Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/c52cd2-42f8-412e-a1c9-e175837ef938/1/90uepX7fqbIbLjT1_V4yVpJ5ofI.roa
File: 90uepX7fqbIbLjT1_V4yVpJ5ofI.roa (raw, json)
Hash identifier: MLs1YgnaZsAcwWvUiPK0qKjzbeHbna/5ORU/7h1O8dc=
Subject key identifier: F7:4B:9E:A5:7E:DF:A9:B2:1B:2E:34:F5:FD:5E:32:56:92:79:A1:F2
Certificate issuer: /CN=a9b36504f5b241f91d27efcfe178bc0ba6b2b9b3
Certificate serial: 018CC8DEF263242AED3002033A2394C5325A
Authority key identifier: A9:B3:65:04:F5:B2:41:F9:1D:27:EF:CF:E1:78:BC:0B:A6:B2:B9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qbNlBPWyQfkdJ-_P4Xi8C6ayubM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/c52cd2-42f8-412e-a1c9-e175837ef938/1/90uepX7fqbIbLjT1_V4yVpJ5ofI.roa
Signing time: Tue 02 Jan 2024 06:31:43 +0000
ROA not before: Tue 02 Jan 2024 06:31:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208942
IP address blocks: 45.14.232.0/22 maxlen: 22
2a0e:1580::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:f2:63:24:2a:ed:30:02:03:3a:23:94:c5:32:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9b36504f5b241f91d27efcfe178bc0ba6b2b9b3
Validity
Not Before: Jan 2 06:31:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f74b9ea57edfa9b21b2e34f5fd5e32569279a1f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:42:ba:77:44:31:4a:3e:c1:6d:3f:47:ff:5e:
b2:65:a3:5a:1f:5a:97:68:f4:f4:11:1a:d9:06:19:
ac:27:97:b5:f8:5b:6f:bb:bb:c3:ba:54:30:0e:04:
8f:9f:f6:90:9a:42:f9:61:03:aa:e1:0e:c8:6e:c5:
50:aa:54:fd:96:a8:2a:a6:d3:8b:9b:20:45:12:18:
f5:69:68:fa:fe:42:d8:1d:0a:61:d3:21:d9:c4:a8:
0d:b6:47:33:07:fe:18:da:aa:63:ac:18:ea:1a:d7:
91:b1:bd:c5:bd:7f:1d:16:d9:15:b6:1c:68:92:87:
fb:ef:5a:7a:b4:76:d0:e6:54:0e:24:58:9a:54:27:
de:93:cf:a7:9b:08:81:62:1c:8f:7d:e6:c6:1e:c9:
58:d3:63:2d:8f:f8:31:96:90:0e:55:09:24:6e:8c:
d1:42:8f:31:25:07:71:6a:ca:62:85:7c:8a:11:ab:
60:e9:ce:d8:49:02:c0:da:f6:7b:ea:98:d2:ca:61:
de:f7:09:51:bc:5c:8e:e7:be:7e:0a:c2:6e:eb:31:
f0:c9:ef:6d:90:4e:8f:d5:b1:77:e4:79:a5:38:44:
3f:17:39:60:f8:e3:37:0d:f2:9e:33:ed:80:b4:c3:
d2:8b:d6:e6:9e:d7:5e:43:a9:37:85:b6:c2:0d:98:
48:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:4B:9E:A5:7E:DF:A9:B2:1B:2E:34:F5:FD:5E:32:56:92:79:A1:F2
X509v3 Authority Key Identifier:
keyid:A9:B3:65:04:F5:B2:41:F9:1D:27:EF:CF:E1:78:BC:0B:A6:B2:B9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbNlBPWyQfkdJ-_P4Xi8C6ayubM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/c52cd2-42f8-412e-a1c9-e175837ef938/1/90uepX7fqbIbLjT1_V4yVpJ5ofI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/c52cd2-42f8-412e-a1c9-e175837ef938/1/qbNlBPWyQfkdJ-_P4Xi8C6ayubM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.232.0/22
IPv6:
2a0e:1580::/29
Signature Algorithm: sha256WithRSAEncryption
5d:ae:e1:17:9e:4b:48:7a:23:6d:20:64:13:0b:1b:f1:da:83:
60:ee:84:fa:6d:89:f8:a6:45:8c:88:bc:e2:7f:19:f6:d3:22:
f9:5e:5e:36:28:4d:47:8e:e4:7a:b3:96:43:04:d5:a9:4c:99:
00:1f:f7:8c:46:84:19:a4:d1:e3:0a:6d:21:52:b7:fe:c5:d4:
9b:f7:d8:7c:ee:f6:fb:d7:a7:79:bd:13:44:bb:87:6a:49:0e:
e7:75:db:6e:e8:3b:9f:76:a9:4e:94:11:c4:8d:ae:8a:5e:18:
50:9a:b4:fc:7e:8e:89:8b:25:e2:f0:ef:8b:58:77:05:94:94:
c3:c9:0c:6c:da:c5:08:11:ff:88:9f:b2:7c:29:4a:2a:1c:f1:
b4:b4:d0:49:24:7a:02:4e:31:02:8b:43:67:65:37:34:49:36:
7d:6c:f4:a2:eb:55:36:33:95:70:1d:1a:48:21:fb:5c:7e:03:
b1:52:ff:9d:a5:9e:c9:ae:8c:2c:38:58:5b:2e:fb:16:bd:9f:
37:59:48:98:8f:fc:15:c8:66:cd:09:cc:3d:2e:7a:e1:60:67:
38:70:d9:2a:c5:9a:71:dd:5c:14:46:e4:fc:d6:79:fe:00:af:
16:ba:69:79:5c:06:ea:d9:ff:11:ab:3e:3b:91:d5:ed:17:4b:
60:89:d0:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3vJjJCrtMAIDOiOUxTJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YjM2NTA0ZjViMjQxZjkxZDI3ZWZjZmUxNzhiYzBiYTZi
MmI5YjMwHhcNMjQwMTAyMDYzMTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzRiOWVhNTdlZGZhOWIyMWIyZTM0ZjVmZDVlMzI1NjkyNzlhMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10K6d0QxSj7BbT9H/16yZaNaH1qX
aPT0ERrZBhmsJ5e1+Ftvu7vDulQwDgSPn/aQmkL5YQOq4Q7IbsVQqlT9lqgqptOL
myBFEhj1aWj6/kLYHQph0yHZxKgNtkczB/4Y2qpjrBjqGteRsb3FvX8dFtkVthxo
kof771p6tHbQ5lQOJFiaVCfek8+nmwiBYhyPfebGHslY02Mtj/gxlpAOVQkkbozR
Qo8xJQdxaspihXyKEatg6c7YSQLA2vZ76pjSymHe9wlRvFyO575+CsJu6zHwye9t
kE6P1bF35HmlOEQ/Fzlg+OM3DfKeM+2AtMPSi9bmntdeQ6k3hbbCDZhIuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPdLnqV+36myGy409f1eMlaSeaHyMB8GA1UdIwQY
MBaAFKmzZQT1skH5HSfvz+F4vAumsrmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWJObEJQV3lRZmtkSi1fUDRYaThDNmF5dWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9jNTJjZDItNDJmOC00MTJlLWExYzkt
ZTE3NTgzN2VmOTM4LzEvOTB1ZXBYN2ZxYkliTGpUMV9WNHlWcEo1b2ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9jNTJjZDItNDJmOC00MTJlLWExYzktZTE3NTgzN2VmOTM4
LzEvcWJObEJQV3lRZmtkSi1fUDRYaThDNmF5dWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQ7oMA0E
AgACMAcDBQMqDhWAMA0GCSqGSIb3DQEBCwUAA4IBAQBdruEXnktIeiNtIGQTCxvx
2oNg7oT6bYn4pkWMiLzifxn20yL5Xl42KE1HjuR6s5ZDBNWpTJkAH/eMRoQZpNHj
Cm0hUrf+xdSb99h87vb716d5vRNEu4dqSQ7nddtu6DufdqlOlBHEja6KXhhQmrT8
fo6JiyXi8O+LWHcFlJTDyQxs2sUIEf+In7J8KUoqHPG0tNBJJHoCTjECi0NnZTc0
STZ9bPSi61U2M5VwHRpIIftcfgOxUv+dpZ7JrowsOFhbLvsWvZ83WUiYj/wVyGbN
Ccw9LnrhYGc4cNkqxZpx3VwURuT81nn+AK8Wuml5XAbq2f8Rqz47kdXtF0tgidCM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:24 2024 by rpki-client on console-ams.rpki-client.org