48:77:b0:96:cf:
16:37:dd:00:71:d6:dc:c6:be:c5:b7:1f:08:26:32:a8:50:68:
3b:c8:6c:22:f4:27:35:f8:0b:3d:ab:8c:e2:e3:ce:0c:3d:e4:
a3:9b:e7:01:50:db:ab:14:e8:7e:c1:f0:3a:f6:5e:21:5e:6a:
f8:eb:55:38:eb:6c:8d:1a:a2:1e:5b:9c:54:64:ce:be:55:e8:
fd:34:0a:5e:42:f7:43:1e:4f:9c:c8:dc:ff:bb:45:99:a8:66:
57:6d:f5:6b:b4:d2:dc:51:c5:20:9b:17:69:39:ad:be:3f:9d:
a8:d8:a3:4d:65:05:48:8b:01:fc:a2:db:f1:1c:c9:52:80:a1:
b3:2a:76:fb:1b:02:41:1c:14:26:c1:5f:cd:98:b1:13:f9:4d:
0c:65:32:bb:8d:49:6e:d5:d6:52:53:5e:0a:93:87:b8:34:ee:
ae:55:81:00:d1:10:d8:84:68:8d:3e:e8:39:84:78:52:11:37:
fe:f8:14:a3:7a:4d:4e:b4:2a:d9:d2:2e:fe:fd:22:7d:0f:ee:
fb:41:38:21:fe:26:51:5d:d8:d1:a2:18:ed:ab:de:f0:9c:1d:
8e:e4:4b:a6:da:14:18:86:9e:fb:39:01:d3:61:03:2f:87:fa:
71:67:75:e9
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAnkaTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZmM2OTY0NjQ1N2E4YmY4ZWY5NTY5YjliNDI3ZTlmMmM0NjJlNTZlMB4XDTIyMDEw
MTAwNTI1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWM0MzQxMDE2YTcw
NmQzMzE0ZTljNjIwYjdhNDc2MDk3ODQ3MTgxYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfaKjhzQOxcvn0BJVGw6/oj66/EVWAfK4v29zVjOyNRCrPA
slyFqyBYK14uQKcFpU5GBwRm0gd2Gsbxn9uXOd+XmiCOqIFQB9rjVihu4/43q7hy
BP69hTUNycmkneqGKnR01KLuw8zJsi94dv6Clzw/lv5FIZvh2+SakQaXBcGgrvPX
Bh93w4Iopg/LZB0l593pe+PVbjudUAeO7T70fAHcrOLajQLQttlDaM2dNtp+/m8c
iDAIqBXBKTkXjjvEQlUciWWRwQnxsvevTsdhOE6ISAXcywMNpqwjhZ56p63fbaPg
EPTxfJftSdezJFS+pypaN45cjnLNnLqQz4cDXqkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSsQ0EBanBtMxTpxiC3pHYJeEcYHDAfBgNVHSMEGDAWgBSPxpZGRXqL+O+V
abm0J+nyxGLlbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2o4YVdSa1Y2aV9qdmxXbTV0Q2ZwOHNSaTVXNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvOWZhYjVjLWUxMzgtNGVmNi04Nzk5LWIwYjM1YTM0ZTM4OC8x
L3JFTkJBV3B3YlRNVTZjWWd0NlIyQ1hoSEdCdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
OWZhYjVjLWUxMzgtNGVmNi04Nzk5LWIwYjM1YTM0ZTM4OC8xL2o4YVdSa1Y2aV9q
dmxXbTV0Q2ZwOHNSaTVXNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAi1aFAMEAMJjcAMEAMJm7zANBgkq
hkiG9w0BAQsFAAOCAQEAduasAYgdIxZUvBMzAEh3sJbPFjfdAHHW3Ma+xbcfCCYy
qFBoO8hsIvQnNfgLPauM4uPODD3ko5vnAVDbqxTofsHwOvZeIV5q+OtVOOtsjRqi
HlucVGTOvlXo/TQKXkL3Qx5PnMjc/7tFmahmV231a7TS3FHFIJsXaTmtvj+dqNij
TWUFSIsB/KLb8RzJUoChsyp2+xsCQRwUJsFfzZixE/lNDGUyu41JbtXWUlNeCpOH
uDTurlWBANEQ2IRojT7oOYR4UhE3/vgUo3pNTrQq2dIu/v0ifQ/u+0E4If4mUV3Y
0aIY7ave8JwdjuRLptoUGIae+zkB02EDL4f6cWd16Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:29 2024 by rpki-client on console-fra.rpki-client.org