Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/q0xNEC7zNAMiaHN696PT4WYtcY4.roa
File: q0xNEC7zNAMiaHN696PT4WYtcY4.roa (raw, json)
Hash identifier: D6BtzVkjSnhfoDoYmyFXp3alJPWK20pmYpbJaserTZo=
Subject key identifier: AB:4C:4D:10:2E:F3:34:03:22:68:73:7A:F7:A3:D3:E1:66:2D:71:8E
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 018CC86FBE2430FE2F3185C7E968930AB606
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/q0xNEC7zNAMiaHN696PT4WYtcY4.roa
Signing time: Tue 02 Jan 2024 04:30:15 +0000
ROA not before: Tue 02 Jan 2024 04:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35297
IP address blocks: 45.142.39.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:be:24:30:fe:2f:31:85:c7:e9:68:93:0a:b6:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 2 04:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab4c4d102ef334032268737af7a3d3e1662d718e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e4:cb:60:2f:55:2e:e8:c8:a0:94:68:0d:91:
b1:1f:2e:b2:24:12:e6:a6:e6:a0:62:cc:ed:2f:f8:
78:c2:cf:7f:7b:f5:2e:b5:56:f2:ab:8b:50:f7:cb:
4e:6f:f1:a0:bd:54:c3:ef:26:da:22:f9:d1:eb:de:
c6:95:07:3e:94:21:26:d4:3c:0f:0f:c4:b8:72:e6:
49:2c:e8:bb:ee:2d:94:5e:d7:4f:28:1a:be:b9:72:
1a:e0:2b:64:42:42:3e:65:6f:55:05:48:e9:e3:ea:
ec:1b:cb:b6:46:9c:b9:18:44:4e:83:71:58:7f:88:
ad:8b:38:4c:23:18:d6:57:01:52:12:d8:ea:73:0a:
24:24:40:67:59:43:b9:3d:14:c3:a6:18:46:0c:33:
d7:63:49:7d:ae:12:ed:24:65:5f:e0:13:54:1c:15:
57:20:e2:5c:d6:3d:9c:82:a3:4b:f8:9c:7f:b1:22:
2b:70:fb:a7:79:04:34:4f:57:a7:fb:79:46:78:8c:
8e:d9:14:81:fb:ea:e2:fb:33:e0:ca:8f:6f:29:35:
0d:d5:f4:bc:32:99:49:2a:ad:2a:99:cc:d7:b7:da:
8b:39:78:cc:fb:48:e1:21:fc:d0:0a:4a:6f:e2:af:
e5:44:c8:2d:5c:d6:e8:6d:da:dd:af:3c:bc:17:61:
89:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:4C:4D:10:2E:F3:34:03:22:68:73:7A:F7:A3:D3:E1:66:2D:71:8E
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/q0xNEC7zNAMiaHN696PT4WYtcY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.39.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:a9:76:ad:0a:0a:b4:35:f8:5c:2b:80:a8:8d:7d:aa:cf:37:
88:56:f4:dc:74:c2:36:44:1f:bc:8a:d4:fe:b8:88:7d:6b:03:
ec:8a:0d:85:4f:39:9d:9c:60:e6:95:e1:a5:17:61:48:9c:56:
f2:c7:22:22:f0:66:8d:60:ae:ee:e0:14:c8:e0:93:4a:c7:fd:
0a:78:fe:20:09:83:af:a0:b6:85:2f:c3:08:65:23:c8:54:92:
84:f0:cf:c1:37:e0:2d:f1:f0:f0:5c:dd:84:9c:7c:ca:b4:be:
18:04:37:a4:00:1b:c4:e3:60:ae:02:3d:fd:d2:4a:f7:6b:01:
56:2f:17:c5:4a:26:fe:7f:01:df:bc:70:7f:2c:ac:35:b2:45:
27:d9:1a:2d:2e:e6:44:6c:6b:ec:0c:b4:4f:ef:84:f5:e0:72:
41:4a:40:36:ee:77:33:d5:c6:a8:93:e0:40:74:df:c7:12:dd:
44:6c:c8:2d:81:c7:38:19:0d:31:3f:5b:8f:e9:fc:21:83:f6:
de:80:db:01:87:22:25:47:53:22:16:8a:9b:ab:e5:61:75:00:
e5:97:53:17:d9:15:07:7f:18:27:f4:7e:a9:7a:06:8a:ba:7e:
45:c4:9f:17:62:04:54:54:bf:e0:f5:4f:72:1c:ad:bc:28:fc:
a0:ac:cb:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb74kMP4vMYXH6WiTCrYGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQwMTAyMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjRjNGQxMDJlZjMzNDAzMjI2ODczN2FmN2EzZDNlMTY2MmQ3MThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuTLYC9VLujIoJRoDZGxHy6yJBLm
puagYsztL/h4ws9/e/UutVbyq4tQ98tOb/GgvVTD7ybaIvnR697GlQc+lCEm1DwP
D8S4cuZJLOi77i2UXtdPKBq+uXIa4CtkQkI+ZW9VBUjp4+rsG8u2Rpy5GEROg3FY
f4itizhMIxjWVwFSEtjqcwokJEBnWUO5PRTDphhGDDPXY0l9rhLtJGVf4BNUHBVX
IOJc1j2cgqNL+Jx/sSIrcPuneQQ0T1en+3lGeIyO2RSB++ri+zPgyo9vKTUN1fS8
MplJKq0qmczXt9qLOXjM+0jhIfzQCkpv4q/lRMgtXNbobdrdrzy8F2GJewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKtMTRAu8zQDImhzevej0+FmLXGOMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvcTB4TkVDN3pOQU1pYUhONjk2UFQ0V1l0Y1k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY4nMA0G
CSqGSIb3DQEBCwUAA4IBAQB6qXatCgq0NfhcK4CojX2qzzeIVvTcdMI2RB+8itT+
uIh9awPsig2FTzmdnGDmleGlF2FInFbyxyIi8GaNYK7u4BTI4JNKx/0KeP4gCYOv
oLaFL8MIZSPIVJKE8M/BN+At8fDwXN2EnHzKtL4YBDekABvE42CuAj390kr3awFW
LxfFSib+fwHfvHB/LKw1skUn2RotLuZEbGvsDLRP74T14HJBSkA27ncz1caok+BA
dN/HEt1EbMgtgcc4GQ0xP1uP6fwhg/begNsBhyIlR1MiFoqbq+VhdQDll1MX2RUH
fxgn9H6pegaKun5FxJ8XYgRUVL/g9U9yHK28KPygrMt8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org