Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/CsnhsmXOk4gfqKKj_aBy_DqaEB0.roa
File: CsnhsmXOk4gfqKKj_aBy_DqaEB0.roa (raw, json)
Hash identifier: Yu4DmzkuMw63MdC8oCaXORzPUMY4ZPWgKml7LwG0fjk=
Subject key identifier: 0A:C9:E1:B2:65:CE:93:88:1F:A8:A2:A3:FD:A0:72:FC:3A:9A:10:1D
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 03EF44A2
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/CsnhsmXOk4gfqKKj_aBy_DqaEB0.roa
Signing time: Wed 02 Feb 2022 15:31:39 +0000
ROA not before: Wed 02 Feb 2022 15:31:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49854
IP address blocks: 45.146.40.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66012322 (0x3ef44a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Feb 2 15:31:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ac9e1b265ce93881fa8a2a3fda072fc3a9a101d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:59:3d:03:02:74:69:46:26:25:e5:94:88:ec:
83:f0:e1:c9:e2:97:a8:34:bb:63:e6:34:c1:52:df:
0a:93:7a:22:6b:0c:a4:01:94:46:4b:e9:fe:16:f2:
32:d9:2d:02:32:73:6d:7c:5e:35:fe:4c:33:39:71:
69:88:f1:f3:99:72:2e:41:a3:77:20:13:41:6a:ea:
45:26:60:ea:df:33:4c:6e:0a:02:06:71:30:3c:02:
c3:d2:e5:7d:81:c2:95:7a:13:e5:a8:ea:41:c5:46:
30:00:0e:e9:f2:53:4e:b5:c4:1e:b3:4b:0c:4f:8d:
d2:ab:ab:0c:c3:db:7f:65:03:00:db:9e:fb:d1:e7:
25:91:a1:94:6b:a9:e4:1b:0b:ab:a1:66:9c:e3:bb:
ca:ff:53:fb:13:13:12:f9:8b:40:85:aa:7c:14:d7:
91:f8:10:3d:d9:94:c7:24:58:1d:7b:91:7e:20:36:
c7:4a:3d:bb:b8:f3:7b:47:ec:76:3a:f0:fc:8b:91:
af:8d:b3:9e:56:b9:7a:1f:75:8b:bd:2e:59:27:41:
c2:97:24:06:ce:87:d6:31:07:00:a1:82:b7:a1:e0:
a9:68:a3:0c:00:73:32:18:e6:e7:67:f0:8e:24:5d:
77:32:a9:a7:74:c4:35:22:82:71:85:c5:38:28:17:
2c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:C9:E1:B2:65:CE:93:88:1F:A8:A2:A3:FD:A0:72:FC:3A:9A:10:1D
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/CsnhsmXOk4gfqKKj_aBy_DqaEB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.40.0/24
Signature Algorithm: sha256WithRSAEncryption
06:54:50:0a:06:2b:cf:dd:73:0f:fd:fa:90:92:0a:a8:99:79:
e7:11:36:4e:25:fa:c6:75:10:4f:a0:58:ab:1e:ca:ec:f3:f1:
eb:97:43:f7:fc:cd:84:33:80:ab:41:34:06:12:6f:eb:ee:72:
95:5b:70:f2:aa:4b:48:64:68:d6:e7:fd:8c:e3:f7:dc:85:d0:
a6:f4:98:fb:98:5b:bf:cf:ac:b2:7b:e9:ee:93:48:c8:e5:c5:
38:a9:1b:5e:c3:83:c5:cd:ec:4a:77:2f:ca:64:9c:82:9d:e2:
99:07:7b:2c:75:db:0d:fd:80:10:08:89:8c:e4:cd:9e:aa:d5:
7f:7c:3f:60:56:9b:54:4c:61:17:79:ce:72:b8:76:b0:fd:0f:
0a:a6:89:ed:62:c7:63:e9:3f:6e:b4:36:a8:44:f1:2b:72:7a:
cc:13:d5:5f:fb:cd:04:06:70:9a:8a:50:57:ce:c3:8f:84:f5:
58:a0:a7:e1:3a:bf:24:70:73:52:90:bb:db:11:43:5b:2f:c0:
02:c9:82:87:73:c5:e5:28:aa:b9:61:69:1b:c4:eb:18:c6:79:
7e:46:34:13:12:33:dd:0c:e8:d2:87:69:30:4f:e0:e2:df:b8:
2d:49:d1:81:fd:6e:00:fa:bd:aa:70:8d:1f:3f:7e:77:84:86:
6c:d0:67:df
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+9EojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGEzOTQxYzI3Y2ZlNWMyMzRjNGJmMjIxZWNiMmE1NzliMmRlYWFiMB4XDTIyMDIw
MjE1MzEzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGFjOWUxYjI2NWNl
OTM4ODFmYThhMmEzZmRhMDcyZmMzYTlhMTAxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1ZPQMCdGlGJiXllIjsg/DhyeKXqDS7Y+Y0wVLfCpN6ImsM
pAGURkvp/hbyMtktAjJzbXxeNf5MMzlxaYjx85lyLkGjdyATQWrqRSZg6t8zTG4K
AgZxMDwCw9LlfYHClXoT5ajqQcVGMAAO6fJTTrXEHrNLDE+N0qurDMPbf2UDANue
+9HnJZGhlGup5BsLq6FmnOO7yv9T+xMTEvmLQIWqfBTXkfgQPdmUxyRYHXuRfiA2
x0o9u7jze0fsdjrw/IuRr42znla5eh91i70uWSdBwpckBs6H1jEHAKGCt6HgqWij
DABzMhjm52fwjiRddzKpp3TENSKCcYXFOCgXLLsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQKyeGyZc6TiB+ooqP9oHL8OpoQHTAfBgNVHSMEGDAWgBRdo5QcJ8/lwjTE
vyIeyypXmy3qqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hhT1VIQ2ZQNWNJMHhMOGlIc3NxVjVzdDZxcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvMzBlZDNlLWM0YzQtNGRlOC1iNGYxLWYxMWEzOWYyNmMzYi8x
L0NzbmhzbVhPazRnZnFLS2pfYUJ5X0RxYUVCMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
MzBlZDNlLWM0YzQtNGRlOC1iNGYxLWYxMWEzOWYyNmMzYi8xL1hhT1VIQ2ZQNWNJ
MHhMOGlIc3NxVjVzdDZxcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2SKDANBgkqhkiG9w0BAQsFAAOC
AQEABlRQCgYrz91zD/36kJIKqJl55xE2TiX6xnUQT6BYqx7K7PPx65dD9/zNhDOA
q0E0BhJv6+5ylVtw8qpLSGRo1uf9jOP33IXQpvSY+5hbv8+ssnvp7pNIyOXFOKkb
XsODxc3sSncvymScgp3imQd7LHXbDf2AEAiJjOTNnqrVf3w/YFabVExhF3nOcrh2
sP0PCqaJ7WLHY+k/brQ2qETxK3J6zBPVX/vNBAZwmopQV87Dj4T1WKCn4Tq/JHBz
UpC72xFDWy/AAsmCh3PF5SiquWFpG8TrGMZ5fkY0ExIz3Qzo0odpME/g4t+4LUnR
gf1uAPq9qnCNHz9+d4SGbNBn3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org