Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/qDRjeeBzV_y_LCmGWwZTwJ7P4L4.roa
File: qDRjeeBzV_y_LCmGWwZTwJ7P4L4.roa (raw, json)
Hash identifier: 7xwbHJCyVQJdMw31C2w3d03a8xjRH++7Pzo69rn1YCM=
Subject key identifier: A8:34:63:79:E0:73:57:FC:BF:2C:29:86:5B:06:53:C0:9E:CF:E0:BE
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D55CCB5C9F08DF0DFDB7F7E57648E2
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/qDRjeeBzV_y_LCmGWwZTwJ7P4L4.roa
Signing time: Mon 02 Jan 2023 04:55:09 +0000
ROA not before: Mon 02 Jan 2023 04:55:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56398
IP address blocks: 45.86.170.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:5c:cb:5c:9f:08:df:0d:fd:b7:f7:e5:76:48:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8346379e07357fcbf2c29865b0653c09ecfe0be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4e:23:18:5a:1f:0d:c9:19:69:08:1a:1d:50:
f5:41:23:6d:e7:93:85:4c:a9:d1:43:b6:0a:d7:b5:
2e:8f:37:d7:f4:ff:35:d3:bf:6c:3b:10:a3:20:1a:
ec:1f:9c:14:9c:68:e0:e4:a8:37:c2:53:9a:22:59:
4c:80:0b:ef:c1:3e:92:b1:2c:54:a0:d9:ce:a9:da:
2d:7c:8a:75:fb:c8:1a:eb:71:0b:38:4b:46:2d:bd:
4f:f4:17:3a:9b:d1:d4:3d:41:a4:a4:24:8a:3b:38:
9b:2d:a8:5d:26:99:58:f3:d9:49:58:f3:e5:20:a7:
7c:02:34:fb:c3:bc:51:f6:9e:3c:ca:a0:1a:1c:f0:
45:e8:56:ae:3a:46:41:1b:de:d8:05:47:33:32:4a:
ff:09:55:fc:6a:17:7c:26:13:82:c3:28:a8:b7:39:
85:5b:0d:e5:ce:cf:ce:a9:51:fb:8e:dc:73:75:f4:
d8:13:d9:ad:76:6c:10:6c:4c:88:98:df:0e:1f:f9:
45:36:92:d6:30:ff:55:ae:5d:fe:cc:95:f2:ad:5d:
c4:62:c4:a2:6a:27:1e:f7:4d:10:b8:35:4e:35:ba:
99:a6:cb:a1:18:34:4c:25:4d:f1:4e:12:50:c7:5a:
fb:dd:e6:42:55:c6:12:91:0c:e3:95:be:84:0f:3a:
ee:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:34:63:79:E0:73:57:FC:BF:2C:29:86:5B:06:53:C0:9E:CF:E0:BE
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/qDRjeeBzV_y_LCmGWwZTwJ7P4L4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.170.0/24
Signature Algorithm: sha256WithRSAEncryption
65:77:cf:46:b0:61:7c:07:cb:09:70:97:f5:58:2b:54:c6:a4:
b0:7f:4c:ce:01:d9:f3:36:41:46:c5:e7:0f:76:71:f7:84:43:
ed:41:2e:a6:07:e2:9e:83:4d:5a:6f:dd:2e:69:db:64:1d:a7:
a2:a1:b9:5f:64:cf:1e:eb:59:dc:f2:f1:de:03:8d:05:3a:98:
c0:43:c3:58:3a:36:17:94:82:ab:8e:42:f6:52:b6:4b:82:7e:
91:58:16:a9:92:1d:21:a8:c9:50:94:1f:c1:59:96:9d:02:26:
f6:76:75:9b:6f:f7:f7:ed:0a:62:7b:fc:c4:7f:d3:a0:75:0b:
6d:9e:1c:98:b7:32:46:3b:d1:3b:74:07:60:54:7e:20:fb:ae:
c1:e8:e2:26:1e:8c:17:6b:55:cc:68:ce:31:1e:64:5b:16:f3:
fc:6d:cf:ad:41:cf:39:7e:d9:d4:a0:d0:02:9e:f1:86:46:88:
9d:4a:35:f3:77:90:14:65:be:a0:f7:b1:89:fc:39:36:bf:51:
58:73:59:e4:1c:c2:6c:66:69:c8:c0:10:7d:8d:38:ef:19:77:
27:25:1d:b1:57:62:09:82:52:95:35:01:51:04:c5:67:ad:da:
4f:00:ff:37:a1:b8:99:fd:7e:f2:48:8f:b0:13:90:0d:e7:1d:
ff:39:7a:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1VzLXJ8I3w39t/fldkjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODM0NjM3OWUwNzM1N2ZjYmYyYzI5ODY1YjA2NTNjMDllY2ZlMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiU4jGFofDckZaQgaHVD1QSNt55OF
TKnRQ7YK17UujzfX9P81079sOxCjIBrsH5wUnGjg5Kg3wlOaIllMgAvvwT6SsSxU
oNnOqdotfIp1+8ga63ELOEtGLb1P9Bc6m9HUPUGkpCSKOzibLahdJplY89lJWPPl
IKd8AjT7w7xR9p48yqAaHPBF6FauOkZBG97YBUczMkr/CVX8ahd8JhOCwyiotzmF
Ww3lzs/OqVH7jtxzdfTYE9mtdmwQbEyImN8OH/lFNpLWMP9Vrl3+zJXyrV3EYsSi
aice900QuDVONbqZpsuhGDRMJU3xThJQx1r73eZCVcYSkQzjlb6EDzru+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKg0Y3ngc1f8vywphlsGU8Cez+C+MB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvcURSamVlQnpWX3lfTENtR1d3WlR3SjdQNEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVaqMA0G
CSqGSIb3DQEBCwUAA4IBAQBld89GsGF8B8sJcJf1WCtUxqSwf0zOAdnzNkFGxecP
dnH3hEPtQS6mB+Keg01ab90uadtkHaeioblfZM8e61nc8vHeA40FOpjAQ8NYOjYX
lIKrjkL2UrZLgn6RWBapkh0hqMlQlB/BWZadAib2dnWbb/f37Qpie/zEf9OgdQtt
nhyYtzJGO9E7dAdgVH4g+67B6OImHowXa1XMaM4xHmRbFvP8bc+tQc85ftnUoNAC
nvGGRoidSjXzd5AUZb6g97GJ/Dk2v1FYc1nkHMJsZmnIwBB9jTjvGXcnJR2xV2IJ
glKVNQFRBMVnrdpPAP83obiZ/X7ySI+wE5AN5x3/OXq+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org