Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/CCHUAd0wSoUTaM1j2HScPV4eI_4.roa
File: CCHUAd0wSoUTaM1j2HScPV4eI_4.roa (raw, json)
Hash identifier: lbwcuQFJ7UfsyzH/NbcheadE+aQzehK0n7/OgBgbIlk=
Subject key identifier: 08:21:D4:01:DD:30:4A:85:13:68:CD:63:D8:74:9C:3D:5E:1E:23:FE
Certificate issuer: /CN=42ca1a1e3d0925423310c154b502c2842888e612
Certificate serial: 121869D8
Authority key identifier: 42:CA:1A:1E:3D:09:25:42:33:10:C1:54:B5:02:C2:84:28:88:E6:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsoaHj0JJUIzEMFUtQLChCiI5hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/CCHUAd0wSoUTaM1j2HScPV4eI_4.roa
Signing time: Sat 01 Jan 2022 04:53:36 +0000
ROA not before: Sat 01 Jan 2022 04:53:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39144
IP address blocks: 45.155.32.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 303589848 (0x121869d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42ca1a1e3d0925423310c154b502c2842888e612
Validity
Not Before: Jan 1 04:53:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0821d401dd304a851368cd63d8749c3d5e1e23fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:85:7c:54:f9:eb:2e:ce:e6:e0:6f:d6:b2:14:
0e:50:e5:3a:57:66:40:e1:a6:13:d4:41:59:f3:a3:
b4:21:5f:1a:70:a4:97:ed:70:4f:b6:b8:ef:a6:ee:
ab:47:af:d7:ae:5c:df:65:2b:66:27:b3:64:03:2b:
06:07:8f:63:51:2f:8a:1c:00:b2:fc:c9:51:29:9a:
3e:26:12:d6:4c:67:a5:91:c4:f0:35:de:39:d6:9e:
d2:12:49:b1:70:12:9c:9a:61:a6:aa:f1:02:b0:7a:
a5:b3:00:f6:d1:57:db:13:e0:e5:46:98:98:e7:92:
24:86:2a:30:f0:78:4c:59:7a:1b:ff:38:59:41:08:
c5:f0:61:18:be:c2:c8:8e:79:84:4b:5b:22:7e:81:
e7:4a:2f:51:ce:0b:db:96:35:d8:d1:15:98:4d:e6:
e3:ac:99:de:95:96:5c:f2:e4:74:05:75:78:22:73:
a0:5f:91:3a:ed:74:b8:8d:07:9a:23:13:13:4c:1d:
5d:0c:7a:fb:57:12:ef:f8:39:d0:30:c4:6d:92:33:
cd:df:05:60:91:97:06:39:ba:95:da:c8:5e:63:9a:
e7:98:43:54:b4:1e:53:55:d7:f1:a1:ff:ca:57:bc:
a6:a6:ce:d8:a8:37:25:d5:09:52:26:41:e8:f8:3b:
ce:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:21:D4:01:DD:30:4A:85:13:68:CD:63:D8:74:9C:3D:5E:1E:23:FE
X509v3 Authority Key Identifier:
keyid:42:CA:1A:1E:3D:09:25:42:33:10:C1:54:B5:02:C2:84:28:88:E6:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsoaHj0JJUIzEMFUtQLChCiI5hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/CCHUAd0wSoUTaM1j2HScPV4eI_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/QsoaHj0JJUIzEMFUtQLChCiI5hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.32.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:31:3e:74:e8:a8:be:62:ad:99:45:3b:a8:7a:02:4d:b9:39:
60:2b:61:de:a5:e9:fc:8d:bc:a3:87:13:36:70:a0:df:4c:a8:
b2:cc:5d:59:8d:9f:2d:dd:2b:4e:d5:f8:b0:a4:22:c6:1e:e6:
8f:d6:60:88:51:b3:c6:d7:c7:a3:68:41:5f:e8:7d:bb:73:40:
71:c9:35:86:5d:4c:b5:d1:99:11:78:bb:60:e5:9c:72:6f:30:
ac:43:87:ba:85:c2:c8:1a:96:89:7f:b8:66:61:a5:2a:77:93:
27:22:bc:16:da:3e:01:4e:4e:ce:96:ce:89:a9:cb:1a:54:a0:
59:da:5c:a3:26:08:40:ea:08:2e:bf:9e:65:26:c8:38:68:79:
d2:f5:e5:58:c0:eb:7a:45:ea:d2:35:22:67:c4:d1:3b:40:4e:
51:a6:59:d1:3f:de:28:01:e7:05:8f:f0:99:98:c3:17:ce:ad:
c9:2d:73:46:2e:b9:6c:7b:8b:8d:9d:9f:04:03:2a:9e:ff:40:
f1:ec:cf:14:57:04:16:04:23:c8:d5:eb:f5:29:4b:e7:e2:75:
37:b4:dd:59:74:ea:90:62:8d:45:68:76:70:b7:6f:90:f4:8b:
59:dd:25:f5:a9:9a:fb:6a:dd:b9:bf:e3:aa:cb:59:d0:08:11:
eb:12:a4:a7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEhhp2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MmNhMWExZTNkMDkyNTQyMzMxMGMxNTRiNTAyYzI4NDI4ODhlNjEyMB4XDTIyMDEw
MTA0NTMzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDgyMWQ0MDFkZDMw
NGE4NTEzNjhjZDYzZDg3NDljM2Q1ZTFlMjNmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOqFfFT56y7O5uBv1rIUDlDlOldmQOGmE9RBWfOjtCFfGnCk
l+1wT7a476buq0ev165c32UrZiezZAMrBgePY1EvihwAsvzJUSmaPiYS1kxnpZHE
8DXeOdae0hJJsXASnJphpqrxArB6pbMA9tFX2xPg5UaYmOeSJIYqMPB4TFl6G/84
WUEIxfBhGL7CyI55hEtbIn6B50ovUc4L25Y12NEVmE3m46yZ3pWWXPLkdAV1eCJz
oF+ROu10uI0HmiMTE0wdXQx6+1cS7/g50DDEbZIzzd8FYJGXBjm6ldrIXmOa55hD
VLQeU1XX8aH/yle8pqbO2Kg3JdUJUiZB6Pg7zukCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQIIdQB3TBKhRNozWPYdJw9Xh4j/jAfBgNVHSMEGDAWgBRCyhoePQklQjMQ
wVS1AsKEKIjmEjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Fzb2FIajBKSlVJekVNRlV0UUxDaENpSTVoSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTYvOTJiOGFlLTljMDktNDQzYy1iOGJhLTQzNmJmYjllNzdlZC8x
L0NDSFVBZDB3U29VVGFNMWoySFNjUFY0ZUlfNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYv
OTJiOGFlLTljMDktNDQzYy1iOGJhLTQzNmJmYjllNzdlZC8xL1Fzb2FIajBKSlVJ
ekVNRlV0UUxDaENpSTVoSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2bIDANBgkqhkiG9w0BAQsFAAOC
AQEALzE+dOiovmKtmUU7qHoCTbk5YCth3qXp/I28o4cTNnCg30yossxdWY2fLd0r
TtX4sKQixh7mj9ZgiFGzxtfHo2hBX+h9u3NAcck1hl1MtdGZEXi7YOWccm8wrEOH
uoXCyBqWiX+4ZmGlKneTJyK8Fto+AU5OzpbOianLGlSgWdpcoyYIQOoILr+eZSbI
OGh50vXlWMDrekXq0jUiZ8TRO0BOUaZZ0T/eKAHnBY/wmZjDF86tyS1zRi65bHuL
jZ2fBAMqnv9A8ezPFFcEFgQjyNXr9SlL5+J1N7TdWXTqkGKNRWh2cLdvkPSLWd0l
9ama+2rdub/jqstZ0AgR6xKkpw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:39 2025 by rpki-client