Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/aKjOubxNpTLJGDrVi_jGsygTqYA.roa
File: aKjOubxNpTLJGDrVi_jGsygTqYA.roa (raw, json)
Hash identifier: Ro4t6LloOM5gwkPG9uTG4MyyeXHlUnJpRuuDIQ0fQro=
Subject key identifier: 68:A8:CE:B9:BC:4D:A5:32:C9:18:3A:D5:8B:F8:C6:B3:28:13:A9:80
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 19CBABE0
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/aKjOubxNpTLJGDrVi_jGsygTqYA.roa
Signing time: Sat 01 Jan 2022 15:56:36 +0000
ROA not before: Sat 01 Jan 2022 15:56:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7922
IP address blocks: 45.89.156.0/22 maxlen: 22
45.89.84.0/22 maxlen: 22
45.91.112.0/22 maxlen: 22
45.90.172.0/22 maxlen: 22
45.93.164.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 432778208 (0x19cbabe0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 15:56:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68a8ceb9bc4da532c9183ad58bf8c6b32813a980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b6:ae:32:9d:f2:92:01:32:31:c2:d9:b2:6b:
58:b5:f1:66:37:7e:a1:b6:3d:b6:66:8a:9a:51:de:
67:c3:01:15:cf:77:9b:d9:7a:45:23:6b:80:ce:26:
39:f0:e9:71:0b:85:27:f0:33:83:3e:69:bc:11:c2:
0d:74:c0:b0:91:a8:11:75:ed:06:dc:ee:72:60:e9:
93:f8:61:30:63:9c:de:83:b3:e8:86:fb:78:7c:e3:
56:15:85:f0:1f:78:9f:44:c6:75:4b:76:28:a2:45:
7a:31:d2:1a:16:ef:2e:c2:81:fb:6a:78:81:30:e6:
06:9e:04:50:b7:a2:1a:56:b4:0d:64:c6:40:7b:e1:
fc:ca:aa:a9:aa:f9:a6:31:ab:2c:19:d7:d8:97:7f:
ad:26:b7:86:67:03:0a:38:f2:f7:41:44:ec:02:5b:
c3:33:3e:51:c3:9e:6c:d9:e4:2e:45:ba:d2:86:4f:
4a:1f:33:50:a5:3e:7c:8d:e8:66:95:15:5f:61:d3:
a1:9e:14:4e:de:06:95:41:51:cf:da:b9:c9:d9:b1:
7f:61:26:5e:51:e0:02:52:fb:3c:77:08:f4:5a:f7:
88:ef:cd:e7:2a:6f:f5:61:db:5e:67:0b:12:b8:9e:
ac:43:16:00:1a:5c:39:cf:b6:ac:2b:be:99:b0:39:
81:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A8:CE:B9:BC:4D:A5:32:C9:18:3A:D5:8B:F8:C6:B3:28:13:A9:80
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/aKjOubxNpTLJGDrVi_jGsygTqYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.84.0/22
45.89.156.0/22
45.90.172.0/22
45.91.112.0/22
45.93.164.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:d0:50:2a:c7:7b:9c:50:a2:d7:7d:27:f9:76:24:ec:2f:d2:
c8:a6:ce:93:a4:a7:d9:07:fc:65:c9:b3:16:51:75:a7:00:3c:
d7:42:d1:19:39:b1:43:15:1c:ba:1f:9d:28:cb:f1:db:5b:3b:
4d:39:4e:ee:9b:73:66:78:dd:d3:e2:79:df:e6:38:55:39:95:
bf:a7:7d:ae:85:ea:40:d8:07:25:a6:ea:72:b7:0b:47:a3:7c:
11:77:00:89:20:9c:a7:c7:88:fa:06:af:f3:9e:95:47:c2:50:
bd:28:40:5c:cd:52:92:49:04:bd:f2:83:ac:70:3d:97:ce:20:
04:fe:a2:39:ec:7a:56:04:2c:6c:a6:3e:a7:f4:7e:a9:65:ca:
4f:83:5c:ae:28:bc:c1:bd:9b:a8:3e:e0:35:bd:ff:bb:91:30:
9f:18:80:da:28:b5:42:c4:73:d5:9b:dc:16:8e:1e:1d:b4:62:
d7:b3:f3:1a:d3:a5:8e:9e:9b:03:33:bb:11:ed:95:0d:f8:a9:
36:7b:15:37:d1:a4:06:53:d9:0b:7e:47:2a:6b:21:05:57:19:
4f:51:c6:33:46:c6:4a:10:92:5f:84:69:88:7b:73:b6:cf:30:
2e:1f:97:ce:52:87:dc:43:83:25:1a:16:17:17:5f:24:01:b8:
30:b7:0e:04
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEGcur4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTU1MDA5YzNkZTQyMWNjNGU2N2I5YTlhZTQyM2JiMzVkZTBiOTI2MB4XDTIyMDEw
MTE1NTYzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhhOGNlYjliYzRk
YTUzMmM5MTgzYWQ1OGJmOGM2YjMyODEzYTk4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKu2rjKd8pIBMjHC2bJrWLXxZjd+obY9tmaKmlHeZ8MBFc93
m9l6RSNrgM4mOfDpcQuFJ/Azgz5pvBHCDXTAsJGoEXXtBtzucmDpk/hhMGOc3oOz
6Ib7eHzjVhWF8B94n0TGdUt2KKJFejHSGhbvLsKB+2p4gTDmBp4EULeiGla0DWTG
QHvh/Mqqqar5pjGrLBnX2Jd/rSa3hmcDCjjy90FE7AJbwzM+UcOebNnkLkW60oZP
Sh8zUKU+fI3oZpUVX2HToZ4UTt4GlUFRz9q5ydmxf2EmXlHgAlL7PHcI9Fr3iO/N
5ypv9WHbXmcLErierEMWABpcOc+2rCu+mbA5gdECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRoqM65vE2lMskYOtWL+MazKBOpgDAfBgNVHSMEGDAWgBSxVQCcPeQhzE5n
uamuQjuzXeC5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NWVUFuRDNrSWN4T1o3bXBya0k3czEzZ3VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8x
L2FLak91YnhOcFRMSkdEclZpX2pHc3lnVHFZQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8xL3NWVUFuRDNrSWN4
T1o3bXBya0k3czEzZ3VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAi1ZVAMEAi1ZnAMEAi1arAMEAi1b
cAMEAi1dpDANBgkqhkiG9w0BAQsFAAOCAQEATNBQKsd7nFCi130n+XYk7C/SyKbO
k6Sn2Qf8ZcmzFlF1pwA810LRGTmxQxUcuh+dKMvx21s7TTlO7ptzZnjd0+J53+Y4
VTmVv6d9roXqQNgHJabqcrcLR6N8EXcAiSCcp8eI+gav856VR8JQvShAXM1SkkkE
vfKDrHA9l84gBP6iOex6VgQsbKY+p/R+qWXKT4Ncrii8wb2bqD7gNb3/u5EwnxiA
2ii1QsRz1ZvcFo4eHbRi17PzGtOljp6bAzO7Ee2VDfipNnsVN9GkBlPZC35HKmsh
BVcZT1HGM0bGShCSX4RpiHtzts8wLh+XzlKH3EODJRoWFxdfJAG4MLcOBA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:32 2023 by rpki-client on console-fra.rpki-client.org