Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/UQBwOllOCFVwA8yWh4SYF6gkDRc.roa
File: UQBwOllOCFVwA8yWh4SYF6gkDRc.roa (raw, json)
Hash identifier: Qsoo8mPdafbAipZdAsWbtRfrVAVYpidbAqwhRHRTrCw=
Subject key identifier: 51:00:70:3A:59:4E:08:55:70:03:CC:96:87:84:98:17:A8:24:0D:17
Certificate issuer: /CN=42ca1a1e3d0925423310c154b502c2842888e612
Certificate serial: 0185704BA8B85BE951BA72BF108271799AD9
Authority key identifier: 42:CA:1A:1E:3D:09:25:42:33:10:C1:54:B5:02:C2:84:28:88:E6:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsoaHj0JJUIzEMFUtQLChCiI5hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/UQBwOllOCFVwA8yWh4SYF6gkDRc.roa
Signing time: Mon 02 Jan 2023 02:24:44 +0000
ROA not before: Mon 02 Jan 2023 02:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197240
IP address blocks: 46.30.104.0/23 maxlen: 24
46.30.108.0/24 maxlen: 24
46.30.110.0/23 maxlen: 24
46.30.106.0/23 maxlen: 24
46.30.109.0/24 maxlen: 24
45.155.32.0/22 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:a8:b8:5b:e9:51:ba:72:bf:10:82:71:79:9a:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42ca1a1e3d0925423310c154b502c2842888e612
Validity
Not Before: Jan 2 02:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5100703a594e08557003cc9687849817a8240d17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9b:08:6c:7a:69:8d:c0:79:fc:71:da:1c:87:
35:74:8f:5b:8e:32:7d:be:33:ce:4c:e2:ea:7f:96:
14:75:a5:9c:f1:6a:32:5f:83:ea:2c:4e:c3:9b:8a:
40:d0:fb:47:c1:52:26:3d:1d:82:df:3d:0b:4f:a4:
02:d2:1f:5e:74:ab:80:f1:fc:43:78:39:70:42:12:
47:76:04:b1:cd:57:09:ef:74:70:4b:36:c9:69:a8:
88:b7:83:fa:e3:09:33:be:fd:b6:af:48:bb:d2:c3:
c1:0f:b0:37:41:c9:f4:ec:d8:ca:83:ad:86:cf:d1:
b8:0d:38:04:e5:c5:de:18:1b:7f:bd:30:57:86:bd:
79:9c:10:23:2b:98:71:29:91:ea:2e:45:96:3f:9f:
7d:46:aa:f1:ea:33:ef:52:c2:c6:5a:e8:db:6b:39:
6e:d4:bc:d5:44:79:47:f8:04:fb:58:ad:3d:fa:e1:
6a:a3:6e:ca:b4:e7:6d:bb:b6:7e:0e:7f:c7:02:2b:
d3:53:0f:bc:18:6a:bb:24:7c:87:04:2d:0a:a1:8b:
56:2c:e1:ab:cb:4e:47:51:21:bc:8b:46:12:03:5b:
3b:03:a3:01:35:74:12:34:32:5e:da:fd:6e:de:04:
d7:49:a0:83:74:35:f3:6d:e7:35:10:b3:de:ed:67:
e8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:00:70:3A:59:4E:08:55:70:03:CC:96:87:84:98:17:A8:24:0D:17
X509v3 Authority Key Identifier:
keyid:42:CA:1A:1E:3D:09:25:42:33:10:C1:54:B5:02:C2:84:28:88:E6:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsoaHj0JJUIzEMFUtQLChCiI5hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/UQBwOllOCFVwA8yWh4SYF6gkDRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/QsoaHj0JJUIzEMFUtQLChCiI5hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.32.0/22
46.30.104.0/21
Signature Algorithm: sha256WithRSAEncryption
ab:de:61:af:35:7e:77:8e:5f:68:a4:e9:ca:75:49:a4:03:06:
d1:5a:4e:bb:29:23:0d:05:e6:e6:bf:13:fc:bc:71:e8:ed:60:
f7:cf:7a:99:e2:c6:e1:c1:c2:cb:2b:09:30:b6:a9:49:e3:bf:
ac:31:68:0f:41:6a:68:33:ef:c4:a9:b9:2b:69:91:b1:67:7c:
41:90:0f:07:8e:ba:dc:36:a3:af:f5:1f:57:d2:50:86:2f:0a:
2f:c8:64:f1:d3:db:8b:c7:2f:da:88:6e:a9:da:6a:bc:e3:4e:
be:bf:8f:54:b8:ae:8d:55:32:f7:77:98:7e:3f:59:e5:39:5b:
96:fe:07:98:e6:8d:e1:21:0c:d0:37:15:5a:1f:7f:3f:bb:4e:
9b:d8:00:b5:52:29:52:aa:64:de:ac:c7:e1:87:14:cc:a4:cd:
4b:53:4b:7c:b7:27:b9:ec:e5:64:a9:ad:d8:1f:99:87:1e:52:
49:48:64:a7:5e:a1:56:71:ac:ad:7a:d7:ae:c3:8a:15:94:49:
87:54:bf:dc:02:cd:db:82:e0:a4:f3:64:75:dc:bf:e2:99:d9:
9b:05:e3:ed:55:31:0e:e7:1e:06:71:b8:01:23:79:ec:0c:d6:
49:4b:8e:0c:81:41:cf:38:7c:a6:20:53:9c:af:29:9a:4e:13:
b4:da:ce:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwS6i4W+lRunK/EIJxeZrZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyY2ExYTFlM2QwOTI1NDIzMzEwYzE1NGI1MDJjMjg0Mjg4
OGU2MTIwHhcNMjMwMTAyMDIyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTAwNzAzYTU5NGUwODU1NzAwM2NjOTY4Nzg0OTgxN2E4MjQwZDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5sIbHppjcB5/HHaHIc1dI9bjjJ9
vjPOTOLqf5YUdaWc8WoyX4PqLE7Dm4pA0PtHwVImPR2C3z0LT6QC0h9edKuA8fxD
eDlwQhJHdgSxzVcJ73RwSzbJaaiIt4P64wkzvv22r0i70sPBD7A3Qcn07NjKg62G
z9G4DTgE5cXeGBt/vTBXhr15nBAjK5hxKZHqLkWWP599Rqrx6jPvUsLGWujbazlu
1LzVRHlH+AT7WK09+uFqo27KtOdtu7Z+Dn/HAivTUw+8GGq7JHyHBC0KoYtWLOGr
y05HUSG8i0YSA1s7A6MBNXQSNDJe2v1u3gTXSaCDdDXzbec1ELPe7WfoPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFEAcDpZTghVcAPMloeEmBeoJA0XMB8GA1UdIwQY
MBaAFELKGh49CSVCMxDBVLUCwoQoiOYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXNvYUhqMEpKVUl6RU1GVXRRTENoQ2lJNWhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni85MmI4YWUtOWMwOS00NDNjLWI4YmEt
NDM2YmZiOWU3N2VkLzEvVVFCd09sbE9DRlZ3QTh5V2g0U1lGNmdrRFJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni85MmI4YWUtOWMwOS00NDNjLWI4YmEtNDM2YmZiOWU3N2Vk
LzEvUXNvYUhqMEpKVUl6RU1GVXRRTENoQ2lJNWhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZsgAwQD
Lh5oMA0GCSqGSIb3DQEBCwUAA4IBAQCr3mGvNX53jl9opOnKdUmkAwbRWk67KSMN
BebmvxP8vHHo7WD3z3qZ4sbhwcLLKwkwtqlJ47+sMWgPQWpoM+/EqbkraZGxZ3xB
kA8HjrrcNqOv9R9X0lCGLwovyGTx09uLxy/aiG6p2mq8406+v49UuK6NVTL3d5h+
P1nlOVuW/geY5o3hIQzQNxVaH38/u06b2AC1UilSqmTerMfhhxTMpM1LU0t8tye5
7OVkqa3YH5mHHlJJSGSnXqFWcayteteuw4oVlEmHVL/cAs3bguCk82R13L/imdmb
BePtVTEO5x4GcbgBI3nsDNZJS44MgUHPOHymIFOcrymaThO02s7G
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:20 2024 by rpki-client on console-fra.rpki-client.org