Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/NqPRWAFUxmBKxusHsl1mmMfxR5w.roa
File: NqPRWAFUxmBKxusHsl1mmMfxR5w.roa (raw, json)
Hash identifier: GudtXGI14QEc2GeeAlsz2xrHoik0HlhuLX18qfCiQ58=
Subject key identifier: 36:A3:D1:58:01:54:C6:60:4A:C6:EB:07:B2:5D:66:98:C7:F1:47:9C
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018D13D7EC41E56644BD24D80C49072AD74D
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/NqPRWAFUxmBKxusHsl1mmMfxR5w.roa
Signing time: Tue 16 Jan 2024 19:55:34 +0000
ROA not before: Tue 16 Jan 2024 19:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 45.87.254.0/24 maxlen: 24
45.91.9.0/24 maxlen: 24
77.83.192.0/24 maxlen: 24
77.83.194.0/24 maxlen: 24
77.83.195.0/24 maxlen: 24
194.156.126.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:ec:41:e5:66:44:bd:24:d8:0c:49:07:2a:d7:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 16 19:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36a3d1580154c6604ac6eb07b25d6698c7f1479c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c2:c2:88:4b:c0:8c:3f:ce:17:0e:82:5f:9e:
5d:52:dc:39:b9:aa:c9:35:34:1b:de:2e:80:d5:63:
db:62:9d:18:ec:38:40:0d:a1:10:1a:b0:6d:d3:d0:
83:b2:05:dc:26:ad:68:d8:ba:d1:77:d8:4d:12:5d:
77:f0:4a:d5:db:9d:15:8d:cf:bd:05:cb:a7:ec:3b:
37:33:30:98:eb:ed:85:a4:fa:a1:7b:be:1d:61:d3:
26:2e:2c:12:19:25:4c:ef:bd:e7:97:b9:a9:92:20:
19:76:18:3a:94:95:f6:5e:49:62:9d:44:ab:ab:a6:
35:ed:5c:f2:2c:d5:f9:60:bd:e9:c9:0e:46:b4:d8:
a0:80:8a:ad:05:a2:35:c2:cd:e8:a3:e9:27:81:36:
f7:00:06:96:4a:16:e9:47:19:b8:97:a5:7b:da:3b:
62:f9:da:1a:97:16:d8:ff:e6:df:a8:a8:c8:22:af:
a5:b4:6d:fa:db:9c:9a:f7:91:d2:c6:22:85:bf:a8:
5d:ea:ec:4e:a2:f7:04:92:0e:c9:f2:d1:45:1c:17:
5e:de:28:01:3e:d0:a5:49:f3:fd:0c:5a:db:32:92:
a5:da:41:9d:ff:57:4e:c0:67:a1:c6:0e:9a:df:4c:
ba:74:03:7c:e0:d2:55:80:60:75:17:eb:2f:90:4d:
7c:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A3:D1:58:01:54:C6:60:4A:C6:EB:07:B2:5D:66:98:C7:F1:47:9C
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/NqPRWAFUxmBKxusHsl1mmMfxR5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.254.0/24
45.91.9.0/24
77.83.192.0/24
77.83.194.0/23
194.156.126.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:33:8b:fe:f1:03:f9:36:fb:94:df:c2:46:6a:ae:10:cd:b1:
95:f7:2b:ba:c6:dd:73:f5:9f:c7:37:b6:6c:ab:b6:30:d0:bb:
40:7c:0f:9d:d3:39:8f:00:95:42:4f:bd:23:7b:33:46:f8:31:
8d:f9:15:50:2f:ba:63:a9:21:53:c9:1b:3e:4b:2e:53:71:c6:
03:bc:51:85:22:9d:52:fd:5a:a4:e9:d3:40:98:92:15:82:9b:
bb:39:ed:3b:b0:d3:bd:88:56:27:5a:f9:cb:56:cc:0b:3a:51:
1c:20:2d:d9:04:7f:e8:d5:1e:c2:10:15:28:fd:99:44:85:e2:
2d:7f:1a:2c:8e:e8:89:62:5f:66:82:10:75:e0:8f:40:e2:90:
f9:f2:45:ab:ff:18:93:06:d9:b7:79:b1:05:58:d8:70:7c:34:
f5:03:8e:af:db:1d:0a:c9:d5:eb:49:3e:58:f3:a9:a3:b7:0e:
4e:1c:81:d1:db:3a:46:fa:58:63:20:ac:78:a0:2e:b1:5e:f2:
a3:5a:17:4c:40:3b:15:19:77:c5:fc:ad:70:f4:ad:83:57:a8:
07:b0:90:dc:0c:b0:5b:77:0f:f3:84:82:05:4b:71:a6:f6:a3:
f5:f4:1f:7e:49:9c:62:65:74:9e:89:a4:db:ab:83:f8:7f:fe:
c8:64:96:a3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY0T1+xB5WZEvSTYDEkHKtdNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjQwMTE2MTk1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmEzZDE1ODAxNTRjNjYwNGFjNmViMDdiMjVkNjY5OGM3ZjE0NzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcLCiEvAjD/OFw6CX55dUtw5uarJ
NTQb3i6A1WPbYp0Y7DhADaEQGrBt09CDsgXcJq1o2LrRd9hNEl138ErV250Vjc+9
Bcun7Ds3MzCY6+2FpPqhe74dYdMmLiwSGSVM773nl7mpkiAZdhg6lJX2XklinUSr
q6Y17VzyLNX5YL3pyQ5GtNiggIqtBaI1ws3oo+kngTb3AAaWShbpRxm4l6V72jti
+doalxbY/+bfqKjIIq+ltG3625ya95HSxiKFv6hd6uxOovcEkg7J8tFFHBde3igB
PtClSfP9DFrbMpKl2kGd/1dOwGehxg6a30y6dAN84NJVgGB1F+svkE18fQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDaj0VgBVMZgSsbrB7JdZpjH8UecMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvTnFQUldBRlV4bUJLeHVzSHNsMW1tTWZ4UjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVf+AwQA
LVsJAwQATVPAAwQBTVPCAwQAwpx+MA0GCSqGSIb3DQEBCwUAA4IBAQBLM4v+8QP5
NvuU38JGaq4QzbGV9yu6xt1z9Z/HN7Zsq7Yw0LtAfA+d0zmPAJVCT70jezNG+DGN
+RVQL7pjqSFTyRs+Sy5TccYDvFGFIp1S/Vqk6dNAmJIVgpu7Oe07sNO9iFYnWvnL
VswLOlEcIC3ZBH/o1R7CEBUo/ZlEheItfxosjuiJYl9mghB14I9A4pD58kWr/xiT
Btm3ebEFWNhwfDT1A46v2x0KydXrST5Y86mjtw5OHIHR2zpG+lhjIKx4oC6xXvKj
WhdMQDsVGXfF/K1w9K2DV6gHsJDcDLBbdw/zhIIFS3Gm9qP19B9+SZxiZXSeiaTb
q4P4f/7IZJaj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org