Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/qMCQXG14Z3wK0MwMqR9ECYLgDC0.roa
File: qMCQXG14Z3wK0MwMqR9ECYLgDC0.roa (raw, json)
Hash identifier: /mfvL9XYtR8YeGs1qb/v+8H8CyAs+SD/5uFN42JWRaI=
Subject key identifier: A8:C0:90:5C:6D:78:67:7C:0A:D0:CC:0C:A9:1F:44:09:82:E0:0C:2D
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01825B07068E73D7EB7BA94D1C8E4289BCD4
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/qMCQXG14Z3wK0MwMqR9ECYLgDC0.roa
Signing time: Mon 01 Aug 2022 20:09:23 +0000
ROA not before: Mon 01 Aug 2022 20:09:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196695
IP address blocks: 45.129.236.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5b:07:06:8e:73:d7:eb:7b:a9:4d:1c:8e:42:89:bc:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Aug 1 20:09:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8c0905c6d78677c0ad0cc0ca91f440982e00c2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:58:cd:93:50:af:3c:0b:8e:98:9f:91:ea:c0:
52:ef:a4:6f:9b:06:90:51:5f:ca:95:cf:81:97:d1:
cc:02:db:1b:01:fc:24:5a:7c:ab:e1:4f:aa:14:8f:
ef:f0:78:b2:94:01:3d:71:8d:51:3a:b8:04:e9:c3:
cc:2b:3d:0a:24:b9:17:78:11:72:16:52:16:56:d0:
db:16:4f:42:35:bc:42:f2:4e:b7:97:51:7c:b2:44:
37:e8:92:39:5c:06:2c:e2:b9:37:52:6e:b3:dd:57:
9c:ed:b5:f2:37:27:0a:1b:8d:2f:54:8a:84:c7:f7:
e1:c2:e9:8f:31:3e:9c:8b:68:ed:66:1b:d8:a7:dc:
36:fd:07:5e:b6:0b:fa:45:43:8f:72:cf:01:14:21:
b4:fe:b4:fe:c3:83:d1:00:fa:83:f1:3b:9c:b7:dd:
f1:33:77:28:6d:e9:91:02:32:2a:50:20:0f:cc:26:
56:37:db:5a:a2:cc:d3:65:70:dd:6c:25:f2:0d:e5:
46:c9:9a:03:d5:ae:10:59:54:92:62:e9:f6:72:1b:
11:c8:40:8e:89:e8:47:be:8e:54:a5:dd:6d:56:86:
05:69:64:e2:c6:58:eb:6b:27:95:54:9c:19:c5:fa:
2e:aa:63:f5:32:93:2a:84:50:00:6e:90:12:71:7a:
1b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C0:90:5C:6D:78:67:7C:0A:D0:CC:0C:A9:1F:44:09:82:E0:0C:2D
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/qMCQXG14Z3wK0MwMqR9ECYLgDC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.236.0/24
Signature Algorithm: sha256WithRSAEncryption
37:ef:bc:49:78:c4:b6:8d:13:dd:60:63:c2:7a:6f:5e:50:b2:
5a:f1:5b:3c:ca:2b:e3:df:6a:94:aa:c3:94:4b:61:ab:6c:cf:
b7:f3:2a:39:d0:95:49:0b:9b:6d:4c:9d:17:82:4b:42:f3:d6:
88:c4:c7:94:1d:7a:96:1a:1c:3a:ed:71:f5:57:aa:85:f7:d9:
fb:41:b8:c5:18:fe:c1:74:aa:da:47:3d:22:b7:2f:6c:1b:70:
39:6e:9f:2e:b4:bc:a2:a4:e9:e3:9c:a2:26:e6:ff:8d:07:3c:
18:92:cb:3c:dc:cf:48:8c:cd:f2:be:68:1b:95:f5:80:a2:39:
ce:23:e1:49:eb:fc:5a:1d:00:bb:bd:0e:f1:1f:d7:6b:d2:e4:
f3:09:5e:48:19:48:2a:68:dc:c4:24:57:37:08:89:de:2e:56:
bf:40:de:cb:ca:98:2a:ad:9f:65:83:50:dc:ec:e6:96:36:09:
c4:43:46:98:bb:f9:33:2c:f6:16:4c:a5:58:1d:18:16:16:e9:
15:21:da:7f:73:97:18:51:77:9e:06:a7:cd:af:5b:a3:05:4c:
e6:f6:02:d6:2a:4f:39:02:3e:a2:1a:81:45:63:45:19:34:1d:
b2:08:20:3b:44:d2:b8:72:1f:49:31:cd:b3:7d:ad:4d:3c:15:
22:e1:a8:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJbBwaOc9fre6lNHI5CibzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjIwODAxMjAwOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGMwOTA1YzZkNzg2NzdjMGFkMGNjMGNhOTFmNDQwOTgyZTAwYzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFjNk1CvPAuOmJ+R6sBS76RvmwaQ
UV/Klc+Bl9HMAtsbAfwkWnyr4U+qFI/v8HiylAE9cY1ROrgE6cPMKz0KJLkXeBFy
FlIWVtDbFk9CNbxC8k63l1F8skQ36JI5XAYs4rk3Um6z3Vec7bXyNycKG40vVIqE
x/fhwumPMT6ci2jtZhvYp9w2/Qdetgv6RUOPcs8BFCG0/rT+w4PRAPqD8Tuct93x
M3cobemRAjIqUCAPzCZWN9taoszTZXDdbCXyDeVGyZoD1a4QWVSSYun2chsRyECO
iehHvo5Upd1tVoYFaWTixljrayeVVJwZxfouqmP1MpMqhFAAbpAScXobMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjAkFxteGd8CtDMDKkfRAmC4AwtMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvcU1DUVhHMTRaM3dLME13TXFSOUVDWUxnREMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYHsMA0G
CSqGSIb3DQEBCwUAA4IBAQA377xJeMS2jRPdYGPCem9eULJa8Vs8yivj32qUqsOU
S2GrbM+38yo50JVJC5ttTJ0XgktC89aIxMeUHXqWGhw67XH1V6qF99n7QbjFGP7B
dKraRz0ity9sG3A5bp8utLyipOnjnKIm5v+NBzwYkss83M9IjM3yvmgblfWAojnO
I+FJ6/xaHQC7vQ7xH9dr0uTzCV5IGUgqaNzEJFc3CIneLla/QN7LypgqrZ9lg1Dc
7OaWNgnEQ0aYu/kzLPYWTKVYHRgWFukVIdp/c5cYUXeeBqfNr1ujBUzm9gLWKk85
Aj6iGoFFY0UZNB2yCCA7RNK4ch9JMc2zfa1NPBUi4ags
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org