Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/tfLLQUS3VxZB8ifICLccJLnRi1k.roa
File: tfLLQUS3VxZB8ifICLccJLnRi1k.roa (raw, json)
Hash identifier: Tm6dIY9cQON26/PHzaYlyRgLORuOdA7zJvFUiwtcpdE=
Subject key identifier: B5:F2:CB:41:44:B7:57:16:41:F2:27:C8:08:B7:1C:24:B9:D1:8B:59
Certificate issuer: /CN=72e4baf99ab840129133285fe9ad7b83fd130c39
Certificate serial: 018CC56ECF6979AE7C775BD13FF96EE57123
Authority key identifier: 72:E4:BA:F9:9A:B8:40:12:91:33:28:5F:E9:AD:7B:83:FD:13:0C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/tfLLQUS3VxZB8ifICLccJLnRi1k.roa
Signing time: Mon 01 Jan 2024 14:30:22 +0000
ROA not before: Mon 01 Jan 2024 14:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207408
IP address blocks: 45.11.183.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:cf:69:79:ae:7c:77:5b:d1:3f:f9:6e:e5:71:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e4baf99ab840129133285fe9ad7b83fd130c39
Validity
Not Before: Jan 1 14:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5f2cb4144b7571641f227c808b71c24b9d18b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:96:00:32:fe:78:dd:ec:12:81:81:94:e1:68:
d5:42:bf:e3:ef:5d:6c:db:0c:5d:41:a6:4b:41:62:
0f:3f:aa:e5:de:a2:9d:82:c8:df:73:92:2e:df:29:
d5:6f:4d:94:df:b2:2e:29:80:e0:3d:52:d6:af:b4:
bb:a6:68:04:e0:49:6c:f4:ec:81:94:b3:fd:df:59:
fe:f7:b7:8d:57:6d:fb:ee:cf:d8:24:6d:02:b9:a0:
aa:53:36:c0:d3:45:a0:f7:b1:5b:2b:8c:6b:51:da:
b6:a9:00:1c:b0:1c:59:a9:dd:d5:8e:4c:f0:fd:2d:
d5:73:6a:61:79:d9:07:76:fa:f1:93:08:ea:5b:07:
e5:77:49:cb:e1:4f:65:76:62:7c:40:43:c2:c2:c9:
c2:33:86:fc:7f:a4:8a:63:d1:41:45:a5:10:3c:cc:
a9:76:66:c6:f3:31:cb:7a:e5:85:84:df:62:0a:52:
5e:89:2c:b1:ea:70:84:72:51:bc:cf:dd:11:b3:3b:
86:f8:6a:15:03:54:65:fa:e8:93:14:62:45:7c:00:
11:85:9b:00:4d:e3:1f:29:60:0c:8c:7a:31:90:dd:
6b:10:bb:96:ba:11:a1:c2:21:a1:a0:6d:3a:53:ee:
af:3f:07:5c:c2:17:3e:7a:02:a8:5e:e8:8a:33:3e:
b9:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F2:CB:41:44:B7:57:16:41:F2:27:C8:08:B7:1C:24:B9:D1:8B:59
X509v3 Authority Key Identifier:
keyid:72:E4:BA:F9:9A:B8:40:12:91:33:28:5F:E9:AD:7B:83:FD:13:0C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cuS6-Zq4QBKRMyhf6a17g_0TDDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/tfLLQUS3VxZB8ifICLccJLnRi1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/66b74c-81c1-410e-957d-a8d65dccb96b/1/cuS6-Zq4QBKRMyhf6a17g_0TDDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.183.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:a7:48:c8:b9:ef:02:4d:df:17:f0:d3:39:3b:c9:a7:3d:25:
76:92:cc:b7:75:08:d6:bf:b5:47:30:6d:f0:b1:ec:03:81:ef:
a0:f1:5a:b4:33:39:c1:1d:ef:ef:84:b8:b0:76:42:91:11:9d:
20:6b:bb:04:f6:09:28:bf:06:70:cb:8b:4e:c5:47:ba:fb:37:
e1:2a:a8:ce:9c:0a:2e:6f:fa:a1:df:ec:a1:a0:34:6d:bb:ec:
d0:fb:06:ef:d8:a2:64:70:67:2b:50:b0:0d:13:5c:dc:18:b0:
2d:49:2a:f0:bc:f1:02:16:0f:9a:7c:17:4b:4f:4b:f1:e3:71:
b0:83:89:9e:6d:6a:64:2c:fd:20:e9:fc:83:97:db:d1:23:4b:
ed:06:c7:27:a7:67:63:af:31:1a:83:90:51:d1:2e:ab:9d:48:
94:8d:18:ec:bc:3b:6e:2b:25:af:c8:0b:4d:a7:3d:c4:78:8f:
ec:0a:fb:13:69:6c:bb:db:74:2e:5c:74:c1:35:19:c9:b6:59:
99:f3:5f:f9:99:07:23:d7:45:26:21:9f:84:fb:7c:70:1e:1a:
d7:f2:fc:99:8f:73:a3:d7:36:bd:b6:b2:63:4d:32:6a:67:68:
a7:78:91:c4:6b:03:d3:e0:e8:d4:9b:b1:f2:92:3b:a2:a1:b9:
19:1f:bd:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbs9pea58d1vRP/lu5XEjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTRiYWY5OWFiODQwMTI5MTMzMjg1ZmU5YWQ3YjgzZmQx
MzBjMzkwHhcNMjQwMTAxMTQzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWYyY2I0MTQ0Yjc1NzE2NDFmMjI3YzgwOGI3MWMyNGI5ZDE4YjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5YAMv543ewSgYGU4WjVQr/j711s
2wxdQaZLQWIPP6rl3qKdgsjfc5Iu3ynVb02U37IuKYDgPVLWr7S7pmgE4Els9OyB
lLP931n+97eNV2377s/YJG0CuaCqUzbA00Wg97FbK4xrUdq2qQAcsBxZqd3Vjkzw
/S3Vc2phedkHdvrxkwjqWwfld0nL4U9ldmJ8QEPCwsnCM4b8f6SKY9FBRaUQPMyp
dmbG8zHLeuWFhN9iClJeiSyx6nCEclG8z90RszuG+GoVA1Rl+uiTFGJFfAARhZsA
TeMfKWAMjHoxkN1rELuWuhGhwiGhoG06U+6vPwdcwhc+egKoXuiKMz659wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLXyy0FEt1cWQfInyAi3HCS50YtZMB8GA1UdIwQY
MBaAFHLkuvmauEASkTMoX+mte4P9Eww5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VTNi1acTRRQktSTXloZjZhMTdnXzBURERrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82NmI3NGMtODFjMS00MTBlLTk1N2Qt
YThkNjVkY2NiOTZiLzEvdGZMTFFVUzNWeFpCOGlmSUNMY2NKTG5SaTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82NmI3NGMtODFjMS00MTBlLTk1N2QtYThkNjVkY2NiOTZi
LzEvY3VTNi1acTRRQktSTXloZjZhMTdnXzBURERrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQu3MA0G
CSqGSIb3DQEBCwUAA4IBAQAtp0jIue8CTd8X8NM5O8mnPSV2ksy3dQjWv7VHMG3w
sewDge+g8Vq0MznBHe/vhLiwdkKREZ0ga7sE9gkovwZwy4tOxUe6+zfhKqjOnAou
b/qh3+yhoDRtu+zQ+wbv2KJkcGcrULANE1zcGLAtSSrwvPECFg+afBdLT0vx43Gw
g4mebWpkLP0g6fyDl9vRI0vtBscnp2djrzEag5BR0S6rnUiUjRjsvDtuKyWvyAtN
pz3EeI/sCvsTaWy723QuXHTBNRnJtlmZ81/5mQcj10UmIZ+E+3xwHhrX8vyZj3Oj
1za9trJjTTJqZ2ineJHEawPT4OjUm7HykjuiobkZH730
-----END CERTIFICATE-----
Generated at Fri Apr 18 05:51:51 2025 by rpki-client