Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/gduNPw1Bkli-gmFcvzdTTeYmIYI.roa
File: gduNPw1Bkli-gmFcvzdTTeYmIYI.roa (raw, json)
Hash identifier: U+F15TkYIl6N8E0+o+Z5w5X8v8N3s2XLwKS5A2qB49w=
Subject key identifier: 81:DB:8D:3F:0D:41:92:58:BE:82:61:5C:BF:37:53:4D:E6:26:21:82
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 3C5608
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/gduNPw1Bkli-gmFcvzdTTeYmIYI.roa
Signing time: Sat 01 Jan 2022 00:56:05 +0000
ROA not before: Sat 01 Jan 2022 00:56:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 23470
IP address blocks: 45.150.172.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3954184 (0x3c5608)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Jan 1 00:56:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81db8d3f0d419258be82615cbf37534de6262182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:bf:ff:3d:31:b5:7e:90:39:7d:42:8f:34:d9:
bf:e0:a7:f3:d4:ae:a6:51:0a:8b:af:ce:f8:93:98:
24:ac:fc:f4:45:e7:75:a9:78:14:65:f4:cf:20:37:
de:6b:99:13:45:af:e9:f9:3f:cd:2d:68:b2:9b:a0:
0d:e2:37:e3:69:ef:f3:c1:19:cc:63:e3:cc:a6:18:
35:b3:74:fb:ef:74:15:02:63:24:75:5c:39:64:82:
a0:08:df:a3:a1:4a:e6:d7:dd:28:9a:34:53:bc:ee:
87:0a:93:1d:4c:63:c6:0b:d0:64:9a:11:20:f2:15:
2f:62:d8:45:3a:01:96:ee:ae:73:a0:63:41:0f:12:
cb:c5:57:19:ce:34:fe:d6:3b:1f:31:4f:59:e6:ff:
67:49:62:25:6f:58:43:7b:78:05:45:2c:fe:f9:b9:
08:86:48:79:55:90:35:ab:33:b1:30:76:31:e0:16:
7b:00:cb:6e:12:2e:c5:a0:c6:51:9d:27:3f:f1:b2:
60:4d:54:d4:0b:5f:e1:57:4d:ef:92:10:9a:e5:0f:
a0:05:df:6e:bf:8c:03:3f:b9:b2:82:79:28:47:9e:
8f:db:8f:59:d1:a2:49:90:8a:18:fc:34:2b:56:6d:
d1:51:6c:03:a7:df:2e:4a:72:2f:5e:0d:f4:4d:12:
86:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:DB:8D:3F:0D:41:92:58:BE:82:61:5C:BF:37:53:4D:E6:26:21:82
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/gduNPw1Bkli-gmFcvzdTTeYmIYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.172.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:f4:3c:8d:a6:98:8d:33:6f:65:6d:2c:b0:e1:a5:49:2b:c0:
5d:70:e0:99:b3:54:61:96:c7:b1:b8:4b:6c:5a:cd:3e:6f:e7:
16:36:a5:06:e2:51:98:4e:ee:56:e8:97:91:4c:47:5e:2e:fb:
14:b3:6a:dd:ce:86:86:8c:06:54:7b:ea:5b:28:bf:bc:57:64:
45:b9:34:ae:14:2d:3c:01:14:5d:67:0d:af:2f:d9:36:7c:00:
1d:05:b3:d2:20:55:10:e2:c9:4b:8c:ba:2f:4f:be:35:80:de:
75:44:57:db:15:42:49:a1:fd:06:d7:55:0b:e6:43:db:68:5e:
3d:44:f2:e7:0e:0d:03:61:90:b2:02:4a:bb:09:58:75:f6:ae:
92:44:0d:d0:2b:52:e2:aa:55:f7:3a:2f:68:6c:f9:74:36:c1:
15:d2:9a:ba:8a:ba:36:b9:58:96:66:a0:88:d8:51:c6:25:c7:
c5:e2:26:66:65:3e:62:46:f5:1b:37:31:84:91:76:d0:7a:cd:
26:10:25:13:af:20:ee:52:6a:ed:c8:d3:33:6c:8a:e2:61:81:
a2:16:c8:d8:8f:32:36:fd:a4:1b:3c:f5:e6:bf:5d:0b:ec:33:
f2:ee:92:8d:ca:01:1c:40:4b:b6:69:8f:48:d7:e3:92:71:a8:
d7:4f:54:a6
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDPFYIMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI4
MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNlNWZjNmQwHhcNMjIwMTAx
MDA1NjA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4MWRiOGQzZjBkNDE5
MjU4YmU4MjYxNWNiZjM3NTM0ZGU2MjYyMTgyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAy7//PTG1fpA5fUKPNNm/4Kfz1K6mUQqLr874k5gkrPz0Red1
qXgUZfTPIDfea5kTRa/p+T/NLWiym6AN4jfjae/zwRnMY+PMphg1s3T773QVAmMk
dVw5ZIKgCN+joUrm190omjRTvO6HCpMdTGPGC9BkmhEg8hUvYthFOgGW7q5zoGNB
DxLLxVcZzjT+1jsfMU9Z5v9nSWIlb1hDe3gFRSz++bkIhkh5VZA1qzOxMHYx4BZ7
AMtuEi7FoMZRnSc/8bJgTVTUC1/hV03vkhCa5Q+gBd9uv4wDP7mygnkoR56P249Z
0aJJkIoY/DQrVm3RUWwDp98uSnIvXg30TRKGTwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFIHbjT8NQZJYvoJhXL83U03mJiGCMB8GA1UdIwQYMBaAFCgQeraSHvjLLeyj
63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
S0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBlLzEv
Z2R1TlB3MUJrbGktZ21GY3Z6ZFRUZVltSVlJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8w
ODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBlLzEvS0JCNnRwSWUtTXN0
N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZasMA0GCSqGSIb3DQEBCwUAA4IB
AQAO9DyNppiNM29lbSyw4aVJK8BdcOCZs1RhlsexuEtsWs0+b+cWNqUG4lGYTu5W
6JeRTEdeLvsUs2rdzoaGjAZUe+pbKL+8V2RFuTSuFC08ARRdZw2vL9k2fAAdBbPS
IFUQ4slLjLovT741gN51RFfbFUJJof0G11UL5kPbaF49RPLnDg0DYZCyAkq7CVh1
9q6SRA3QK1LiqlX3Oi9obPl0NsEV0pq6iro2uViWZqCI2FHGJcfF4iZmZT5iRvUb
NzGEkXbQes0mECUTryDuUmrtyNMzbIriYYGiFsjYjzI2/aQbPPXmv10L7DPy7pKN
ygEcQEu2aY9I1+OScajXT1Sm
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:43:28 2025 by rpki-client