Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/CNoS_Ek7f7WT8xBt31tHhfWAzY0.roa
File: CNoS_Ek7f7WT8xBt31tHhfWAzY0.roa (raw, json)
Hash identifier: IJHB13osXZxta7Y+eUrqOP3AJ41mXpAs0m2zA6sHuH0=
Subject key identifier: 08:DA:12:FC:49:3B:7F:B5:93:F3:10:6D:DF:5B:47:85:F5:80:CD:8D
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 01865F734D120AAE090B61C026FCFC8A6BA0
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/CNoS_Ek7f7WT8xBt31tHhfWAzY0.roa
Signing time: Fri 17 Feb 2023 12:57:17 +0000
ROA not before: Fri 17 Feb 2023 12:57:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26636
IP address blocks: 45.82.15.0/24 maxlen: 24
45.82.14.0/24 maxlen: 24
185.244.50.0/24 maxlen: 24
193.39.170.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5f:73:4d:12:0a:ae:09:0b:61:c0:26:fc:fc:8a:6b:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Feb 17 12:57:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08da12fc493b7fb593f3106ddf5b4785f580cd8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:24:6b:09:1c:d0:4d:8e:1b:4f:2b:36:26:b9:
cc:f4:a3:ff:86:57:d7:0a:60:ba:3d:a0:55:47:4a:
54:c7:b6:6f:77:64:1b:34:18:25:b9:33:24:ef:01:
eb:8d:b6:ad:38:0e:df:47:50:50:e6:94:1e:9f:0e:
80:a9:f6:cd:c4:4b:dd:2c:a7:21:14:39:2b:97:ac:
80:13:4c:be:07:67:73:f7:47:2e:72:71:3c:02:af:
32:9b:90:b2:9b:6f:32:dc:52:a7:aa:d0:4f:1d:be:
1a:6a:36:89:77:45:61:7d:44:43:69:89:64:0d:e0:
27:9a:a1:ee:24:19:d0:13:eb:52:b5:01:0a:28:2b:
f3:cc:cd:3c:c0:ff:b4:15:94:9a:e6:55:94:59:43:
b4:aa:73:e5:33:dc:7e:db:fd:ed:33:19:38:9f:0d:
5c:be:28:c4:75:ef:9d:45:46:69:80:24:9e:82:a3:
00:85:e7:a7:13:99:f3:2f:02:5a:a6:36:c3:a5:4f:
e7:71:28:57:0c:94:1f:7c:3e:eb:06:55:af:65:f4:
fc:30:b2:67:a5:7d:68:34:23:50:b8:f8:e4:d7:6f:
27:7f:44:69:6d:c7:97:55:12:d5:47:9a:e1:70:33:
6e:e7:1c:b9:2f:dd:68:44:d0:55:8c:43:b3:b1:94:
aa:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:DA:12:FC:49:3B:7F:B5:93:F3:10:6D:DF:5B:47:85:F5:80:CD:8D
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/CNoS_Ek7f7WT8xBt31tHhfWAzY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.14.0/23
185.244.50.0/24
193.39.170.0/24
Signature Algorithm: sha256WithRSAEncryption
71:52:e7:d6:11:70:6a:19:f1:0a:5b:28:15:73:e0:3a:a5:21:
e0:59:1c:e1:44:17:82:7a:65:44:df:15:84:d6:a6:12:2b:61:
68:91:66:ef:39:ad:3a:ea:f1:6a:4e:37:03:75:28:33:22:55:
29:0b:03:cf:56:0b:1c:cd:28:c4:e8:c7:6b:e9:29:ad:f7:2a:
f1:66:30:8f:b5:d6:70:67:4e:88:3f:21:03:a5:ad:e7:38:5a:
67:b9:d4:eb:c8:ea:f3:94:46:94:2d:0a:e7:ba:3f:de:4d:94:
09:e9:90:1b:a0:94:85:3d:01:6a:a8:9a:79:f1:a2:e8:e2:e8:
aa:cc:fd:4f:5f:ba:c4:d2:10:14:0f:84:5e:73:dd:ba:9c:28:
63:97:69:92:40:33:07:f7:33:0a:f6:11:1e:e6:25:f8:8c:a6:
dc:0b:21:b1:22:71:79:bc:9e:cf:b6:26:df:ae:53:1a:ec:df:
a0:d0:71:3f:02:70:87:8f:6c:44:d5:06:24:86:d4:01:b9:07:
6d:03:2e:04:81:d6:5b:dc:3d:03:bf:d3:b4:c0:13:95:91:65:
59:27:65:27:c4:e9:ec:1f:aa:ed:69:5f:be:74:98:0f:ec:be:
3f:7e:11:46:94:f5:8a:55:17:ce:ce:28:1a:46:4c:ec:92:ea:
17:e5:08:5e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZfc00SCq4JC2HAJvz8imugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjMwMjE3MTI1NzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGRhMTJmYzQ5M2I3ZmI1OTNmMzEwNmRkZjViNDc4NWY1ODBjZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSRrCRzQTY4bTys2JrnM9KP/hlfX
CmC6PaBVR0pUx7Zvd2QbNBgluTMk7wHrjbatOA7fR1BQ5pQenw6AqfbNxEvdLKch
FDkrl6yAE0y+B2dz90cucnE8Aq8ym5Cym28y3FKnqtBPHb4aajaJd0VhfURDaYlk
DeAnmqHuJBnQE+tStQEKKCvzzM08wP+0FZSa5lWUWUO0qnPlM9x+2/3tMxk4nw1c
vijEde+dRUZpgCSegqMAheenE5nzLwJapjbDpU/ncShXDJQffD7rBlWvZfT8MLJn
pX1oNCNQuPjk128nf0RpbceXVRLVR5rhcDNu5xy5L91oRNBVjEOzsZSqrQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAjaEvxJO3+1k/MQbd9bR4X1gM2NMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvQ05vU19FazdmN1dUOHhCdDMxdEhoZldBelkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLVIOAwQA
ufQyAwQAwSeqMA0GCSqGSIb3DQEBCwUAA4IBAQBxUufWEXBqGfEKWygVc+A6pSHg
WRzhRBeCemVE3xWE1qYSK2FokWbvOa066vFqTjcDdSgzIlUpCwPPVgsczSjE6Mdr
6Smt9yrxZjCPtdZwZ06IPyEDpa3nOFpnudTryOrzlEaULQrnuj/eTZQJ6ZAboJSF
PQFqqJp58aLo4uiqzP1PX7rE0hAUD4Rec926nChjl2mSQDMH9zMK9hEe5iX4jKbc
CyGxInF5vJ7PtibfrlMa7N+g0HE/AnCHj2xE1QYkhtQBuQdtAy4EgdZb3D0Dv9O0
wBOVkWVZJ2UnxOnsH6rtaV++dJgP7L4/fhFGlPWKVRfOzigaRkzskuoX5Qhe
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:33 2023 by rpki-client on console-fra.rpki-client.org