Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/1ccbfd-a651-4c8e-9d60-ebbbb444286e/1/Hao0DUU0lnMfx265ZpIHCbFlkBU.roa
File: Hao0DUU0lnMfx265ZpIHCbFlkBU.roa (raw, json)
Hash identifier: Vws9mEfqhmhfXRWbpIrOBZDm0PJLeZeZmb/PwVSAdkY=
Subject key identifier: 1D:AA:34:0D:45:34:96:73:1F:C7:6E:B9:66:92:07:09:B1:65:90:15
Certificate issuer: /CN=de5e36f159f576988fb4e51d4101bb85d0d0c983
Certificate serial: 0183D6D366686FD99D277B31E42EEEB4AF30
Authority key identifier: DE:5E:36:F1:59:F5:76:98:8F:B4:E5:1D:41:01:BB:85:D0:D0:C9:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3l428Vn1dpiPtOUdQQG7hdDQyYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/1ccbfd-a651-4c8e-9d60-ebbbb444286e/1/Hao0DUU0lnMfx265ZpIHCbFlkBU.roa
Signing time: Fri 14 Oct 2022 14:08:41 +0000
ROA not before: Fri 14 Oct 2022 14:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39421
IP address blocks: 185.21.130.0/24 maxlen: 24
45.90.163.0/24 maxlen: 24
45.90.162.0/24 maxlen: 24
45.90.160.0/22 maxlen: 22
45.90.161.0/24 maxlen: 24
45.90.160.0/24 maxlen: 24
2a0c:8880::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d6:d3:66:68:6f:d9:9d:27:7b:31:e4:2e:ee:b4:af:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de5e36f159f576988fb4e51d4101bb85d0d0c983
Validity
Not Before: Oct 14 14:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1daa340d453496731fc76eb966920709b1659015
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:2d:f7:83:b6:27:e4:b4:2e:7e:fd:55:81:55:
21:32:60:c4:13:e1:51:15:cb:53:a1:c5:de:22:db:
e7:b6:00:e8:f1:b5:de:ab:18:c5:1f:1c:0a:5e:68:
77:25:f8:03:a7:eb:b0:a6:c7:a3:5f:31:a2:d1:a1:
cd:41:b6:1e:e6:d8:0e:a1:8e:cd:45:52:cc:95:13:
b5:67:e1:d3:61:06:17:a7:55:38:b2:ea:cf:fe:78:
99:8b:3a:68:01:78:1b:96:e3:8c:d3:ce:28:7e:da:
10:26:37:cf:af:d8:1b:9e:bf:56:20:d4:5a:24:29:
ad:b3:18:63:9f:b1:2c:1d:f6:1d:0d:31:93:29:60:
7f:8f:b4:a6:60:ee:37:90:ea:aa:a9:80:e4:1c:6b:
40:00:15:a7:69:c5:9f:ec:6e:ef:60:db:f6:36:08:
68:9f:22:70:e0:41:97:6b:0b:4c:41:56:36:62:d0:
16:2d:9f:d9:02:a6:c6:5f:c9:42:c8:96:3e:5e:b8:
d4:96:b7:b2:10:39:0a:21:24:80:5d:de:fd:7c:f4:
0a:f7:2e:7e:4f:83:5b:bd:a8:b3:b0:f3:94:71:ce:
f3:2b:6e:50:51:ce:4d:fa:30:91:6f:8a:db:52:f4:
b4:24:2d:a7:21:d2:a5:f3:c9:33:21:ad:92:67:38:
ef:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AA:34:0D:45:34:96:73:1F:C7:6E:B9:66:92:07:09:B1:65:90:15
X509v3 Authority Key Identifier:
keyid:DE:5E:36:F1:59:F5:76:98:8F:B4:E5:1D:41:01:BB:85:D0:D0:C9:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3l428Vn1dpiPtOUdQQG7hdDQyYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/1ccbfd-a651-4c8e-9d60-ebbbb444286e/1/Hao0DUU0lnMfx265ZpIHCbFlkBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/1ccbfd-a651-4c8e-9d60-ebbbb444286e/1/3l428Vn1dpiPtOUdQQG7hdDQyYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.160.0/22
185.21.130.0/24
IPv6:
2a0c:8880::/29
Signature Algorithm: sha256WithRSAEncryption
0a:95:e3:bf:75:46:08:14:ba:c7:df:e5:c9:18:ca:c7:67:a3:
3f:65:8a:ae:ce:78:a5:8e:ec:57:71:9a:5a:e2:f1:62:e6:cf:
f7:1f:62:7f:db:ce:93:81:43:f7:90:6e:9d:7e:b8:cc:26:dd:
9a:e4:44:ee:32:3d:de:2c:c0:69:d9:0e:d8:f0:3d:11:99:24:
ce:23:d9:15:4d:1d:fd:08:3e:00:50:f0:05:b5:7b:d6:51:7e:
1c:42:4f:d4:d4:9c:cc:b1:e9:dd:88:45:64:32:58:0b:f8:e0:
9c:e1:db:4c:78:71:fd:ec:5d:00:84:74:43:a1:43:8b:24:80:
d6:a1:75:6a:cc:3e:e6:b0:f5:c1:52:8d:ba:4f:03:34:b2:4f:
bc:b5:57:0d:2e:d1:08:b2:57:74:6c:ba:a7:8b:fa:b8:2d:0b:
58:17:ff:ba:59:59:cb:8e:15:a9:7d:11:ea:5f:c1:94:42:ab:
8c:b5:bb:68:37:bc:19:0d:cb:30:95:79:d5:35:90:fc:9f:53:
18:62:eb:39:80:b8:82:c9:24:57:71:b1:9a:1a:90:28:18:48:
5b:3f:0d:f3:0a:e9:55:6f:61:5c:fa:58:a4:5a:d7:b6:83:1e:
1a:bb:90:04:df:70:c0:77:39:bd:88:79:25:70:2f:4d:f8:75:
dc:b1:10:a8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYPW02Zob9mdJ3sx5C7utK8wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNWUzNmYxNTlmNTc2OTg4ZmI0ZTUxZDQxMDFiYjg1ZDBk
MGM5ODMwHhcNMjIxMDE0MTQwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGFhMzQwZDQ1MzQ5NjczMWZjNzZlYjk2NjkyMDcwOWIxNjU5MDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnC33g7Yn5LQufv1VgVUhMmDEE+FR
FctTocXeItvntgDo8bXeqxjFHxwKXmh3JfgDp+uwpsejXzGi0aHNQbYe5tgOoY7N
RVLMlRO1Z+HTYQYXp1U4surP/niZizpoAXgbluOM084oftoQJjfPr9gbnr9WINRa
JCmtsxhjn7EsHfYdDTGTKWB/j7SmYO43kOqqqYDkHGtAABWnacWf7G7vYNv2Ngho
nyJw4EGXawtMQVY2YtAWLZ/ZAqbGX8lCyJY+XrjUlreyEDkKISSAXd79fPQK9y5+
T4NbvaizsPOUcc7zK25QUc5N+jCRb4rbUvS0JC2nIdKl88kzIa2SZzjviQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB2qNA1FNJZzH8duuWaSBwmxZZAVMB8GA1UdIwQY
MBaAFN5eNvFZ9XaYj7TlHUEBu4XQ0MmDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2w0MjhWbjFkcGlQdE9VZFFRRzdoZERReVlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8xY2NiZmQtYTY1MS00YzhlLTlkNjAt
ZWJiYmI0NDQyODZlLzEvSGFvMERVVTBsbk1meDI2NVpwSUhDYkZsa0JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8xY2NiZmQtYTY1MS00YzhlLTlkNjAtZWJiYmI0NDQyODZl
LzEvM2w0MjhWbjFkcGlQdE9VZFFRRzdoZERReVlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVqgAwQA
uRWCMA0EAgACMAcDBQMqDIiAMA0GCSqGSIb3DQEBCwUAA4IBAQAKleO/dUYIFLrH
3+XJGMrHZ6M/ZYquzniljuxXcZpa4vFi5s/3H2J/286TgUP3kG6dfrjMJt2a5ETu
Mj3eLMBp2Q7Y8D0RmSTOI9kVTR39CD4AUPAFtXvWUX4cQk/U1JzMsendiEVkMlgL
+OCc4dtMeHH97F0AhHRDoUOLJIDWoXVqzD7msPXBUo26TwM0sk+8tVcNLtEIsld0
bLqni/q4LQtYF/+6WVnLjhWpfRHqX8GUQquMtbtoN7wZDcswlXnVNZD8n1MYYus5
gLiCySRXcbGaGpAoGEhbPw3zCulVb2Fc+likWte2gx4au5AE33DAdzm9iHklcC9N
+HXcsRCo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:43 2024 by rpki-client on console-fra.rpki-client.org