Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/wRY7Jju1PCbu3e7bb8rtkEX8_Ko.roa
File: wRY7Jju1PCbu3e7bb8rtkEX8_Ko.roa (raw, json)
Hash identifier: 0xWvrlatK4ELbvdlQPwtFtX8SI3iTg641dVsuGjeOVY=
Subject key identifier: C1:16:3B:26:3B:B5:3C:26:EE:DD:EE:DB:6F:CA:ED:90:45:FC:FC:AA
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 019369DB2D690FF517C8C5F0656C2B518FAE
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/wRY7Jju1PCbu3e7bb8rtkEX8_Ko.roa
Signing time: Tue 26 Nov 2024 19:03:11 +0000
ROA not before: Tue 26 Nov 2024 19:03:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200436
IP address blocks: 45.94.214.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
89.42.44.0/24 maxlen: 24
89.42.45.0/24 maxlen: 24
89.42.46.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
188.240.196.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:69:db:2d:69:0f:f5:17:c8:c5:f0:65:6c:2b:51:8f:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Nov 26 19:03:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1163b263bb53c26eeddeedb6fcaed9045fcfcaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d8:ae:6d:1f:f1:e1:63:53:80:f2:d2:db:22:
43:db:98:fd:42:6c:02:4d:e8:02:12:a7:58:b2:09:
1a:6f:3f:b7:8c:d1:78:b6:ab:b7:3b:35:18:e5:20:
3a:42:e7:62:9c:91:91:36:c2:24:fd:1c:5d:8d:7c:
f7:4b:0e:d1:7b:2d:54:5a:a6:bb:ed:9b:12:29:a5:
cd:ef:3a:ff:cd:5c:3c:0f:63:fe:56:55:5a:95:fe:
2c:84:bd:73:f9:65:4c:d0:8e:d9:4f:10:12:96:ca:
d7:fb:5a:5c:dd:04:1c:e7:c2:2f:b5:fe:e9:81:a9:
9e:a1:ad:b1:1d:c4:d8:45:bc:22:ea:6e:d9:2d:b0:
a1:ee:94:8b:1a:44:70:0f:ec:7a:7b:c5:0a:71:2f:
29:d8:7e:b3:da:95:90:73:d0:94:af:c3:24:28:8f:
d6:0d:4d:22:a4:ed:a2:72:90:b0:f8:b3:5e:94:bf:
75:58:1f:d4:80:ab:e4:dc:65:70:4d:9c:a7:54:40:
84:fc:a6:93:8b:a4:e4:a1:18:ee:a6:57:44:34:11:
68:b8:16:12:8e:75:70:a7:67:a7:4b:57:b9:46:4b:
12:6d:45:dd:15:26:3c:bd:3a:cd:07:f9:43:8a:4d:
81:f9:4b:bd:a0:cd:e9:3b:e5:ce:d7:f7:a3:83:29:
62:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:16:3B:26:3B:B5:3C:26:EE:DD:EE:DB:6F:CA:ED:90:45:FC:FC:AA
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/wRY7Jju1PCbu3e7bb8rtkEX8_Ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.214.0/23
89.42.44.0-89.42.46.255
185.3.200.0/24
188.240.196.0/24
Signature Algorithm: sha256WithRSAEncryption
02:02:1b:bd:ca:05:a1:a6:13:49:bf:6c:61:7b:82:04:29:db:
e3:2b:55:06:cf:0a:f5:2d:ba:06:dc:a0:92:d6:f3:ae:56:af:
6f:91:c4:88:7b:d7:57:fd:b2:ae:45:a3:9b:2c:5f:c9:5e:77:
6c:e5:77:f0:46:48:74:5b:5d:9f:17:19:8b:c1:09:05:95:37:
70:46:97:19:9d:60:10:b0:0b:b7:24:a7:fd:7d:76:fd:05:0c:
c4:68:c8:e7:e3:93:0a:1d:99:a9:6a:84:52:38:0a:8b:a3:b1:
47:7a:a5:b4:8c:84:13:47:79:e7:83:fb:33:ec:6f:4e:f9:fb:
28:4e:12:b2:37:9c:a6:9e:0d:6d:4f:b9:31:9e:f5:4a:08:e4:
4a:79:c1:18:4d:f2:65:c0:3e:3d:58:f9:29:d5:7c:b3:81:49:
d7:ec:64:b3:a4:41:b3:eb:45:20:78:a1:7c:45:d6:01:6e:fa:
b8:2a:54:06:6e:46:61:70:63:ad:4a:5e:bc:ac:b6:64:7e:9b:
3b:b4:59:a3:3b:4d:28:09:d7:ee:20:80:19:90:ad:6d:eb:16:
73:5c:af:7a:38:5d:69:e2:f7:2f:bc:e2:20:d5:07:cd:0b:63:
ac:10:fe:f2:6f:4f:c1:cc:8d:bf:2d:c0:31:6b:0e:1c:0d:18:
96:d7:b1:98
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZNp2y1pD/UXyMXwZWwrUY+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMTI2MTkwMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTE2M2IyNjNiYjUzYzI2ZWVkZGVlZGI2ZmNhZWQ5MDQ1ZmNmY2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3tiubR/x4WNTgPLS2yJD25j9QmwC
TegCEqdYsgkabz+3jNF4tqu3OzUY5SA6QudinJGRNsIk/RxdjXz3Sw7Rey1UWqa7
7ZsSKaXN7zr/zVw8D2P+VlValf4shL1z+WVM0I7ZTxASlsrX+1pc3QQc58Ivtf7p
gameoa2xHcTYRbwi6m7ZLbCh7pSLGkRwD+x6e8UKcS8p2H6z2pWQc9CUr8MkKI/W
DU0ipO2icpCw+LNelL91WB/UgKvk3GVwTZynVECE/KaTi6TkoRjupldENBFouBYS
jnVwp2enS1e5RksSbUXdFSY8vTrNB/lDik2B+Uu9oM3pO+XO1/ejgylitwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMEWOyY7tTwm7t3u22/K7ZBF/PyqMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvd1JZN0pqdTFQQ2J1M2U3YmI4cnRrRVg4X0tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLV7WMAwD
BAJZKiwDBABZKi4DBAC5A8gDBAC88MQwDQYJKoZIhvcNAQELBQADggEBAAICG73K
BaGmE0m/bGF7ggQp2+MrVQbPCvUtugbcoJLW865Wr2+RxIh711f9sq5Fo5ssX8le
d2zld/BGSHRbXZ8XGYvBCQWVN3BGlxmdYBCwC7ckp/19dv0FDMRoyOfjkwodmalq
hFI4CoujsUd6pbSMhBNHeeeD+zPsb075+yhOErI3nKaeDW1PuTGe9UoI5Ep5wRhN
8mXAPj1Y+SnVfLOBSdfsZLOkQbPrRSB4oXxF1gFu+rgqVAZuRmFwY61KXrystmR+
mzu0WaM7TSgJ1+4ggBmQrW3rFnNcr3o4XWni9y+84iDVB80LY6wQ/vJvT8HMjb8t
wDFrDhwNGJbXsZg=
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:03:09 2025 by rpki-client