Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/DzBRE9tMey49DBtRZOMqRt2V1q4.roa
File: DzBRE9tMey49DBtRZOMqRt2V1q4.roa (raw, json)
Hash identifier: nwjqgFItKr21SFEc7stWkfRWWbv8zuHIlMlHuySx43o=
Subject key identifier: 0F:30:51:13:DB:4C:7B:2E:3D:0C:1B:51:64:E3:2A:46:DD:95:D6:AE
Certificate issuer: /CN=72e4baf99ab840129133285fe9ad7b83fd130c39
Certificate serial: 018CC56ECDD20883EAE29F9BEC0D3FAE1F6A
Authority key identifier: 72:E4:BA:F9:9A:B8:40:12:91:33:28:5F:E9:AD:7B:83:FD:13:0C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/DzBRE9tMey49DBtRZOMqRt2V1q4.roa
Signing time: Mon 01 Jan 2024 14:30:22 +0000
ROA not before: Mon 01 Jan 2024 14:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 45.11.181.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:cd:d2:08:83:ea:e2:9f:9b:ec:0d:3f:ae:1f:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e4baf99ab840129133285fe9ad7b83fd130c39
Validity
Not Before: Jan 1 14:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f305113db4c7b2e3d0c1b5164e32a46dd95d6ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b8:41:1d:f3:21:6c:2d:27:4a:12:5e:ea:ae:
5d:30:4e:ff:2b:03:94:b6:50:6b:31:d1:09:68:97:
7b:fe:83:92:5e:8a:56:39:c6:4c:20:01:6f:0e:55:
58:a1:68:91:f5:aa:a7:9f:7d:a6:41:6a:ab:eb:c5:
ab:97:85:7a:97:d5:7e:0d:04:f3:cc:56:58:7e:52:
86:eb:a9:a7:4b:83:3e:87:79:e1:69:80:62:28:37:
c1:12:16:d2:8b:73:d2:e3:2f:27:34:b1:33:fc:74:
e7:b2:f4:b8:48:7d:37:3f:92:2c:fc:74:8f:a8:b7:
84:f4:52:d3:62:87:3f:03:b2:7e:6c:73:3a:d2:2d:
4b:0b:b3:19:f2:09:38:69:e0:8b:d8:01:d3:d1:ff:
a3:99:a6:1e:88:d8:86:5d:ff:2a:7e:62:98:8b:5c:
fa:2b:0b:ad:69:47:7f:20:63:28:d4:d9:5d:80:ca:
c3:36:13:b1:ff:11:ce:64:62:aa:93:51:da:3a:03:
7f:2b:42:fa:b6:49:7b:c6:13:6f:15:16:a6:8d:dd:
c3:f3:9e:0a:f9:f9:d1:19:f0:1f:a3:75:bd:8c:9e:
a5:18:20:18:65:80:ab:f9:ae:9b:40:df:ba:93:d1:
b8:57:a3:21:f1:c7:d5:a9:aa:5d:f8:6b:77:6a:87:
af:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:30:51:13:DB:4C:7B:2E:3D:0C:1B:51:64:E3:2A:46:DD:95:D6:AE
X509v3 Authority Key Identifier:
keyid:72:E4:BA:F9:9A:B8:40:12:91:33:28:5F:E9:AD:7B:83:FD:13:0C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/DzBRE9tMey49DBtRZOMqRt2V1q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/cuS6-Zq4QBKRMyhf6a17g_0TDDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.181.0/24
Signature Algorithm: sha256WithRSAEncryption
10:fb:ed:a2:13:76:5c:41:b8:bc:38:45:26:20:d8:06:b6:48:
d9:e4:db:d2:ef:c0:89:f7:84:ed:e5:3d:6f:7d:2b:e2:25:1d:
78:ce:cb:a8:75:20:f0:e1:a7:ae:3f:68:fb:82:80:3a:eb:3f:
c3:1f:08:00:f8:c1:3f:3b:06:a8:68:9e:7a:46:af:2e:33:5d:
87:c3:b0:a6:e2:09:9c:30:ab:27:07:19:31:8f:f9:a1:db:96:
e5:fe:bc:4a:57:68:30:fa:f2:9f:32:53:a4:3c:82:c2:8e:fd:
bf:3e:0a:5d:73:64:89:d5:10:86:f1:c5:59:be:84:0e:b0:68:
1a:28:bd:4a:a7:41:1e:21:0d:4a:92:83:58:0e:c8:4b:d0:81:
47:a0:7c:eb:40:54:14:e4:46:5e:4f:7d:bb:a6:b4:cf:0f:43:
b5:b5:c7:41:db:18:76:a5:b1:97:c6:1d:bb:b7:85:6e:2d:cd:
98:e2:dd:40:b3:d3:8b:7d:3c:d2:da:ed:32:22:fc:03:ae:69:
51:54:3c:4c:59:42:32:aa:b4:4c:09:ed:e1:67:30:20:17:12:
53:6e:aa:24:cb:13:19:35:63:30:49:a4:8b:13:0d:90:a4:41:
b5:eb:23:64:41:91:c7:5d:d4:50:fd:ce:be:3b:03:7a:a2:88:
e1:82:b5:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbs3SCIPq4p+b7A0/rh9qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTRiYWY5OWFiODQwMTI5MTMzMjg1ZmU5YWQ3YjgzZmQx
MzBjMzkwHhcNMjQwMTAxMTQzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjMwNTExM2RiNGM3YjJlM2QwYzFiNTE2NGUzMmE0NmRkOTVkNmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7hBHfMhbC0nShJe6q5dME7/KwOU
tlBrMdEJaJd7/oOSXopWOcZMIAFvDlVYoWiR9aqnn32mQWqr68Wrl4V6l9V+DQTz
zFZYflKG66mnS4M+h3nhaYBiKDfBEhbSi3PS4y8nNLEz/HTnsvS4SH03P5Is/HSP
qLeE9FLTYoc/A7J+bHM60i1LC7MZ8gk4aeCL2AHT0f+jmaYeiNiGXf8qfmKYi1z6
KwutaUd/IGMo1NldgMrDNhOx/xHOZGKqk1HaOgN/K0L6tkl7xhNvFRamjd3D854K
+fnRGfAfo3W9jJ6lGCAYZYCr+a6bQN+6k9G4V6Mh8cfVqapd+Gt3aoevMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA8wURPbTHsuPQwbUWTjKkbdldauMB8GA1UdIwQY
MBaAFHLkuvmauEASkTMoX+mte4P9Eww5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VTNi1acTRRQktSTXloZjZhMTdnXzBURERrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82NmI3NGMtODFjMS00MTBlLTk1N2Qt
YThkNjVkY2NiOTZiLzEvRHpCUkU5dE1leTQ5REJ0UlpPTXFSdDJWMXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82NmI3NGMtODFjMS00MTBlLTk1N2QtYThkNjVkY2NiOTZi
LzEvY3VTNi1acTRRQktSTXloZjZhMTdnXzBURERrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQu1MA0G
CSqGSIb3DQEBCwUAA4IBAQAQ++2iE3ZcQbi8OEUmINgGtkjZ5NvS78CJ94Tt5T1v
fSviJR14zsuodSDw4aeuP2j7goA66z/DHwgA+ME/OwaoaJ56Rq8uM12Hw7Cm4gmc
MKsnBxkxj/mh25bl/rxKV2gw+vKfMlOkPILCjv2/Pgpdc2SJ1RCG8cVZvoQOsGga
KL1Kp0EeIQ1KkoNYDshL0IFHoHzrQFQU5EZeT327prTPD0O1tcdB2xh2pbGXxh27
t4VuLc2Y4t1As9OLfTzS2u0yIvwDrmlRVDxMWUIyqrRMCe3hZzAgFxJTbqokyxMZ
NWMwSaSLEw2QpEG16yNkQZHHXdRQ/c6+OwN6oojhgrVr
-----END CERTIFICATE-----
Generated at Fri Apr 18 05:54:00 2025 by rpki-client