Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/rW49Ob5Fx_Ef9TZpoJlUXhIUKHU.roa
File: rW49Ob5Fx_Ef9TZpoJlUXhIUKHU.roa (raw, json)
Hash identifier: YwiR4QsIkbUKkHdbymX8sHazShn3Rx9onrKd0twr9Mw=
Subject key identifier: AD:6E:3D:39:BE:45:C7:F1:1F:F5:36:69:A0:99:54:5E:12:14:28:75
Certificate issuer: /CN=5d382238289a8802cf52b67d9bf4ae87a50933c3
Certificate serial: 06475B1C
Authority key identifier: 5D:38:22:38:28:9A:88:02:CF:52:B6:7D:9B:F4:AE:87:A5:09:33:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/rW49Ob5Fx_Ef9TZpoJlUXhIUKHU.roa
Signing time: Sat 19 Mar 2022 20:49:53 +0000
ROA not before: Sat 19 Mar 2022 20:49:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209465
IP address blocks: 45.90.80.0/24 maxlen: 24
171.22.151.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 105339676 (0x6475b1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d382238289a8802cf52b67d9bf4ae87a50933c3
Validity
Not Before: Mar 19 20:49:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad6e3d39be45c7f11ff53669a099545e12142875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e2:c7:e4:0f:2e:ef:2d:a7:37:4e:16:8d:5a:
ae:d2:be:7c:f8:3e:4d:52:89:4e:c5:00:25:0b:86:
3d:eb:8f:93:dc:a0:97:d9:07:18:88:b8:b0:6f:28:
c0:44:a5:69:9b:5a:66:ef:5f:0e:53:f2:56:2b:0e:
1b:a1:49:cf:61:8a:bc:69:15:c6:b7:46:03:d3:ac:
19:80:be:09:f7:1e:1a:1c:01:0e:30:03:7b:2d:94:
13:c9:1b:46:36:12:49:09:75:b4:e8:7c:e0:c0:42:
2d:b4:40:e4:d1:ad:8a:85:c3:b3:24:b2:95:7e:dc:
60:84:bf:d9:b6:37:c9:bb:f4:cd:ff:01:48:bd:9f:
f7:7a:91:76:fd:a2:a8:a7:fe:cd:ed:77:05:0e:da:
75:ac:bf:02:cf:e9:9c:80:8d:c4:7f:50:fe:f3:b8:
3f:8a:d6:27:83:90:4e:59:37:d9:78:c3:82:03:f1:
42:91:a0:ac:ae:c2:3a:7e:34:68:4c:cf:0d:c5:4f:
75:0c:79:7a:eb:b3:85:86:6b:60:33:1f:f9:e1:52:
fc:98:ca:7b:ea:97:06:01:c7:27:c9:2e:60:cb:2f:
88:81:a1:6e:28:36:fb:f2:d2:23:58:46:58:15:c0:
39:7d:b4:48:6f:dd:a2:d4:58:ce:0d:0b:20:91:fc:
64:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:6E:3D:39:BE:45:C7:F1:1F:F5:36:69:A0:99:54:5E:12:14:28:75
X509v3 Authority Key Identifier:
keyid:5D:38:22:38:28:9A:88:02:CF:52:B6:7D:9B:F4:AE:87:A5:09:33:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTgiOCiaiALPUrZ9m_Suh6UJM8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/rW49Ob5Fx_Ef9TZpoJlUXhIUKHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/85018a-c238-4319-ad42-885757c1248f/1/XTgiOCiaiALPUrZ9m_Suh6UJM8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.80.0/24
171.22.151.0/24
Signature Algorithm: sha256WithRSAEncryption
10:fa:89:3a:4d:df:34:01:6c:54:4c:29:32:ec:70:fa:a6:88:
09:45:ba:cd:e1:5f:a9:94:51:8a:b5:cf:16:1e:f5:4f:81:b3:
d5:3f:3a:01:af:cd:13:38:40:b7:a8:68:b7:be:48:0e:5c:9a:
e7:0c:f5:f0:5b:54:24:b6:02:32:eb:ef:b3:b6:82:5d:8b:5c:
bd:f9:90:6c:e7:f1:d4:02:3d:35:9c:3e:61:b5:b2:a2:2d:30:
85:cc:47:4d:51:92:3b:14:12:2d:b8:cf:10:4a:8e:2a:08:7d:
24:13:a0:4a:eb:36:43:9a:5a:b9:b4:e4:d7:db:a7:7e:92:a9:
63:2b:e2:1c:74:21:f7:dc:87:e1:f1:f9:04:4a:28:e3:d9:32:
32:0f:fb:0b:46:fd:aa:1b:bd:16:f1:01:1f:79:bc:3b:7b:5f:
5c:17:72:9c:45:b4:2b:a0:af:a3:6c:d1:d5:eb:8d:27:a6:06:
82:c0:a5:75:a6:c8:be:3d:b6:fb:22:a7:8c:c0:36:07:c1:07:
d6:cd:dd:b8:9d:f9:ca:d5:e6:b4:0a:69:05:2f:68:5e:67:25:
9e:21:d7:c8:76:70:19:7d:8e:c9:2d:63:e8:8e:2f:56:6a:4c:
0a:2d:81:79:1e:f5:20:c4:7a:ff:8e:45:02:31:23:14:d6:83:
d3:80:32:8d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBkdbHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZDM4MjIzODI4OWE4ODAyY2Y1MmI2N2Q5YmY0YWU4N2E1MDkzM2MzMB4XDTIyMDMx
OTIwNDk1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWQ2ZTNkMzliZTQ1
YzdmMTFmZjUzNjY5YTA5OTU0NWUxMjE0Mjg3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJPix+QPLu8tpzdOFo1artK+fPg+TVKJTsUAJQuGPeuPk9yg
l9kHGIi4sG8owESlaZtaZu9fDlPyVisOG6FJz2GKvGkVxrdGA9OsGYC+CfceGhwB
DjADey2UE8kbRjYSSQl1tOh84MBCLbRA5NGtioXDsySylX7cYIS/2bY3ybv0zf8B
SL2f93qRdv2iqKf+ze13BQ7aday/As/pnICNxH9Q/vO4P4rWJ4OQTlk32XjDggPx
QpGgrK7COn40aEzPDcVPdQx5euuzhYZrYDMf+eFS/JjKe+qXBgHHJ8kuYMsviIGh
big2+/LSI1hGWBXAOX20SG/dotRYzg0LIJH8ZMECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBStbj05vkXH8R/1NmmgmVReEhQodTAfBgNVHSMEGDAWgBRdOCI4KJqIAs9S
tn2b9K6HpQkzwzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hUZ2lPQ2lhaUFMUFVyWjltX1N1aDZVSk04TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvODUwMThhLWMyMzgtNDMxOS1hZDQyLTg4NTc1N2MxMjQ4Zi8x
L3JXNDlPYjVGeF9FZjlUWnBvSmxVWGhJVUtIVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
ODUwMThhLWMyMzgtNDMxOS1hZDQyLTg4NTc1N2MxMjQ4Zi8xL1hUZ2lPQ2lhaUFM
UFVyWjltX1N1aDZVSk04TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC1aUAMEAKsWlzANBgkqhkiG9w0B
AQsFAAOCAQEAEPqJOk3fNAFsVEwpMuxw+qaICUW6zeFfqZRRirXPFh71T4Gz1T86
Aa/NEzhAt6hot75IDlya5wz18FtUJLYCMuvvs7aCXYtcvfmQbOfx1AI9NZw+YbWy
oi0whcxHTVGSOxQSLbjPEEqOKgh9JBOgSus2Q5paubTk19unfpKpYyviHHQh99yH
4fH5BEoo49kyMg/7C0b9qhu9FvEBH3m8O3tfXBdynEW0K6Cvo2zR1euNJ6YGgsCl
dabIvj22+yKnjMA2B8EH1s3duJ35ytXmtAppBS9oXmclniHXyHZwGX2OyS1j6I4v
VmpMCi2BeR71IMR6/45FAjEjFNaD04AyjQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:19 2023 by rpki-client on console-ams.rpki-client.org