Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/VJ5WNV7uicWJQIQ70jHPRD3UsOI.roa
File: VJ5WNV7uicWJQIQ70jHPRD3UsOI.roa (raw, json)
Hash identifier: 54igPeziKV5wLQq6A0S2hi27Kn485vab0pEzd4zWaZ8=
Subject key identifier: 54:9E:56:35:5E:EE:89:C5:89:40:84:3B:D2:31:CF:44:3D:D4:B0:E2
Certificate issuer: /CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Certificate serial: 018468AAECEFBDA19C1712D3F4285F93AAE6
Authority key identifier: 5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/VJ5WNV7uicWJQIQ70jHPRD3UsOI.roa
Signing time: Fri 11 Nov 2022 21:49:03 +0000
ROA not before: Fri 11 Nov 2022 21:49:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50809
IP address blocks: 45.158.46.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:68:aa:ec:ef:bd:a1:9c:17:12:d3:f4:28:5f:93:aa:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Validity
Not Before: Nov 11 21:49:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=549e56355eee89c58940843bd231cf443dd4b0e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:69:53:78:39:2f:36:3a:1b:87:fa:18:3d:5c:
42:31:c5:6d:13:17:08:26:67:fe:1a:48:8c:2f:60:
e1:8e:6f:f0:ae:b2:7e:6b:7d:d0:04:5e:9d:f4:97:
52:96:3c:05:68:5b:de:0d:8f:41:e8:b2:a4:8e:b7:
ac:81:5d:ce:25:b4:6b:c0:8b:75:9d:ed:3f:5c:fc:
b8:28:b7:59:6f:35:d5:00:9a:c9:a3:b9:18:43:6e:
de:c2:4e:e2:48:34:5a:3d:52:65:4e:f0:c2:54:3e:
06:68:98:3c:73:1f:50:57:06:f0:43:2d:06:1a:e8:
b9:65:32:21:4f:3f:db:4f:f6:be:5e:bb:17:28:20:
8b:44:c1:09:3b:eb:86:a0:44:ae:2e:f9:e5:36:1f:
e0:da:ae:d6:8c:9c:1c:9e:b3:38:d0:9d:a1:1c:dd:
c5:7f:54:b9:e5:b0:fe:82:96:f6:ad:ea:dd:15:ff:
45:3c:e5:c4:a3:79:57:d3:42:19:66:ab:d5:8d:24:
d2:35:c5:09:cb:03:6e:d3:dd:09:ee:25:fa:43:c2:
87:eb:d2:a0:e2:0c:3a:cb:ad:f5:52:a7:ab:86:1e:
91:24:8c:cc:ca:89:05:79:21:a0:51:44:ad:98:5a:
89:2c:31:f6:1c:c2:3b:f9:bc:6d:8e:53:26:6d:0b:
7f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:9E:56:35:5E:EE:89:C5:89:40:84:3B:D2:31:CF:44:3D:D4:B0:E2
X509v3 Authority Key Identifier:
keyid:5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/VJ5WNV7uicWJQIQ70jHPRD3UsOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.46.0/24
Signature Algorithm: sha256WithRSAEncryption
67:2d:ff:1e:66:56:7d:1a:ee:35:b3:df:56:5a:44:c0:18:66:
d1:f3:fc:a8:0f:6e:36:80:f2:47:9f:aa:53:24:f9:9f:51:a9:
53:f3:71:69:1f:40:24:46:8f:43:60:f4:69:96:86:3c:a9:05:
4e:d6:f6:9f:b5:a9:4c:91:6e:18:fc:d0:b7:1b:35:05:a1:e6:
54:40:db:da:f9:f5:82:9a:41:cb:1b:2b:c6:c3:6d:19:bb:7e:
46:4b:d1:df:9d:80:0c:64:98:b8:50:62:5d:f2:8e:c3:76:f1:
9e:88:6f:5b:a0:62:ab:d0:89:24:98:99:f4:e3:08:c1:1c:ae:
07:4d:7a:63:0a:77:e4:80:46:32:62:12:6f:7b:1b:f1:05:72:
e6:0a:d0:8e:db:5e:b8:b4:5a:d1:88:ce:63:02:51:61:c8:a7:
e5:6b:3b:fa:1c:80:20:0f:ca:53:41:b3:91:0e:2f:53:f8:0d:
f3:65:8b:bf:60:be:1b:a0:e4:81:c0:f5:2e:a4:12:75:5b:c1:
13:70:b1:2d:af:e2:7b:57:1e:b9:a9:f9:f6:45:b0:7e:29:0f:
b1:16:6d:1d:f3:9d:b8:c8:44:54:68:03:87:58:3f:5a:fe:4f:
17:a7:68:75:44:42:7c:ca:4b:70:40:cd:5e:2a:e4:6f:38:52:
6e:b9:f9:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRoquzvvaGcFxLT9Chfk6rmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDc0ZTM5ZGRhNDAwZDEzNjEyNmU2YzNlZmIxY2Y5MzQ0
Mjc3ZWYwHhcNMjIxMTExMjE0OTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDllNTYzNTVlZWU4OWM1ODk0MDg0M2JkMjMxY2Y0NDNkZDRiMGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmlTeDkvNjobh/oYPVxCMcVtExcI
Jmf+GkiML2Dhjm/wrrJ+a33QBF6d9JdSljwFaFveDY9B6LKkjresgV3OJbRrwIt1
ne0/XPy4KLdZbzXVAJrJo7kYQ27ewk7iSDRaPVJlTvDCVD4GaJg8cx9QVwbwQy0G
Gui5ZTIhTz/bT/a+XrsXKCCLRMEJO+uGoESuLvnlNh/g2q7WjJwcnrM40J2hHN3F
f1S55bD+gpb2rerdFf9FPOXEo3lX00IZZqvVjSTSNcUJywNu090J7iX6Q8KH69Kg
4gw6y631Uqerhh6RJIzMyokFeSGgUUStmFqJLDH2HMI7+bxtjlMmbQt/7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFSeVjVe7onFiUCEO9Ixz0Q91LDiMB8GA1UdIwQY
MBaAFFvXTjndpADRNhJubD77HPk0QnfvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYt
YWQ3ODkwYzJlNzUyLzEvVko1V05WN3VpY1dKUUlRNzBqSFBSRDNVc09JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYtYWQ3ODkwYzJlNzUy
LzEvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ4uMA0G
CSqGSIb3DQEBCwUAA4IBAQBnLf8eZlZ9Gu41s99WWkTAGGbR8/yoD242gPJHn6pT
JPmfUalT83FpH0AkRo9DYPRploY8qQVO1vaftalMkW4Y/NC3GzUFoeZUQNva+fWC
mkHLGyvGw20Zu35GS9HfnYAMZJi4UGJd8o7DdvGeiG9boGKr0IkkmJn04wjBHK4H
TXpjCnfkgEYyYhJvexvxBXLmCtCO2164tFrRiM5jAlFhyKflazv6HIAgD8pTQbOR
Di9T+A3zZYu/YL4boOSBwPUupBJ1W8ETcLEtr+J7Vx65qfn2RbB+KQ+xFm0d8524
yERUaAOHWD9a/k8Xp2h1REJ8yktwQM1eKuRvOFJuufn6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:14 2024 by rpki-client on console-ams.rpki-client.org