Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/hXKgNBqb0CvPnH9a8TxzUnHiwwU.roa
File: hXKgNBqb0CvPnH9a8TxzUnHiwwU.roa (raw, json)
Hash identifier: 2hrw5qY32D2M/EYuGYAD4y9Da8znMXSG0n+lgT0uc5g=
Subject key identifier: 85:72:A0:34:1A:9B:D0:2B:CF:9C:7F:5A:F1:3C:73:52:71:E2:C3:05
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D557537AB724AED1366D4061F79DD3
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/hXKgNBqb0CvPnH9a8TxzUnHiwwU.roa
Signing time: Mon 02 Jan 2023 04:55:07 +0000
ROA not before: Mon 02 Jan 2023 04:55:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39361
IP address blocks: 45.151.147.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:57:53:7a:b7:24:ae:d1:36:6d:40:61:f7:9d:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8572a0341a9bd02bcf9c7f5af13c735271e2c305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a4:48:b0:82:15:8f:63:9e:0b:18:da:0c:23:
eb:aa:fe:35:f1:bb:f3:ed:f4:98:41:53:66:e4:b1:
31:1b:02:ae:4b:67:f7:9c:4c:17:2c:06:55:70:b7:
c3:1e:c8:44:17:90:50:94:2b:03:38:c1:5a:22:d2:
6d:4e:31:1a:e6:d5:7c:fe:af:76:2c:f2:2b:9b:7d:
e6:54:2e:6e:70:0d:25:30:c4:53:48:52:e4:0a:b2:
5a:e0:a4:36:7e:c0:76:d6:28:fe:08:01:3a:96:6f:
4f:1f:a5:46:0f:db:c3:57:3a:29:1c:54:4e:59:d9:
4a:43:ef:75:48:23:66:05:12:f5:a9:ee:84:4c:6f:
0b:f9:d5:1f:85:d6:c7:30:15:ca:f8:1f:85:20:cd:
59:f3:4c:69:7c:e0:07:1b:f1:e5:83:2d:78:30:00:
f3:5f:40:9a:39:fa:54:0c:07:e2:75:24:8d:e6:b8:
a3:e5:d1:88:0c:6a:12:eb:2f:27:60:10:ba:d9:ca:
b2:ef:ea:b0:cb:31:f2:f0:c5:6e:56:67:65:7e:f1:
d9:10:40:45:98:93:f3:e3:4a:c0:df:9b:e7:f2:6a:
ca:57:db:56:61:4f:24:cf:50:7a:ed:3c:52:06:a2:
74:fb:60:27:89:9d:78:d8:55:f7:2b:73:97:fd:d3:
a9:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:72:A0:34:1A:9B:D0:2B:CF:9C:7F:5A:F1:3C:73:52:71:E2:C3:05
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/hXKgNBqb0CvPnH9a8TxzUnHiwwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.147.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:f2:1f:7d:b8:06:61:93:e6:0d:1d:12:d4:e8:e9:f4:63:09:
98:7a:4b:7b:12:d7:55:3a:85:73:0e:56:f8:94:60:dc:cf:d6:
96:e0:a0:58:84:f9:38:8d:38:c2:58:68:87:4e:44:5b:4c:1b:
79:5a:35:92:96:51:1d:66:ec:45:08:01:c1:a1:c5:b3:fe:ce:
e6:75:c7:ac:00:7e:7c:c5:4e:fa:78:d7:3b:d8:18:d3:c8:97:
13:fc:4b:24:0c:d7:22:a0:83:7e:61:62:af:a6:e8:72:6c:70:
91:ac:c2:27:ff:a1:f3:09:53:2b:9b:fa:87:16:14:23:26:70:
b2:5b:62:b9:a6:cd:d7:c1:da:6c:a4:01:31:58:48:0e:5f:19:
c8:d2:24:01:9f:1a:54:6b:de:c6:55:5e:dd:31:d0:7a:3b:44:
79:81:89:3a:eb:26:e8:77:a8:5b:18:b1:fc:6b:be:23:c9:53:
ca:f8:d2:e7:f9:e6:33:bf:f4:32:36:d5:d1:37:7c:ab:9a:4d:
32:24:8e:67:69:88:41:bb:03:d5:fd:dc:cd:43:d5:65:fb:9c:
ae:ff:32:84:53:58:a7:93:80:6e:6b:00:55:3d:b2:74:be:f9:
e9:08:7d:63:71:aa:c7:20:77:ce:ea:85:d7:7c:77:eb:48:c2:
d5:68:22:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1VdTerckrtE2bUBh953TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTcyYTAzNDFhOWJkMDJiY2Y5YzdmNWFmMTNjNzM1MjcxZTJjMzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKRIsIIVj2OeCxjaDCPrqv418bvz
7fSYQVNm5LExGwKuS2f3nEwXLAZVcLfDHshEF5BQlCsDOMFaItJtTjEa5tV8/q92
LPIrm33mVC5ucA0lMMRTSFLkCrJa4KQ2fsB21ij+CAE6lm9PH6VGD9vDVzopHFRO
WdlKQ+91SCNmBRL1qe6ETG8L+dUfhdbHMBXK+B+FIM1Z80xpfOAHG/Hlgy14MADz
X0CaOfpUDAfidSSN5rij5dGIDGoS6y8nYBC62cqy7+qwyzHy8MVuVmdlfvHZEEBF
mJPz40rA35vn8mrKV9tWYU8kz1B67TxSBqJ0+2AniZ142FX3K3OX/dOp0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVyoDQam9Arz5x/WvE8c1Jx4sMFMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvaFhLZ05CcWIwQ3ZQbkg5YThUeHpVbkhpd3dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZeTMA0G
CSqGSIb3DQEBCwUAA4IBAQAf8h99uAZhk+YNHRLU6On0YwmYekt7EtdVOoVzDlb4
lGDcz9aW4KBYhPk4jTjCWGiHTkRbTBt5WjWSllEdZuxFCAHBocWz/s7mdcesAH58
xU76eNc72BjTyJcT/EskDNcioIN+YWKvpuhybHCRrMIn/6HzCVMrm/qHFhQjJnCy
W2K5ps3XwdpspAExWEgOXxnI0iQBnxpUa97GVV7dMdB6O0R5gYk66ybod6hbGLH8
a74jyVPK+NLn+eYzv/QyNtXRN3yrmk0yJI5naYhBuwPV/dzNQ9Vl+5yu/zKEU1in
k4BuawBVPbJ0vvnpCH1jcarHIHfO6oXXfHfrSMLVaCLI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:46 2024 by rpki-client on console-ams.rpki-client.org