Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/mSN9y8nFub0vB_ADc6jQZI1xr6g.roa
File: mSN9y8nFub0vB_ADc6jQZI1xr6g.roa (raw, json)
Hash identifier: VND9qNN2o4v6UUOfpZez6tNLpe6e5pWp9kG+vOhVPKQ=
Subject key identifier: 99:23:7D:CB:C9:C5:B9:BD:2F:07:F0:03:73:A8:D0:64:8D:71:AF:A8
Certificate issuer: /CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Certificate serial: 01857102D704C4DCEE7E19C3C6E575647479
Authority key identifier: 5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/mSN9y8nFub0vB_ADc6jQZI1xr6g.roa
Signing time: Mon 02 Jan 2023 05:44:49 +0000
ROA not before: Mon 02 Jan 2023 05:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50809
IP address blocks: 45.158.46.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:d7:04:c4:dc:ee:7e:19:c3:c6:e5:75:64:74:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bd74e39dda400d136126e6c3efb1cf9344277ef
Validity
Not Before: Jan 2 05:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99237dcbc9c5b9bd2f07f00373a8d0648d71afa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:7a:4f:7a:44:4f:08:14:4c:70:2e:f0:b0:39:
2a:cb:0b:e0:7b:53:88:fa:a7:fc:df:6b:fa:77:a2:
ee:88:0e:cd:30:2d:6f:22:98:6f:c4:14:ae:35:2f:
91:1b:58:59:32:66:54:23:0b:bd:5f:41:3c:54:df:
71:e2:d8:ee:48:77:2d:fb:46:e9:5a:df:47:15:72:
98:c9:66:d4:44:41:d2:94:1b:89:a9:48:65:3b:ff:
01:6e:a8:f9:17:65:34:37:2d:74:b7:bf:cb:d6:4d:
70:fc:1e:9f:76:42:d7:9a:03:68:ab:54:2e:63:37:
04:02:bf:6b:f9:48:a1:0e:ef:1a:16:19:e9:ec:c4:
4f:a8:a8:ed:3a:23:33:48:8b:9c:df:73:e3:2c:ea:
2c:1c:0d:4e:fa:7b:8c:d1:6b:01:9e:f3:70:71:ff:
79:af:9e:48:3f:b4:a1:10:34:a3:fb:8c:14:32:fc:
4e:22:d8:fc:0b:97:49:a6:66:d1:37:df:66:f2:57:
1f:97:66:84:4a:c0:10:46:eb:26:8f:f8:9b:52:60:
7e:3b:44:c7:03:8c:7d:12:7e:e7:92:2d:16:9e:dc:
9c:52:26:88:3b:a8:04:3d:f1:4d:57:94:da:c2:1f:
95:e1:09:c4:78:00:4a:1a:b2:e4:d0:3d:d9:2c:2d:
23:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:23:7D:CB:C9:C5:B9:BD:2F:07:F0:03:73:A8:D0:64:8D:71:AF:A8
X509v3 Authority Key Identifier:
keyid:5B:D7:4E:39:DD:A4:00:D1:36:12:6E:6C:3E:FB:1C:F9:34:42:77:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W9dOOd2kANE2Em5sPvsc-TRCd-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/mSN9y8nFub0vB_ADc6jQZI1xr6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/89ec25-72dc-4f0f-8b2f-ad7890c2e752/1/W9dOOd2kANE2Em5sPvsc-TRCd-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.46.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:96:8e:63:ee:5e:c0:f5:db:2f:94:d0:b7:c0:9b:97:d9:92:
38:8a:fb:76:ba:81:ad:01:db:2b:9a:ad:fe:d9:76:29:87:4a:
0e:1d:31:27:d6:ca:e1:6d:0d:a6:79:93:c6:dc:7d:53:14:c3:
4b:cc:e6:d3:36:52:9f:ad:78:af:f4:6d:db:c6:81:47:91:a0:
fd:bc:e8:bc:6a:90:cc:67:a8:30:9e:87:b3:27:bc:70:ff:63:
7b:52:e5:91:bd:19:b5:8c:e6:5c:34:86:53:91:d9:99:1c:be:
03:86:d3:10:ae:4a:60:01:76:27:6e:26:1e:3a:40:eb:c6:84:
a3:e8:59:c8:b5:36:7a:2e:c6:10:21:9d:d2:07:67:7a:eb:16:
39:57:99:a4:94:aa:a7:2d:43:ff:94:36:c5:77:c8:ee:a0:78:
d2:1a:9d:e1:94:2f:e6:1b:2a:36:45:2d:af:d4:f7:00:91:62:
ba:7e:dd:1c:17:be:38:6b:50:1f:96:8a:71:00:77:02:4a:bb:
83:37:6f:3f:c8:f2:65:d7:4b:0e:5b:4f:b5:b3:0e:f0:e0:f2:
50:54:24:3b:1d:5f:a3:2b:37:cd:72:c1:8a:a0:08:d4:a9:ac:
0b:1f:31:10:c6:9d:ed:f6:b9:6c:7f:b8:81:5f:93:5f:37:5f:
5f:c2:be:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAtcExNzufhnDxuV1ZHR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZDc0ZTM5ZGRhNDAwZDEzNjEyNmU2YzNlZmIxY2Y5MzQ0
Mjc3ZWYwHhcNMjMwMTAyMDU0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTIzN2RjYmM5YzViOWJkMmYwN2YwMDM3M2E4ZDA2NDhkNzFhZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XpPekRPCBRMcC7wsDkqywvge1OI
+qf832v6d6LuiA7NMC1vIphvxBSuNS+RG1hZMmZUIwu9X0E8VN9x4tjuSHct+0bp
Wt9HFXKYyWbUREHSlBuJqUhlO/8Bbqj5F2U0Ny10t7/L1k1w/B6fdkLXmgNoq1Qu
YzcEAr9r+UihDu8aFhnp7MRPqKjtOiMzSIuc33PjLOosHA1O+nuM0WsBnvNwcf95
r55IP7ShEDSj+4wUMvxOItj8C5dJpmbRN99m8lcfl2aESsAQRusmj/ibUmB+O0TH
A4x9En7nki0WntycUiaIO6gEPfFNV5Tawh+V4QnEeABKGrLk0D3ZLC0jZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJkjfcvJxbm9LwfwA3Oo0GSNca+oMB8GA1UdIwQY
MBaAFFvXTjndpADRNhJubD77HPk0QnfvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYt
YWQ3ODkwYzJlNzUyLzEvbVNOOXk4bkZ1YjB2Ql9BRGM2alFaSTF4cjZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84OWVjMjUtNzJkYy00ZjBmLThiMmYtYWQ3ODkwYzJlNzUy
LzEvVzlkT09kMmtBTkUyRW01c1B2c2MtVFJDZC04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ4uMA0G
CSqGSIb3DQEBCwUAA4IBAQC8lo5j7l7A9dsvlNC3wJuX2ZI4ivt2uoGtAdsrmq3+
2XYph0oOHTEn1srhbQ2meZPG3H1TFMNLzObTNlKfrXiv9G3bxoFHkaD9vOi8apDM
Z6gwnoezJ7xw/2N7UuWRvRm1jOZcNIZTkdmZHL4DhtMQrkpgAXYnbiYeOkDrxoSj
6FnItTZ6LsYQIZ3SB2d66xY5V5mklKqnLUP/lDbFd8juoHjSGp3hlC/mGyo2RS2v
1PcAkWK6ft0cF744a1AflopxAHcCSruDN28/yPJl10sOW0+1sw7w4PJQVCQ7HV+j
KzfNcsGKoAjUqawLHzEQxp3t9rlsf7iBX5NfN19fwr5n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:42 2024 by rpki-client on console-fra.rpki-client.org