Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/mmQmPbleedaC6LkZVPDYcuIar54.roa
File: mmQmPbleedaC6LkZVPDYcuIar54.roa (raw, json)
Hash identifier: 0lhRS5K+8UgVlC0gBibT8tZhaga4Z+kz/hRvh1iTpoY=
Subject key identifier: 9A:64:26:3D:B9:5E:79:D6:82:E8:B9:19:54:F0:D8:72:E2:1A:AF:9E
Certificate issuer: /CN=42ca1a1e3d0925423310c154b502c2842888e612
Certificate serial: 12805035
Authority key identifier: 42:CA:1A:1E:3D:09:25:42:33:10:C1:54:B5:02:C2:84:28:88:E6:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsoaHj0JJUIzEMFUtQLChCiI5hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/mmQmPbleedaC6LkZVPDYcuIar54.roa
Signing time: Mon 14 Feb 2022 09:36:01 +0000
ROA not before: Mon 14 Feb 2022 09:36:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197240
IP address blocks: 46.30.104.0/23 maxlen: 24
46.30.108.0/24 maxlen: 24
46.30.110.0/23 maxlen: 24
46.30.106.0/23 maxlen: 24
46.30.109.0/24 maxlen: 24
45.155.32.0/22 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 310399029 (0x12805035)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42ca1a1e3d0925423310c154b502c2842888e612
Validity
Not Before: Feb 14 09:36:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a64263db95e79d682e8b91954f0d872e21aaf9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a7:81:4c:31:fd:38:ce:bd:40:4f:1f:64:f2:
25:75:59:78:53:64:10:e5:bb:eb:11:b1:7a:84:03:
50:48:95:69:da:f4:57:f5:ac:10:53:ea:f0:e4:db:
73:cc:7c:1d:32:20:1c:3a:cc:32:43:95:e7:c5:d0:
6e:86:3c:8c:e6:1c:46:4e:cb:7a:87:a9:fd:f7:6d:
14:e5:d6:f6:d8:40:67:83:86:70:e7:e4:cb:1d:16:
5a:25:13:42:32:a7:c0:c4:41:18:a3:a3:ca:25:78:
5f:81:be:2e:6e:9e:69:e3:f5:cc:2f:2f:35:a2:e3:
16:0b:19:6e:b0:ea:42:04:e0:74:35:df:69:81:f1:
5e:04:1e:12:1b:0e:ea:0a:46:0c:18:b8:b0:85:d8:
0f:7e:ec:54:c2:92:80:3d:23:f2:07:8a:74:32:90:
cf:49:48:26:5f:d2:21:3b:20:e6:fd:36:4e:98:bc:
36:87:d4:8e:6f:f0:c8:91:2f:53:35:08:0f:1a:f7:
31:6d:a7:bb:3d:f9:67:11:56:47:01:73:e1:81:9d:
cb:e9:f6:8b:dc:7f:1e:b6:2d:78:5f:8a:e5:16:3a:
ca:fb:d2:53:c8:79:d7:df:8a:75:44:55:32:c3:dc:
c7:38:24:6d:6c:67:c9:96:cd:65:b2:1d:67:0b:80:
94:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:64:26:3D:B9:5E:79:D6:82:E8:B9:19:54:F0:D8:72:E2:1A:AF:9E
X509v3 Authority Key Identifier:
keyid:42:CA:1A:1E:3D:09:25:42:33:10:C1:54:B5:02:C2:84:28:88:E6:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsoaHj0JJUIzEMFUtQLChCiI5hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/mmQmPbleedaC6LkZVPDYcuIar54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/92b8ae-9c09-443c-b8ba-436bfb9e77ed/1/QsoaHj0JJUIzEMFUtQLChCiI5hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.32.0/22
46.30.104.0/21
Signature Algorithm: sha256WithRSAEncryption
32:eb:07:6e:2c:ea:c6:07:8a:55:9e:64:ec:22:df:69:72:db:
78:4d:5e:f5:cb:c2:42:5b:0a:e7:cb:84:17:8c:91:8e:a2:0f:
43:e1:b8:47:0c:48:01:9d:ca:6c:42:df:51:08:7c:26:e9:b7:
f6:54:d8:59:16:17:65:5d:2c:07:8b:83:27:9d:ec:dd:b1:57:
6d:6b:5e:99:20:83:34:84:79:3f:0b:c5:d2:24:62:28:4e:0b:
b2:61:3e:72:7a:59:d8:da:a1:bd:de:7a:f5:7d:b3:a6:cd:44:
fa:07:fd:bb:99:a4:19:1e:81:be:21:91:d0:65:e7:fb:0d:b7:
b8:8c:e4:75:73:4d:df:0b:e7:cd:b5:05:b3:15:09:41:f0:b3:
4d:5e:01:d5:86:ff:68:a9:83:d2:ba:08:5e:0c:a9:5c:4c:d4:
95:a2:b2:c7:d3:dd:06:da:51:00:70:86:7b:a2:31:ce:ef:48:
3f:2a:ff:04:0a:ec:cd:63:2b:25:32:4a:03:cd:d9:23:88:a3:
0d:60:aa:73:c3:ad:ed:0b:5a:ff:08:b0:00:42:97:5c:33:38:
cf:f7:a7:7b:ca:84:18:cf:d4:80:6e:fa:57:f2:a8:e4:7a:09:
1b:c0:a5:0b:ca:37:aa:7a:1b:53:41:4b:7d:67:30:ca:a6:93:
d2:37:a2:c7
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEoBQNTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MmNhMWExZTNkMDkyNTQyMzMxMGMxNTRiNTAyYzI4NDI4ODhlNjEyMB4XDTIyMDIx
NDA5MzYwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWE2NDI2M2RiOTVl
NzlkNjgyZThiOTE5NTRmMGQ4NzJlMjFhYWY5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJungUwx/TjOvUBPH2TyJXVZeFNkEOW76xGxeoQDUEiVadr0
V/WsEFPq8OTbc8x8HTIgHDrMMkOV58XQboY8jOYcRk7Leoep/fdtFOXW9thAZ4OG
cOfkyx0WWiUTQjKnwMRBGKOjyiV4X4G+Lm6eaeP1zC8vNaLjFgsZbrDqQgTgdDXf
aYHxXgQeEhsO6gpGDBi4sIXYD37sVMKSgD0j8geKdDKQz0lIJl/SITsg5v02Tpi8
NofUjm/wyJEvUzUIDxr3MW2nuz35ZxFWRwFz4YGdy+n2i9x/HrYteF+K5RY6yvvS
U8h519+KdURVMsPcxzgkbWxnyZbNZbIdZwuAlK8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSaZCY9uV551oLouRlU8Nhy4hqvnjAfBgNVHSMEGDAWgBRCyhoePQklQjMQ
wVS1AsKEKIjmEjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Fzb2FIajBKSlVJekVNRlV0UUxDaENpSTVoSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTYvOTJiOGFlLTljMDktNDQzYy1iOGJhLTQzNmJmYjllNzdlZC8x
L21tUW1QYmxlZWRhQzZMa1pWUERZY3VJYXI1NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYv
OTJiOGFlLTljMDktNDQzYy1iOGJhLTQzNmJmYjllNzdlZC8xL1Fzb2FIajBKSlVJ
ekVNRlV0UUxDaENpSTVoSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2bIAMEAy4eaDANBgkqhkiG9w0B
AQsFAAOCAQEAMusHbizqxgeKVZ5k7CLfaXLbeE1e9cvCQlsK58uEF4yRjqIPQ+G4
RwxIAZ3KbELfUQh8Jum39lTYWRYXZV0sB4uDJ53s3bFXbWtemSCDNIR5PwvF0iRi
KE4LsmE+cnpZ2Nqhvd569X2zps1E+gf9u5mkGR6BviGR0GXn+w23uIzkdXNN3wvn
zbUFsxUJQfCzTV4B1Yb/aKmD0roIXgypXEzUlaKyx9PdBtpRAHCGe6Ixzu9IPyr/
BArszWMrJTJKA83ZI4ijDWCqc8Ot7Qta/wiwAEKXXDM4z/ene8qEGM/UgG76V/Ko
5HoJG8ClC8o3qnobU0FLfWcwyqaT0jeixw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:19 2025 by rpki-client