Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/HsqB3aZ1PtcyK88Zl4FkE4USVY4.roa
File: HsqB3aZ1PtcyK88Zl4FkE4USVY4.roa (raw, json)
Hash identifier: X9NnYdEzoUDou41ngrT77Bm/FlK7Mf3HSp4hJLyjGpM=
Subject key identifier: 1E:CA:81:DD:A6:75:3E:D7:32:2B:CF:19:97:81:64:13:85:12:55:8E
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01896553B5E6BC08DCAED356341ACD61CC07
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/HsqB3aZ1PtcyK88Zl4FkE4USVY4.roa
Signing time: Mon 17 Jul 2023 19:28:52 +0000
ROA not before: Mon 17 Jul 2023 19:28:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 45.134.25.0/24 maxlen: 24
45.139.53.0/24 maxlen: 24
45.139.55.0/24 maxlen: 24
45.139.52.0/24 maxlen: 24
45.132.128.0/24 maxlen: 24
45.132.129.0/24 maxlen: 24
185.188.41.0/24 maxlen: 24
45.146.24.0/24 maxlen: 24
45.152.116.0/24 maxlen: 24
45.152.117.0/24 maxlen: 24
2.56.138.0/24 maxlen: 24
45.159.84.0/24 maxlen: 24
45.134.24.0/24 maxlen: 24
45.159.87.0/24 maxlen: 24
45.131.47.0/24 maxlen: 24
176.222.57.0/24 maxlen: 24
176.222.56.0/24 maxlen: 24
176.222.59.0/24 maxlen: 24
45.146.27.0/24 maxlen: 24
45.146.25.0/24 maxlen: 24
45.149.129.0/24 maxlen: 24
2.59.49.0/24 maxlen: 24
45.133.31.0/24 maxlen: 24
45.89.231.0/24 maxlen: 24
91.236.121.0/24 maxlen: 24
45.138.213.0/24 maxlen: 24
45.138.214.0/24 maxlen: 24
91.206.68.0/24 maxlen: 24
45.147.15.0/24 maxlen: 24
45.147.12.0/24 maxlen: 24
45.147.13.0/24 maxlen: 24
45.147.14.0/24 maxlen: 24
45.153.224.0/24 maxlen: 24
45.153.225.0/24 maxlen: 24
45.153.226.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:65:53:b5:e6:bc:08:dc:ae:d3:56:34:1a:cd:61:cc:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jul 17 19:28:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1eca81dda6753ed7322bcf19978164138512558e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:8a:fa:59:37:83:0f:fa:b3:c6:be:63:f8:ca:
74:af:65:aa:6e:38:db:8a:81:ba:75:58:8a:4c:10:
fc:73:a2:e7:02:bb:db:3e:7e:8c:bb:31:5e:77:df:
4c:b5:e3:d9:3b:4b:e1:c5:2f:a6:52:53:e7:47:fb:
aa:4f:47:ba:db:35:b4:73:95:a1:d5:d5:fa:86:1f:
f6:38:be:23:4c:42:5f:ca:0f:2f:38:63:34:2e:f7:
1e:c0:64:6d:89:36:78:d9:79:7e:ab:2c:17:6a:d4:
44:28:b0:c5:24:04:3b:a3:a6:d8:f8:75:f4:43:d7:
cb:ad:0f:52:ca:a5:6d:8a:c6:f0:9c:85:0d:08:13:
39:cb:9f:2f:b0:01:99:be:1e:cd:c8:0a:cb:c0:72:
1c:12:91:46:1b:4a:20:b7:ca:b1:07:1d:7f:02:ff:
37:6f:c9:b5:54:49:ff:73:33:79:04:0a:d5:bc:3e:
5b:bf:57:7f:29:55:9b:53:92:28:29:2d:66:43:7c:
21:97:4f:26:51:a4:36:d3:a8:1b:05:5b:fc:44:fb:
ae:08:2c:de:a4:e8:cd:ac:3e:7b:fc:68:e1:fd:25:
22:2f:20:77:52:54:94:9f:9c:e4:aa:16:54:73:d6:
46:02:3d:b6:3f:f9:ec:e4:4e:29:4c:9b:89:24:1e:
19:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:CA:81:DD:A6:75:3E:D7:32:2B:CF:19:97:81:64:13:85:12:55:8E
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/HsqB3aZ1PtcyK88Zl4FkE4USVY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.138.0/24
2.59.49.0/24
45.89.231.0/24
45.131.47.0/24
45.132.128.0/23
45.133.31.0/24
45.134.24.0/23
45.138.213.0-45.138.214.255
45.139.52.0/23
45.139.55.0/24
45.146.24.0/23
45.146.27.0/24
45.147.12.0/22
45.149.129.0/24
45.152.116.0/23
45.153.224.0-45.153.226.255
45.159.84.0/24
45.159.87.0/24
91.206.68.0/24
91.236.121.0/24
176.222.56.0/23
176.222.59.0/24
185.188.41.0/24
Signature Algorithm: sha256WithRSAEncryption
62:54:ee:1f:ad:7d:bc:e6:60:b9:09:37:dc:e9:18:93:40:6d:
68:81:03:9b:f0:0c:8b:9d:d9:be:43:29:fb:9b:87:4c:d7:37:
1e:47:98:7a:14:a1:c2:15:62:78:e6:5e:83:44:de:63:34:be:
7f:d1:3b:40:4f:58:56:f0:0c:2d:09:4a:a1:d9:dd:2f:11:bd:
57:74:70:ea:d6:72:c8:91:c7:1f:cd:e3:b0:41:f4:a3:4d:5c:
3d:52:ba:28:d2:cd:c5:02:b7:ec:bf:b0:48:33:18:0f:ac:c4:
5e:74:0c:e0:5a:bb:53:14:ca:0c:99:51:d5:91:4c:bd:f8:6f:
94:78:06:55:ad:e1:c2:ce:0a:69:48:a9:0c:e7:d8:7a:ee:90:
4d:38:51:7a:26:35:f0:15:b6:36:e0:b0:05:1c:48:9e:a0:3d:
7b:a5:dc:84:99:7d:8b:b3:8d:74:97:41:cb:ce:f7:9a:d1:15:
43:6d:cf:a4:8e:24:6c:41:4d:f6:2d:fb:de:a5:eb:0f:03:64:
c6:b4:a3:a6:9d:f0:c1:79:c1:8e:f0:5e:61:bd:63:ad:78:f4:
91:e8:56:b9:2c:53:8e:f8:06:7c:13:23:51:ff:6e:9b:05:dd:
21:93:01:26:ea:03:02:81:78:eb:db:83:1c:3c:12:e9:b3:fc:
be:10:cd:25
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYllU7XmvAjcrtNWNBrNYcwHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwNzE3MTkyODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWNhODFkZGE2NzUzZWQ3MzIyYmNmMTk5NzgxNjQxMzg1MTI1NThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIr6WTeDD/qzxr5j+Mp0r2Wqbjjb
ioG6dViKTBD8c6LnArvbPn6MuzFed99MtePZO0vhxS+mUlPnR/uqT0e62zW0c5Wh
1dX6hh/2OL4jTEJfyg8vOGM0LvcewGRtiTZ42Xl+qywXatREKLDFJAQ7o6bY+HX0
Q9fLrQ9SyqVtisbwnIUNCBM5y58vsAGZvh7NyArLwHIcEpFGG0ogt8qxBx1/Av83
b8m1VEn/czN5BArVvD5bv1d/KVWbU5IoKS1mQ3whl08mUaQ206gbBVv8RPuuCCze
pOjNrD57/Gjh/SUiLyB3UlSUn5zkqhZUc9ZGAj22P/ns5E4pTJuJJB4ZdQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFB7Kgd2mdT7XMivPGZeBZBOFElWOMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvSHNxQjNhWjFQdGN5Szg4Wmw0RmtFNFVTVlk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBAAC
OIoDBAACOzEDBAAtWecDBAAtgy8DBAEthIADBAAthR8DBAEthhgwDAMEAC2K1QME
AC2K1gMEAS2LNAMEAC2LNwMEAS2SGAMEAC2SGwMEAi2TDAMEAC2VgQMEAS2YdDAM
AwQFLZngAwQALZniAwQALZ9UAwQALZ9XAwQAW85EAwQAW+x5AwQBsN44AwQAsN47
AwQAubwpMA0GCSqGSIb3DQEBCwUAA4IBAQBiVO4frX285mC5CTfc6RiTQG1ogQOb
8AyLndm+Qyn7m4dM1zceR5h6FKHCFWJ45l6DRN5jNL5/0TtAT1hW8AwtCUqh2d0v
Eb1XdHDq1nLIkccfzeOwQfSjTVw9Uroo0s3FArfsv7BIMxgPrMRedAzgWrtTFMoM
mVHVkUy9+G+UeAZVreHCzgppSKkM59h67pBNOFF6JjXwFbY24LAFHEieoD17pdyE
mX2Ls410l0HLzvea0RVDbc+kjiRsQU32LfvepesPA2TGtKOmnfDBecGO8F5hvWOt
ePSR6Fa5LFOO+AZ8EyNR/26bBd0hkwEm6gMCgXjr24McPBLps/y+EM0l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org