Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/8-uq9aPxqOgkHcPfc1TUkFN2r74.roa
File: 8-uq9aPxqOgkHcPfc1TUkFN2r74.roa (raw, json)
Hash identifier: JYgoq0JXMoaTFTRf0MTnDQN/wsZtWYYMCip6/Nerk7E=
Subject key identifier: F3:EB:AA:F5:A3:F1:A8:E8:24:1D:C3:DF:73:54:D4:90:53:76:AF:BE
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 018AA170F91D97F61C8D2299A0FA68A13508
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/8-uq9aPxqOgkHcPfc1TUkFN2r74.roa
Signing time: Sun 17 Sep 2023 04:40:50 +0000
ROA not before: Sun 17 Sep 2023 04:40:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.150.175.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a1:70:f9:1d:97:f6:1c:8d:22:99:a0:fa:68:a1:35:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Sep 17 04:40:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3ebaaf5a3f1a8e8241dc3df7354d4905376afbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ac:d9:99:88:d4:1b:77:53:7a:34:b5:c5:79:
d3:fb:89:0e:68:b4:2c:c2:5c:f0:da:a0:e7:4a:d2:
23:23:4c:f7:ba:71:c5:b8:3d:6c:70:72:08:eb:04:
83:8f:b2:73:1c:c0:f1:97:5d:d9:2d:31:0c:9c:ab:
da:50:d4:51:80:55:18:82:91:ae:01:20:58:4d:ac:
11:36:b0:1d:2b:a0:49:05:5a:61:e2:a3:2b:fd:ab:
5a:de:7f:d7:fe:0a:bd:d2:e6:dd:91:a5:1c:ea:3b:
88:a5:69:6d:fd:fc:d5:ae:72:89:81:09:4b:7f:0e:
b7:79:10:ad:11:16:e9:bd:c2:d8:26:3b:13:3d:c5:
a5:fc:88:0d:58:05:7a:f4:0b:63:26:e0:79:d5:f9:
48:c5:dd:2e:d6:1d:99:e7:e5:7a:f4:99:6c:4a:4b:
93:55:e7:5b:46:82:b2:17:98:d3:95:72:85:34:2a:
76:2f:65:2a:0a:a4:45:19:93:05:e3:42:97:5c:70:
d8:9f:bf:b8:1c:c1:9d:d4:4e:e8:ac:17:86:f9:aa:
2f:55:45:e9:13:ed:de:95:e3:9d:e3:f7:76:ec:57:
0e:d0:e8:5b:64:56:76:de:bc:eb:09:95:54:6d:3f:
d1:56:35:ab:bd:86:9d:d4:f2:b3:fc:48:7e:db:53:
33:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:EB:AA:F5:A3:F1:A8:E8:24:1D:C3:DF:73:54:D4:90:53:76:AF:BE
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/8-uq9aPxqOgkHcPfc1TUkFN2r74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.175.0/24
Signature Algorithm: sha256WithRSAEncryption
08:46:6a:81:42:f7:db:fc:37:3f:b1:5d:25:ef:32:6d:c3:eb:
a0:25:09:56:6c:16:30:8a:1d:29:6e:d7:59:33:10:32:f4:25:
54:d0:30:2e:f3:39:ff:47:ce:56:70:c4:7a:8a:6c:b0:8b:d6:
5e:94:52:1d:c5:c4:b4:80:5b:d8:f0:99:bd:fb:58:1a:3e:74:
7e:25:a9:10:0d:16:85:a0:ef:b8:78:68:81:3c:c9:9a:8a:db:
48:6e:0a:28:3e:79:d2:3e:41:9e:62:c2:8f:ed:0f:1b:b2:ce:
40:11:f9:93:69:69:da:c1:f1:07:97:ec:49:be:d0:28:71:7e:
f4:24:26:dc:61:95:29:6a:67:9a:92:86:e6:8c:f9:54:ee:42:
14:15:87:fe:07:27:bc:3a:8f:b7:3f:b4:df:a6:52:28:72:c9:
65:89:b0:e1:46:2f:15:c6:49:ab:89:25:89:88:07:fd:ee:c5:
45:03:1e:c9:1f:7f:c8:4d:2d:d3:7e:40:87:7c:aa:9c:05:58:
2d:6c:3d:b4:36:8f:6c:ec:d4:c6:8e:34:94:47:5a:d3:78:13:
d6:5f:78:83:e1:58:f5:98:cf:15:c0:c2:68:39:28:1e:86:a3:
cb:d2:ca:b3:78:83:0a:dc:ec:f8:61:52:33:5c:79:3d:21:ec:
f1:70:1d:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqhcPkdl/YcjSKZoPpooTUIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjMwOTE3MDQ0MDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2ViYWFmNWEzZjFhOGU4MjQxZGMzZGY3MzU0ZDQ5MDUzNzZhZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2KzZmYjUG3dTejS1xXnT+4kOaLQs
wlzw2qDnStIjI0z3unHFuD1scHII6wSDj7JzHMDxl13ZLTEMnKvaUNRRgFUYgpGu
ASBYTawRNrAdK6BJBVph4qMr/ata3n/X/gq90ubdkaUc6juIpWlt/fzVrnKJgQlL
fw63eRCtERbpvcLYJjsTPcWl/IgNWAV69AtjJuB51flIxd0u1h2Z5+V69JlsSkuT
VedbRoKyF5jTlXKFNCp2L2UqCqRFGZMF40KXXHDYn7+4HMGd1E7orBeG+aovVUXp
E+3eleOd4/d27FcO0OhbZFZ23rzrCZVUbT/RVjWrvYad1PKz/Eh+21MzQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPPrqvWj8ajoJB3D33NU1JBTdq++MB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvOC11cTlhUHhxT2drSGNQZmMxVFVrRk4ycjc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZavMA0G
CSqGSIb3DQEBCwUAA4IBAQAIRmqBQvfb/Dc/sV0l7zJtw+ugJQlWbBYwih0pbtdZ
MxAy9CVU0DAu8zn/R85WcMR6imywi9ZelFIdxcS0gFvY8Jm9+1gaPnR+JakQDRaF
oO+4eGiBPMmaittIbgooPnnSPkGeYsKP7Q8bss5AEfmTaWnawfEHl+xJvtAocX70
JCbcYZUpameakobmjPlU7kIUFYf+Bye8Oo+3P7TfplIocsllibDhRi8VxkmriSWJ
iAf97sVFAx7JH3/ITS3TfkCHfKqcBVgtbD20No9s7NTGjjSUR1rTeBPWX3iD4Vj1
mM8VwMJoOSgehqPL0sqzeIMK3Oz4YVIzXHk9IezxcB2S
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:06:05 2025 by rpki-client