Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/c8ae79-6d7b-4776-80b7-420492cd1afd/1/V-FXT84gQgfRS_ZwWTqViA6_oMc.roa
File: V-FXT84gQgfRS_ZwWTqViA6_oMc.roa (raw, json)
Hash identifier: 3Cd9gbE4ymCo9JWvs5jrWmZZj8WIvufRLIWexLivNzg=
Subject key identifier: 57:E1:57:4F:CE:20:42:07:D1:4B:F6:70:59:3A:95:88:0E:BF:A0:C7
Certificate issuer: /CN=7ed24c5d344fb92bcf4cf6e1e569f51ae41aa87c
Certificate serial: 01856E8B4234B8799C8B93F72F1BFB0DDD67
Authority key identifier: 7E:D2:4C:5D:34:4F:B9:2B:CF:4C:F6:E1:E5:69:F5:1A:E4:1A:A8:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ftJMXTRPuSvPTPbh5Wn1GuQaqHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/c8ae79-6d7b-4776-80b7-420492cd1afd/1/V-FXT84gQgfRS_ZwWTqViA6_oMc.roa
Signing time: Sun 01 Jan 2023 18:14:58 +0000
ROA not before: Sun 01 Jan 2023 18:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48603
IP address blocks: 45.147.92.0/24 maxlen: 24
45.147.93.0/24 maxlen: 24
2a0f:f800::/29 maxlen: 31
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:42:34:b8:79:9c:8b:93:f7:2f:1b:fb:0d:dd:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ed24c5d344fb92bcf4cf6e1e569f51ae41aa87c
Validity
Not Before: Jan 1 18:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57e1574fce204207d14bf670593a95880ebfa0c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:30:80:9d:14:90:01:76:75:4b:a6:fe:27:52:
37:cf:a2:14:25:f1:a3:18:60:a8:a6:b9:6a:83:74:
1a:d1:6c:82:ba:22:c0:d6:6d:ef:ee:67:14:dd:8f:
2d:78:43:64:27:18:ae:d1:8f:29:4e:c2:96:5e:e7:
2f:cd:4b:ec:ff:0a:73:96:5c:c2:5d:34:d1:af:2a:
47:a7:e9:d2:f1:e4:9e:42:35:9f:ab:88:9f:e2:f6:
6b:7e:c7:d4:1a:0d:9b:d3:f0:24:dc:31:d7:62:c3:
03:e9:17:a2:7a:45:a5:3d:ce:fd:e8:32:4b:b1:67:
b4:ba:f2:d8:56:49:bf:c3:32:38:e4:b2:e0:63:fa:
14:70:56:be:ed:2a:20:5e:c4:5b:75:c3:3c:e9:10:
f9:42:4a:e9:7d:69:99:49:a9:82:71:bc:e9:ff:5f:
07:bd:1f:44:bc:59:07:19:35:69:23:e8:09:bf:be:
74:75:48:11:f9:cb:c8:95:78:41:0a:a7:ff:db:bc:
e8:2a:3a:25:a2:9f:3d:0b:1a:0b:ca:94:bf:39:98:
b4:fe:a9:55:e5:99:bf:c3:60:2c:d1:8b:9d:ca:4c:
f9:d1:c4:ac:3e:33:98:96:5a:cb:0b:22:c6:ac:91:
11:1e:1e:b1:2b:37:e9:5e:5a:66:63:cf:59:bb:5b:
3e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:E1:57:4F:CE:20:42:07:D1:4B:F6:70:59:3A:95:88:0E:BF:A0:C7
X509v3 Authority Key Identifier:
keyid:7E:D2:4C:5D:34:4F:B9:2B:CF:4C:F6:E1:E5:69:F5:1A:E4:1A:A8:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ftJMXTRPuSvPTPbh5Wn1GuQaqHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/c8ae79-6d7b-4776-80b7-420492cd1afd/1/V-FXT84gQgfRS_ZwWTqViA6_oMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/c8ae79-6d7b-4776-80b7-420492cd1afd/1/ftJMXTRPuSvPTPbh5Wn1GuQaqHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.92.0/23
IPv6:
2a0f:f800::/29
Signature Algorithm: sha256WithRSAEncryption
2e:2c:af:76:29:93:cd:5e:8a:4f:e3:51:62:f9:9d:bf:bc:4e:
03:bb:89:55:b1:3c:ac:d7:12:fb:95:fa:ef:5a:86:e4:0c:dc:
53:a5:23:15:f3:52:21:45:53:0e:a3:ad:42:17:2f:5e:b6:76:
64:c5:6e:91:60:02:da:56:2b:95:e5:5e:16:12:0e:7b:cd:74:
2e:1c:8c:c1:fd:92:be:d5:61:f0:bc:27:da:6f:66:25:0b:30:
2f:7b:cb:32:33:70:57:26:c2:bd:2f:4b:cb:d4:5f:90:e6:80:
63:f1:1b:dc:89:34:f5:30:d0:ea:e0:c6:c1:ab:37:be:99:7d:
fa:86:fe:89:f8:10:b6:d4:59:df:5d:84:fc:5b:66:83:4e:0f:
24:86:1a:2c:e0:10:15:36:8c:91:aa:f3:69:31:38:af:4e:0e:
bb:8e:8e:c6:1d:dd:d3:f3:99:f5:e9:10:6e:78:f2:9c:05:63:
f5:4e:d0:18:dc:50:36:e8:0a:3a:7f:94:9a:35:76:be:72:eb:
43:f1:00:80:88:ec:97:ac:d9:27:71:f4:03:f9:fa:03:fd:43:
6d:9a:3b:22:af:7a:d8:25:dd:83:b9:1c:37:33:0b:b0:48:41:
10:ec:e6:72:e3:f0:15:6e:96:e1:5a:76:52:f6:ff:74:9e:c6:
e2:71:e3:51
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVui0I0uHmci5P3Lxv7Dd1nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlZDI0YzVkMzQ0ZmI5MmJjZjRjZjZlMWU1NjlmNTFhZTQx
YWE4N2MwHhcNMjMwMTAxMTgxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2UxNTc0ZmNlMjA0MjA3ZDE0YmY2NzA1OTNhOTU4ODBlYmZhMGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjCAnRSQAXZ1S6b+J1I3z6IUJfGj
GGCoprlqg3Qa0WyCuiLA1m3v7mcU3Y8teENkJxiu0Y8pTsKWXucvzUvs/wpzllzC
XTTRrypHp+nS8eSeQjWfq4if4vZrfsfUGg2b0/Ak3DHXYsMD6ReiekWlPc796DJL
sWe0uvLYVkm/wzI45LLgY/oUcFa+7SogXsRbdcM86RD5QkrpfWmZSamCcbzp/18H
vR9EvFkHGTVpI+gJv750dUgR+cvIlXhBCqf/27zoKjolop89CxoLypS/OZi0/qlV
5Zm/w2As0Yudykz50cSsPjOYllrLCyLGrJERHh6xKzfpXlpmY89Zu1s+bQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFfhV0/OIEIH0Uv2cFk6lYgOv6DHMB8GA1UdIwQY
MBaAFH7STF00T7krz0z24eVp9RrkGqh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnRKTVhUUlB1U3ZQVFBiaDVXbjFHdVFhcUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9jOGFlNzktNmQ3Yi00Nzc2LTgwYjct
NDIwNDkyY2QxYWZkLzEvVi1GWFQ4NGdRZ2ZSU19ad1dUcVZpQTZfb01jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9jOGFlNzktNmQ3Yi00Nzc2LTgwYjctNDIwNDkyY2QxYWZk
LzEvZnRKTVhUUlB1U3ZQVFBiaDVXbjFHdVFhcUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBLZNcMA0E
AgACMAcDBQMqD/gAMA0GCSqGSIb3DQEBCwUAA4IBAQAuLK92KZPNXopP41Fi+Z2/
vE4Du4lVsTys1xL7lfrvWobkDNxTpSMV81IhRVMOo61CFy9etnZkxW6RYALaViuV
5V4WEg57zXQuHIzB/ZK+1WHwvCfab2YlCzAve8syM3BXJsK9L0vL1F+Q5oBj8Rvc
iTT1MNDq4MbBqze+mX36hv6J+BC21FnfXYT8W2aDTg8khhos4BAVNoyRqvNpMTiv
Tg67jo7GHd3T85n16RBuePKcBWP1TtAY3FA26Ao6f5SaNXa+cutD8QCAiOyXrNkn
cfQD+foD/UNtmjsir3rYJd2DuRw3MwuwSEEQ7OZy4/AVbpbhWnZS9v90nsbiceNR
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:45:56 2025 by rpki-client