Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/cauCZZ0usRe-KW9pfeYDHjsC0TY.roa
File: cauCZZ0usRe-KW9pfeYDHjsC0TY.roa (raw, json)
Hash identifier: VQQx0TQ9jmr8IYa3qJuKJiHAuEhXi6NWin5z6DUWFTU=
Subject key identifier: 71:AB:82:65:9D:2E:B1:17:BE:29:6F:69:7D:E6:03:1E:3B:02:D1:36
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 146C8EE5
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/cauCZZ0usRe-KW9pfeYDHjsC0TY.roa
Signing time: Thu 24 Mar 2022 19:33:03 +0000
ROA not before: Thu 24 Mar 2022 19:33:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6939
IP address blocks: 5.180.4.0/22 maxlen: 22
45.145.40.0/22 maxlen: 22
2.59.204.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 342658789 (0x146c8ee5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Mar 24 19:33:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71ab82659d2eb117be296f697de6031e3b02d136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f6:1e:2a:91:1c:eb:39:e0:36:f9:f0:0b:83:
a5:c7:4f:7b:c9:52:44:44:9a:fc:89:48:c2:22:bc:
e1:2c:ac:9b:95:8c:da:50:cd:a2:65:97:32:c8:4e:
9c:c1:e8:08:27:0c:88:f4:d1:7f:a5:15:c4:51:19:
9f:1f:a3:c6:bb:0a:8f:57:c9:5b:27:14:c1:86:4f:
e5:57:fd:22:af:cf:1c:60:d8:78:9e:ec:3f:11:6b:
10:b9:ce:cb:cc:fa:6b:be:5c:a1:0b:fc:be:8b:de:
fd:1d:a4:8c:58:11:f5:d1:ae:5f:45:f1:9f:47:28:
45:8e:51:92:77:ae:ee:cc:bb:dd:92:ee:7c:ce:17:
45:6f:8f:cd:37:d1:68:59:20:9a:24:a9:86:1a:54:
09:73:fa:1e:e3:e9:7c:a1:88:f3:26:24:66:37:15:
2a:b7:2e:a4:74:f7:20:6d:ca:5a:f0:2f:31:0f:6b:
34:b2:ee:fa:c5:1b:a9:ab:85:34:9e:5e:52:33:47:
e4:44:f7:a7:ac:35:80:a4:aa:d3:52:14:fc:5e:00:
62:8e:ab:bf:31:e4:d6:5f:d1:c4:c1:2d:2a:19:bf:
2c:65:04:6f:39:4b:a0:43:c1:0e:68:f1:b5:19:4a:
eb:0b:6a:38:d6:18:e8:a8:e7:c2:03:fd:de:27:2c:
1b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:AB:82:65:9D:2E:B1:17:BE:29:6F:69:7D:E6:03:1E:3B:02:D1:36
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/cauCZZ0usRe-KW9pfeYDHjsC0TY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.204.0/22
5.180.4.0/22
45.145.40.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:22:60:e5:18:1c:d1:32:80:e1:b3:9f:69:d5:25:ed:a5:3a:
d2:bf:4e:4c:fd:de:fd:23:90:eb:d8:36:80:a2:d9:47:4b:fd:
f8:35:d7:70:30:9b:7b:c4:06:35:50:ce:a3:9b:38:e5:ca:dc:
f8:6a:a9:91:2d:0f:2a:f8:65:e4:56:57:2a:55:f4:ee:5b:02:
5b:a4:94:87:44:98:e4:82:08:41:6c:53:b8:44:1e:ff:d1:ee:
a9:5e:9d:be:b3:2e:75:bc:86:c2:6c:c7:a5:ec:f3:c4:e9:f3:
d4:8f:1d:23:bf:ea:21:1d:36:f2:08:b2:91:81:62:86:67:76:
b8:e3:fc:c5:30:f1:6b:55:cc:85:a4:c4:f5:07:ee:2b:be:00:
84:26:40:17:a9:9b:3e:bc:bc:df:01:28:65:c7:0f:71:75:06:
6f:69:66:65:42:d0:39:97:cb:ea:d8:08:f9:f1:ca:4f:b8:23:
f0:59:fb:08:67:f7:ee:ef:57:35:be:bd:7d:8f:fe:c8:f5:39:
35:4c:ed:82:df:fe:1a:26:99:3b:a3:1f:6b:17:ad:a7:a2:49:
a2:91:c1:9c:31:65:68:10:a0:40:b2:6a:17:ad:c0:3e:38:94:
cf:f3:d9:66:cf:98:4a:13:10:9c:72:eb:e2:bd:5d:d6:c1:97:
6f:70:15:64
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEFGyO5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDMy
NDE5MzMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzFhYjgyNjU5ZDJl
YjExN2JlMjk2ZjY5N2RlNjAzMWUzYjAyZDEzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM32HiqRHOs54Db58AuDpcdPe8lSRESa/IlIwiK84Sysm5WM
2lDNomWXMshOnMHoCCcMiPTRf6UVxFEZnx+jxrsKj1fJWycUwYZP5Vf9Iq/PHGDY
eJ7sPxFrELnOy8z6a75coQv8vove/R2kjFgR9dGuX0Xxn0coRY5Rkneu7sy73ZLu
fM4XRW+PzTfRaFkgmiSphhpUCXP6HuPpfKGI8yYkZjcVKrcupHT3IG3KWvAvMQ9r
NLLu+sUbqauFNJ5eUjNH5ET3p6w1gKSq01IU/F4AYo6rvzHk1l/RxMEtKhm/LGUE
bzlLoEPBDmjxtRlK6wtqONYY6KjnwgP93icsG0UCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRxq4JlnS6xF74pb2l95gMeOwLRNjAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L2NhdUNaWjB1c1JlLUtXOXBmZVlESGpzQzBUWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAgI7zAMEAgW0BAMEAi2RKDANBgkq
hkiG9w0BAQsFAAOCAQEAKyJg5Rgc0TKA4bOfadUl7aU60r9OTP3e/SOQ69g2gKLZ
R0v9+DXXcDCbe8QGNVDOo5s45crc+GqpkS0PKvhl5FZXKlX07lsCW6SUh0SY5III
QWxTuEQe/9HuqV6dvrMudbyGwmzHpezzxOnz1I8dI7/qIR028giykYFihmd2uOP8
xTDxa1XMhaTE9QfuK74AhCZAF6mbPry83wEoZccPcXUGb2lmZULQOZfL6tgI+fHK
T7gj8Fn7CGf37u9XNb69fY/+yPU5NUztgt/+GiaZO6Mfaxetp6JJopHBnDFlaBCg
QLJqF63APjiUz/PZZs+YShMQnHLr4r1d1sGXb3AVZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org