Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/CqCELHp9riR5QedRxLybOI38kEQ.roa
File: CqCELHp9riR5QedRxLybOI38kEQ.roa (raw, json)
Hash identifier: 1HiFCeaAOwC98JAS9l9PfM6GnFQ1ZUetkcxa2PHKFlk=
Subject key identifier: 0A:A0:84:2C:7A:7D:AE:24:79:41:E7:51:C4:BC:9B:38:8D:FC:90:44
Certificate issuer: /CN=a04845af1dc0087b274cee52a4a9e0880335435d
Certificate serial: 018F23DB030A425E22957B045FE4EB7756F0
Authority key identifier: A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/CqCELHp9riR5QedRxLybOI38kEQ.roa
Signing time: Sun 28 Apr 2024 08:38:26 +0000
ROA not before: Sun 28 Apr 2024 08:38:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42910
IP address blocks: 46.235.8.0/24 maxlen: 32
46.235.9.0/24 maxlen: 24
46.235.10.0/24 maxlen: 32
46.235.11.0/24 maxlen: 32
178.210.160.0/24 maxlen: 24
178.210.161.0/24 maxlen: 24
178.210.162.0/24 maxlen: 24
178.210.163.0/24 maxlen: 24
178.210.164.0/24 maxlen: 24
178.210.165.0/24 maxlen: 24
178.210.166.0/24 maxlen: 24
178.210.168.0/24 maxlen: 24
178.210.169.0/24 maxlen: 24
178.210.170.0/24 maxlen: 24
178.210.171.0/24 maxlen: 24
178.210.172.0/24 maxlen: 24
178.210.173.0/24 maxlen: 24
178.210.174.0/24 maxlen: 24
178.210.175.0/24 maxlen: 24
178.210.176.0/24 maxlen: 24
178.210.177.0/24 maxlen: 24
178.210.178.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:23:db:03:0a:42:5e:22:95:7b:04:5f:e4:eb:77:56:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a04845af1dc0087b274cee52a4a9e0880335435d
Validity
Not Before: Apr 28 08:38:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0aa0842c7a7dae247941e751c4bc9b388dfc9044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d2:d7:aa:2d:80:ed:5b:d5:41:1a:58:08:40:
d4:84:02:55:16:bf:fc:c1:d7:4e:d5:6e:02:2d:16:
db:f5:ec:61:4a:90:05:61:0a:f3:40:b8:f7:ec:e7:
f7:72:13:1b:36:47:e6:d6:cd:08:f6:f9:ae:55:19:
7d:58:1f:70:ec:0f:54:e7:1a:93:f2:0d:3f:03:f5:
f1:a7:c8:88:6f:1a:25:e6:b6:1a:56:75:64:c3:81:
c8:2b:3f:e6:cd:ab:12:da:94:9a:c0:d3:6b:7c:cd:
83:e1:a6:2f:f5:ae:a1:7a:37:9d:c6:84:6a:b6:7b:
c6:e8:df:65:f7:dc:2f:ad:3c:4f:a3:d7:41:04:b9:
44:02:a8:9f:b1:ee:a3:08:b0:c7:b0:5e:aa:47:91:
b7:2b:88:ba:cb:71:43:13:fd:1d:87:10:20:18:67:
c7:6d:05:d7:aa:ff:99:cb:d4:5f:b5:ec:50:d3:24:
44:d5:eb:40:56:1e:2b:2c:2e:d5:c6:52:04:1f:82:
d7:33:18:51:76:8b:36:d9:b0:8d:bd:6c:44:6b:75:
1f:d5:38:b3:78:62:96:f3:f8:13:8b:6c:f9:b6:68:
e3:66:4b:69:08:a5:d0:56:48:fb:8a:e7:5e:0b:fc:
ea:e2:c2:2c:d7:38:53:07:32:64:94:61:01:3d:4a:
64:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A0:84:2C:7A:7D:AE:24:79:41:E7:51:C4:BC:9B:38:8D:FC:90:44
X509v3 Authority Key Identifier:
keyid:A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/CqCELHp9riR5QedRxLybOI38kEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.8.0/22
178.210.160.0-178.210.166.255
178.210.168.0-178.210.178.255
Signature Algorithm: sha256WithRSAEncryption
47:27:19:3c:53:d4:1d:f3:77:ff:d6:b7:ad:b7:8c:79:87:e4:
98:23:11:a7:08:c5:46:26:e1:5a:f5:d4:bb:01:a8:5a:d3:c2:
96:58:6a:7c:e3:a6:59:0f:8a:58:f6:d0:c7:ce:2f:24:c0:c6:
f8:8f:b7:75:93:9f:18:81:12:b2:78:2b:04:43:75:5a:ff:e2:
9f:b8:f8:25:5c:7a:cd:3e:fc:de:0c:28:29:99:5f:80:0e:ef:
7b:44:92:09:25:2f:64:3f:27:88:16:a9:83:6c:bc:7c:fc:d1:
9b:37:5b:a6:79:ef:d5:4f:1b:fa:e1:6a:db:88:52:dc:ff:75:
ff:0a:31:f4:26:8a:c6:2a:77:0a:e3:f8:ca:48:b6:95:20:f1:
0a:f6:5a:a6:12:4c:f6:45:b1:3e:63:25:d4:99:d8:82:68:d3:
49:b2:b3:1a:18:12:e3:3d:01:47:42:79:03:7d:e3:51:34:8f:
a5:27:43:90:88:c8:ba:d1:b4:6c:7f:7c:8d:4f:1f:cf:b8:f5:
fd:9a:dd:08:05:6e:b8:1d:a2:6e:e0:4b:df:e6:89:1f:fe:af:
0a:30:1c:03:46:c9:6c:da:6c:aa:c1:40:4f:5a:7c:04:65:3a:
3c:f8:9f:b4:8b:a1:1f:25:3b:70:d1:aa:22:c3:59:9e:86:98:
1e:b9:82:fd
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY8j2wMKQl4ilXsEX+Trd1bwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNDg0NWFmMWRjMDA4N2IyNzRjZWU1MmE0YTllMDg4MDMz
NTQzNWQwHhcNMjQwNDI4MDgzODI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWEwODQyYzdhN2RhZTI0Nzk0MWU3NTFjNGJjOWIzODhkZmM5MDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9LXqi2A7VvVQRpYCEDUhAJVFr/8
wddO1W4CLRbb9exhSpAFYQrzQLj37Of3chMbNkfm1s0I9vmuVRl9WB9w7A9U5xqT
8g0/A/Xxp8iIbxol5rYaVnVkw4HIKz/mzasS2pSawNNrfM2D4aYv9a6hejedxoRq
tnvG6N9l99wvrTxPo9dBBLlEAqifse6jCLDHsF6qR5G3K4i6y3FDE/0dhxAgGGfH
bQXXqv+Zy9RftexQ0yRE1etAVh4rLC7VxlIEH4LXMxhRdos22bCNvWxEa3Uf1Tiz
eGKW8/gTi2z5tmjjZktpCKXQVkj7iudeC/zq4sIs1zhTBzJklGEBPUpkbwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFAqghCx6fa4keUHnUcS8mziN/JBEMB8GA1UdIwQY
MBaAFKBIRa8dwAh7J0zuUqSp4IgDNUNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjct
NTA3MDExNTcwZWU2LzEvQ3FDRUxIcDlyaVI1UWVkUnhMeWJPSTM4a0VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjctNTA3MDExNTcwZWU2
LzEvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCLusIMAwD
BAWy0qADBACy0qYwDAMEA7LSqAMEALLSsjANBgkqhkiG9w0BAQsFAAOCAQEARycZ
PFPUHfN3/9a3rbeMeYfkmCMRpwjFRibhWvXUuwGoWtPCllhqfOOmWQ+KWPbQx84v
JMDG+I+3dZOfGIESsngrBEN1Wv/in7j4JVx6zT783gwoKZlfgA7ve0SSCSUvZD8n
iBapg2y8fPzRmzdbpnnv1U8b+uFq24hS3P91/wox9CaKxip3CuP4yki2lSDxCvZa
phJM9kWxPmMl1JnYgmjTSbKzGhgS4z0BR0J5A33jUTSPpSdDkIjIutG0bH98jU8f
z7j1/ZrdCAVuuB2ibuBL3+aJH/6vCjAcA0bJbNpsqsFAT1p8BGU6PPiftIuhHyU7
cNGqIsNZnoaYHrmC/Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:14 2025 by rpki-client