Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/9SuzqcvvtqDm8rYlsq0cn4wl7so.roa
File: 9SuzqcvvtqDm8rYlsq0cn4wl7so.roa (raw, json)
Hash identifier: ADSv0mv1Pki/FjjzBWMnSX4UNM9exDPkEb9gkb/GVaU=
Subject key identifier: F5:2B:B3:A9:CB:EF:B6:A0:E6:F2:B6:25:B2:AD:1C:9F:8C:25:EE:CA
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018C71F71102546DE769166A1941DC8A670F
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/9SuzqcvvtqDm8rYlsq0cn4wl7so.roa
Signing time: Sat 16 Dec 2023 09:31:06 +0000
ROA not before: Sat 16 Dec 2023 09:31:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3549
IP address blocks: 151.244.144.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:71:f7:11:02:54:6d:e7:69:16:6a:19:41:dc:8a:67:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Dec 16 09:31:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f52bb3a9cbefb6a0e6f2b625b2ad1c9f8c25eeca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:8d:89:a0:f3:59:6e:82:12:e7:10:07:0e:17:
ea:96:0f:cf:cb:26:ae:0b:93:43:f1:57:4d:ac:ee:
7c:d2:f9:1c:f2:c3:0a:ce:bd:95:56:b8:eb:25:2e:
90:6f:d1:1e:a6:fb:15:d6:af:94:b1:5d:c8:70:9e:
b8:07:18:a4:5d:ef:4b:ff:7e:6a:d3:8b:4e:05:1e:
08:49:a9:31:bd:cf:3f:54:c5:38:d0:c8:db:55:e5:
49:7a:92:c9:58:ab:cd:4d:da:57:fe:5b:95:ec:50:
aa:4f:47:56:5c:ca:a8:6f:90:23:db:43:d4:2e:d5:
3e:69:6b:10:30:76:c3:46:34:5a:af:37:a1:7d:5a:
1e:62:09:89:9c:c6:dc:33:29:9c:a7:d9:e2:2f:3a:
9d:5c:39:1e:18:19:7b:21:ef:97:9c:53:4c:5a:0d:
44:39:75:db:43:10:f6:35:51:5b:55:e5:3d:75:a5:
3c:43:79:58:1b:d9:95:0f:cf:17:af:f9:c2:91:e7:
55:66:91:3f:46:5b:ae:f3:51:ee:1e:9c:1a:15:f9:
f9:81:94:a2:42:ab:40:f4:b1:02:83:00:7a:c7:ce:
d8:04:97:f9:21:b1:95:e3:7e:4d:b2:da:13:d6:97:
12:13:51:f1:dd:22:ed:39:13:44:47:d0:9f:21:45:
18:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:2B:B3:A9:CB:EF:B6:A0:E6:F2:B6:25:B2:AD:1C:9F:8C:25:EE:CA
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/9SuzqcvvtqDm8rYlsq0cn4wl7so.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.244.144.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:22:f8:75:7c:b4:d7:ac:92:d1:fc:0e:7f:c6:7c:86:fd:31:
29:8a:a9:3c:1b:8b:18:26:c6:3e:ba:f1:81:ee:c2:a4:56:a4:
d7:db:fd:8e:e9:e3:4c:7c:d1:9b:59:d1:94:a6:97:3b:2b:fc:
e3:a5:ce:62:50:ac:df:b8:c1:db:fc:13:45:90:6b:59:50:b9:
48:ed:4b:b9:54:92:7f:d3:dc:03:56:8f:51:07:f9:34:58:09:
e9:f0:c7:0b:f5:8e:5f:f4:32:b6:fa:b9:e6:84:54:ef:b3:cf:
a9:1e:6b:69:5f:91:20:91:72:65:e0:71:4b:4a:06:f1:9e:0c:
ab:d5:34:40:04:12:e0:b1:0f:d4:a4:26:c1:19:28:b9:cb:0b:
82:f7:ca:01:2f:bb:cd:e8:51:fa:89:b6:2f:64:eb:98:0d:be:
12:87:67:32:8a:dd:55:12:3a:7d:af:ec:8e:36:4a:36:6e:de:
7c:5b:bb:1a:3f:37:e1:e8:4e:72:30:4a:66:9a:8e:59:71:9e:
dc:5c:d2:2a:6f:bb:37:0b:fb:a1:c8:48:4c:27:39:79:fb:a4:
26:8c:63:04:9d:3c:5d:79:b9:06:f5:ee:8d:c1:65:04:7c:92:
89:17:46:04:1e:6c:5d:df:c9:83:33:ce:a3:04:d4:c5:24:c4:
44:c1:85:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxx9xECVG3naRZqGUHcimcPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjMxMjE2MDkzMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTJiYjNhOWNiZWZiNmEwZTZmMmI2MjViMmFkMWM5ZjhjMjVlZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA142JoPNZboIS5xAHDhfqlg/Pyyau
C5ND8VdNrO580vkc8sMKzr2VVrjrJS6Qb9EepvsV1q+UsV3IcJ64BxikXe9L/35q
04tOBR4ISakxvc8/VMU40MjbVeVJepLJWKvNTdpX/luV7FCqT0dWXMqob5Aj20PU
LtU+aWsQMHbDRjRarzehfVoeYgmJnMbcMymcp9niLzqdXDkeGBl7Ie+XnFNMWg1E
OXXbQxD2NVFbVeU9daU8Q3lYG9mVD88Xr/nCkedVZpE/Rluu81HuHpwaFfn5gZSi
QqtA9LECgwB6x87YBJf5IbGV435NstoT1pcSE1Hx3SLtORNER9CfIUUYfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPUrs6nL77ag5vK2JbKtHJ+MJe7KMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvOVN1enFjdnZ0cURtOHJZbHNxMGNuNHdsN3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCl/SQMA0G
CSqGSIb3DQEBCwUAA4IBAQBrIvh1fLTXrJLR/A5/xnyG/TEpiqk8G4sYJsY+uvGB
7sKkVqTX2/2O6eNMfNGbWdGUppc7K/zjpc5iUKzfuMHb/BNFkGtZULlI7Uu5VJJ/
09wDVo9RB/k0WAnp8McL9Y5f9DK2+rnmhFTvs8+pHmtpX5EgkXJl4HFLSgbxngyr
1TRABBLgsQ/UpCbBGSi5ywuC98oBL7vN6FH6ibYvZOuYDb4Sh2cyit1VEjp9r+yO
Nko2bt58W7saPzfh6E5yMEpmmo5ZcZ7cXNIqb7s3C/uhyEhMJzl5+6QmjGMEnTxd
ebkG9e6NwWUEfJKJF0YEHmxd38mDM86jBNTFJMREwYWk
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:10:00 2025 by rpki-client