Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sGdRgLJ4lp_d538QWXln3fBnXtI.roa
File: sGdRgLJ4lp_d538QWXln3fBnXtI.roa (raw, json)
Hash identifier: 2qi89U+lwKok5ihCdabaBstv/6XBbP4bz3e1ivvA5Uw=
Subject key identifier: B0:67:51:80:B2:78:96:9F:DD:E7:7F:10:59:79:67:DD:F0:67:5E:D2
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01856F79733A7DD8A90038406952D3989826
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sGdRgLJ4lp_d538QWXln3fBnXtI.roa
Signing time: Sun 01 Jan 2023 22:35:08 +0000
ROA not before: Sun 01 Jan 2023 22:35:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7922
IP address blocks: 45.89.156.0/22 maxlen: 22
45.89.84.0/22 maxlen: 22
45.91.112.0/22 maxlen: 22
45.90.172.0/22 maxlen: 22
45.93.164.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:73:3a:7d:d8:a9:00:38:40:69:52:d3:98:98:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 22:35:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0675180b278969fdde77f10597967ddf0675ed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ac:4f:18:93:93:c4:22:67:22:7b:40:b0:95:
34:01:a0:4e:7f:ac:81:7c:6f:57:6a:6b:87:7a:a8:
7a:f6:13:4a:bb:e1:46:c3:1e:97:ea:01:2c:34:e4:
57:e5:a0:e6:1a:ac:50:d6:5d:1b:3d:3f:30:79:49:
f7:3a:59:46:93:b1:35:9b:0a:f6:23:1a:b6:0b:37:
b3:8f:33:e3:29:c3:6b:eb:db:f7:fd:ae:6d:ae:28:
1b:13:49:c5:92:14:ce:0b:c8:a8:f4:f1:36:78:fb:
6f:3d:21:1d:f4:5e:7a:10:cd:13:8e:36:dd:49:ed:
14:85:31:a1:ab:43:2f:4b:04:6e:1e:1a:ef:03:e4:
cd:2d:8f:76:36:cb:88:5c:90:26:a4:9b:9a:e2:be:
a0:7e:75:a1:03:f0:a2:59:ee:58:4f:c6:0c:a7:53:
9d:59:e0:22:c0:aa:56:32:8d:c5:04:25:47:cf:f6:
75:aa:17:4c:38:ed:5e:80:c2:21:1c:32:76:6d:07:
87:d1:35:f4:08:54:4c:13:3e:ed:3b:a5:93:ad:bf:
e6:31:95:4b:a4:5f:cf:cd:2f:9b:5a:97:58:6b:d2:
56:39:fe:89:28:d2:13:06:93:87:63:ee:e9:23:85:
d7:03:18:a9:d6:b7:1d:80:f5:40:31:46:bc:40:d2:
61:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:67:51:80:B2:78:96:9F:DD:E7:7F:10:59:79:67:DD:F0:67:5E:D2
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sGdRgLJ4lp_d538QWXln3fBnXtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.84.0/22
45.89.156.0/22
45.90.172.0/22
45.91.112.0/22
45.93.164.0/22
Signature Algorithm: sha256WithRSAEncryption
86:51:69:ab:ed:0c:c7:1d:6d:ce:12:5c:5c:c5:8d:a9:7b:c1:
76:d9:3d:8b:4b:ff:e4:5e:a6:4c:dc:3d:54:8b:0c:76:b3:55:
a5:ef:59:fb:7e:0e:bf:e2:28:5e:ee:dd:88:9d:09:84:93:06:
90:8a:1c:3a:aa:2b:d3:3f:9e:b9:04:50:20:9b:5c:6f:a3:55:
76:57:78:e6:49:ac:8f:f9:9e:c2:9f:c4:b6:67:2e:3d:e5:65:
a7:89:83:05:0c:68:96:9d:82:2f:d0:40:72:62:e4:0f:4c:04:
ae:05:ed:9c:bd:dd:e7:1a:cd:ef:3e:0e:99:81:03:ea:83:eb:
22:45:ef:23:35:25:c8:8d:16:d1:be:17:c8:79:a1:c8:7b:d9:
e0:6a:e8:4f:77:68:1a:7e:a8:52:dd:4a:a2:91:1e:3a:3a:cf:
ce:cf:b2:ad:a8:4c:6a:2d:ab:db:1a:d8:51:35:d2:7a:da:9b:
38:7e:14:3d:e6:15:1c:c7:f2:b2:14:d1:eb:88:0f:49:ef:63:
6f:4d:b4:12:bd:51:a8:d2:79:8c:b6:44:22:b1:f3:a6:ce:38:
47:d2:97:26:13:22:2e:ab:2b:23:37:bb:e7:4d:fc:5e:24:25:
06:5a:d2:e3:0d:74:be:c6:4e:71:d6:b5:a4:d1:79:eb:e0:97:
ef:84:89:b1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVveXM6fdipADhAaVLTmJgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDY3NTE4MGIyNzg5NjlmZGRlNzdmMTA1OTc5NjdkZGYwNjc1ZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKxPGJOTxCJnIntAsJU0AaBOf6yB
fG9XamuHeqh69hNKu+FGwx6X6gEsNORX5aDmGqxQ1l0bPT8weUn3OllGk7E1mwr2
Ixq2CzezjzPjKcNr69v3/a5trigbE0nFkhTOC8io9PE2ePtvPSEd9F56EM0Tjjbd
Se0UhTGhq0MvSwRuHhrvA+TNLY92NsuIXJAmpJua4r6gfnWhA/CiWe5YT8YMp1Od
WeAiwKpWMo3FBCVHz/Z1qhdMOO1egMIhHDJ2bQeH0TX0CFRMEz7tO6WTrb/mMZVL
pF/PzS+bWpdYa9JWOf6JKNITBpOHY+7pI4XXAxip1rcdgPVAMUa8QNJhlQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLBnUYCyeJaf3ed/EFl5Z93wZ17SMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvc0dkUmdMSjRscF9kNTM4UVdYbG4zZkJuWHRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLVlUAwQC
LVmcAwQCLVqsAwQCLVtwAwQCLV2kMA0GCSqGSIb3DQEBCwUAA4IBAQCGUWmr7QzH
HW3OElxcxY2pe8F22T2LS//kXqZM3D1Uiwx2s1Wl71n7fg6/4ihe7t2InQmEkwaQ
ihw6qivTP565BFAgm1xvo1V2V3jmSayP+Z7Cn8S2Zy495WWniYMFDGiWnYIv0EBy
YuQPTASuBe2cvd3nGs3vPg6ZgQPqg+siRe8jNSXIjRbRvhfIeaHIe9ngauhPd2ga
fqhS3UqikR46Os/Oz7KtqExqLavbGthRNdJ62ps4fhQ95hUcx/KyFNHriA9J72Nv
TbQSvVGo0nmMtkQisfOmzjhH0pcmEyIuqysjN7vnTfxeJCUGWtLjDXS+xk5x1rWk
0Xnr4JfvhImx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:52 2024 by rpki-client on console-ams.rpki-client.org