Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/rXksKWNpilYqoagOaSHmTKQ_Uso.roa
File: rXksKWNpilYqoagOaSHmTKQ_Uso.roa (raw, json)
Hash identifier: pxfdBW7bxnwFAF/Ab02hnh3lTyIFAY/xTiXi9XfKE2U=
Subject key identifier: AD:79:2C:29:63:69:8A:56:2A:A1:A8:0E:69:21:E6:4C:A4:3F:52:CA
Certificate issuer: /CN=4148cbad1748205b4f4334bba638c64c2b21fc0e
Certificate serial: 016C1DB1
Authority key identifier: 41:48:CB:AD:17:48:20:5B:4F:43:34:BB:A6:38:C6:4C:2B:21:FC:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QUjLrRdIIFtPQzS7pjjGTCsh_A4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/rXksKWNpilYqoagOaSHmTKQ_Uso.roa
Signing time: Sat 01 Jan 2022 15:56:06 +0000
ROA not before: Sat 01 Jan 2022 15:56:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207209
IP address blocks: 46.149.64.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23862705 (0x16c1db1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4148cbad1748205b4f4334bba638c64c2b21fc0e
Validity
Not Before: Jan 1 15:56:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad792c2963698a562aa1a80e6921e64ca43f52ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:dd:62:3e:d5:c4:5d:28:82:74:55:5d:8f:12:
13:53:2f:83:31:24:d8:0e:b0:74:85:38:b9:64:ef:
24:d5:84:90:99:d7:d1:6b:8c:fd:34:d5:82:f1:dd:
e2:81:b5:f2:3c:9e:09:ed:04:6e:e9:43:97:11:19:
e7:33:ca:b2:70:ce:28:e3:35:82:33:0e:3c:f6:ca:
a9:e5:2a:37:15:4e:b7:69:fe:50:18:46:35:42:34:
bb:5c:fc:17:5d:20:56:a0:be:aa:a7:99:23:d8:50:
40:e2:5f:e7:38:b6:50:ac:ea:43:c3:31:9f:bc:d0:
c7:5c:5f:ec:b4:7e:f2:d1:96:36:6b:08:49:9e:c0:
80:e5:7e:3a:62:f9:08:17:92:40:99:c6:08:56:6e:
bb:da:fb:29:de:1c:94:85:86:3e:ba:12:30:b8:ef:
8b:a8:42:bf:5d:a2:de:37:9f:1a:c2:a5:7c:3a:5b:
94:97:88:2e:52:f6:11:d8:1b:c0:03:ea:c9:1f:03:
91:a3:48:73:6a:80:db:e5:d9:83:68:43:9e:a6:0b:
46:c6:24:20:72:63:4d:95:15:a5:6e:48:71:0f:df:
df:36:12:25:84:d8:20:a5:af:81:6f:8b:aa:f4:b3:
b0:75:86:67:94:14:cf:39:58:32:9c:d7:66:0d:46:
3f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:79:2C:29:63:69:8A:56:2A:A1:A8:0E:69:21:E6:4C:A4:3F:52:CA
X509v3 Authority Key Identifier:
keyid:41:48:CB:AD:17:48:20:5B:4F:43:34:BB:A6:38:C6:4C:2B:21:FC:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QUjLrRdIIFtPQzS7pjjGTCsh_A4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/rXksKWNpilYqoagOaSHmTKQ_Uso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/QUjLrRdIIFtPQzS7pjjGTCsh_A4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.64.0/23
Signature Algorithm: sha256WithRSAEncryption
95:5d:a7:b5:66:69:ad:c3:4a:db:cc:db:83:28:75:f5:12:9a:
bb:df:e4:c2:3a:84:d0:81:72:14:df:8b:3b:5b:ac:8f:7c:65:
7b:47:0a:04:9b:42:75:61:0c:46:03:5d:4b:e8:af:4c:33:9f:
ad:82:1e:48:7d:39:27:85:a5:e6:3a:2b:f2:11:00:4d:43:93:
4a:d4:88:92:9f:ab:90:99:13:96:5d:79:2a:6a:04:eb:ea:c9:
6f:8f:6e:58:df:bc:b4:bb:b7:73:8d:3a:fe:4a:26:c1:6a:53:
3e:14:29:c5:c8:a9:34:54:30:27:c9:4f:4a:37:24:28:aa:2f:
4a:d0:2e:82:db:24:44:cd:a7:18:ce:53:e6:d8:4d:5b:13:a2:
5e:b8:3c:cc:c1:3f:66:dc:11:a7:d4:dd:8a:0d:05:da:f5:ba:
1e:72:59:19:fa:1f:3d:fb:2c:97:17:15:17:5c:ad:d0:39:64:
dc:66:b5:7d:45:34:f1:5e:e4:89:1a:7b:73:aa:cc:3a:8b:a2:
e9:b8:f9:21:2c:50:8d:4e:d2:a2:8c:a0:21:39:54:67:fa:3f:
2a:5f:57:85:7e:f1:6a:3d:4d:d1:0a:de:63:0c:10:ef:de:5b:
d7:15:0d:b7:5a:1e:24:7c:38:44:ed:3f:20:8e:30:82:17:31:
0b:b0:f6:cf
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAWwdsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MTQ4Y2JhZDE3NDgyMDViNGY0MzM0YmJhNjM4YzY0YzJiMjFmYzBlMB4XDTIyMDEw
MTE1NTYwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWQ3OTJjMjk2MzY5
OGE1NjJhYTFhODBlNjkyMWU2NGNhNDNmNTJjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANndYj7VxF0ognRVXY8SE1MvgzEk2A6wdIU4uWTvJNWEkJnX
0WuM/TTVgvHd4oG18jyeCe0EbulDlxEZ5zPKsnDOKOM1gjMOPPbKqeUqNxVOt2n+
UBhGNUI0u1z8F10gVqC+qqeZI9hQQOJf5zi2UKzqQ8Mxn7zQx1xf7LR+8tGWNmsI
SZ7AgOV+OmL5CBeSQJnGCFZuu9r7Kd4clIWGProSMLjvi6hCv12i3jefGsKlfDpb
lJeILlL2EdgbwAPqyR8DkaNIc2qA2+XZg2hDnqYLRsYkIHJjTZUVpW5IcQ/f3zYS
JYTYIKWvgW+LqvSzsHWGZ5QUzzlYMpzXZg1GP80CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSteSwpY2mKViqhqA5pIeZMpD9SyjAfBgNVHSMEGDAWgBRBSMutF0ggW09D
NLumOMZMKyH8DjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FVakxyUmRJSUZ0UFF6UzdwampHVENzaF9BNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvY2UyMWIzLWM0ZGUtNDU2ZC1iNTM4LTk3OTc1ZDM0ZmM2Yy8x
L3JYa3NLV05waWxZcW9hZ09hU0htVEtRX1Vzby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
Y2UyMWIzLWM0ZGUtNDU2ZC1iNTM4LTk3OTc1ZDM0ZmM2Yy8xL1FVakxyUmRJSUZ0
UFF6UzdwampHVENzaF9BNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS6VQDANBgkqhkiG9w0BAQsFAAOC
AQEAlV2ntWZprcNK28zbgyh19RKau9/kwjqE0IFyFN+LO1usj3xle0cKBJtCdWEM
RgNdS+ivTDOfrYIeSH05J4Wl5jor8hEATUOTStSIkp+rkJkTll15KmoE6+rJb49u
WN+8tLu3c406/komwWpTPhQpxcipNFQwJ8lPSjckKKovStAugtskRM2nGM5T5thN
WxOiXrg8zME/ZtwRp9Tdig0F2vW6HnJZGfofPfsslxcVF1yt0Dlk3Ga1fUU08V7k
iRp7c6rMOoui6bj5ISxQjU7SooygITlUZ/o/Kl9XhX7xaj1N0QreYwwQ795b1xUN
t1oeJHw4RO0/II4wghcxC7D2zw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:37:36 2025 by rpki-client