Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/4Z1EUQYNeW3ieP0JUQLo8r3hntE.roa
File: 4Z1EUQYNeW3ieP0JUQLo8r3hntE.roa (raw, json)
Hash identifier: TuWTFBAayQxdq4esa8ElSb93rtBsOXMtp46KcdEyvoM=
Subject key identifier: E1:9D:44:51:06:0D:79:6D:E2:78:FD:09:51:02:E8:F2:BD:E1:9E:D1
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 0183FF96BC25E0ED4292F17C55423C50AFC0
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/4Z1EUQYNeW3ieP0JUQLo8r3hntE.roa
Signing time: Sat 22 Oct 2022 12:06:51 +0000
ROA not before: Sat 22 Oct 2022 12:06:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64458
IP address blocks: 45.90.74.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ff:96:bc:25:e0:ed:42:92:f1:7c:55:42:3c:50:af:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Oct 22 12:06:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e19d4451060d796de278fd095102e8f2bde19ed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:95:d8:fb:3a:e3:4f:c3:94:77:6e:3c:3d:14:
27:6a:8d:86:ec:3e:e9:61:56:ca:d9:54:23:64:dd:
74:a7:92:09:6c:51:05:b0:b8:6c:93:79:22:77:3b:
8b:f6:22:b9:f8:92:cd:77:88:ad:c1:0f:da:b1:3f:
ea:f2:cc:17:db:00:b8:09:58:32:ec:14:b8:c8:6d:
91:4e:40:1b:b1:4c:e1:e8:9c:4e:84:09:db:9a:8a:
d4:67:a1:04:b0:9c:5d:ef:b2:d2:24:da:d0:8d:b3:
86:c7:a1:d9:5d:19:3d:f7:18:b9:8f:d1:15:13:1a:
79:17:6e:b4:cd:f0:e0:c5:3a:88:f3:41:0a:0c:96:
99:6f:df:6a:bb:0b:df:df:fa:36:77:94:b5:52:f6:
86:30:63:fc:df:ad:a8:fb:8e:b4:34:85:c9:0e:d4:
db:0e:28:82:2f:46:af:e1:3e:0c:e5:4f:18:5c:32:
8b:da:0a:84:dc:74:f1:72:2f:e8:34:c5:e3:43:89:
6b:35:87:e9:91:24:57:f3:b1:dd:50:c7:f1:91:0f:
d5:bd:20:5d:c9:33:49:ba:ba:ab:63:c9:7e:ef:b0:
3e:4f:7a:16:eb:6e:a9:5a:e7:c9:13:8b:9d:95:11:
0f:54:df:7c:b2:51:f5:2e:3d:f7:89:04:73:8a:96:
f1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:9D:44:51:06:0D:79:6D:E2:78:FD:09:51:02:E8:F2:BD:E1:9E:D1
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/4Z1EUQYNeW3ieP0JUQLo8r3hntE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.74.0/24
Signature Algorithm: sha256WithRSAEncryption
82:5d:af:8d:95:12:82:b8:32:de:38:1d:32:44:31:85:e8:02:
a5:50:bb:64:b8:3e:bd:4b:d0:c4:a6:44:cc:e6:21:33:d7:6a:
63:41:3d:06:69:77:98:c8:82:18:b8:bb:7c:b0:38:ae:6e:33:
8e:1e:1c:58:bd:b1:53:16:82:35:00:3b:da:a8:5c:80:83:9c:
a0:59:56:ba:9a:7a:7b:e3:a0:5f:07:fa:eb:29:24:f9:81:5f:
db:a2:78:cb:56:a0:a2:93:43:e2:23:b6:82:19:9e:62:e4:14:
ab:2d:b5:cf:58:0d:b6:1b:e1:b4:ba:f2:d3:3f:ab:5f:0c:c0:
07:32:7c:9c:96:c2:c0:12:0d:17:98:6c:96:73:20:45:70:f5:
16:f1:9d:25:ee:ed:00:77:0b:da:08:89:81:45:39:92:6c:70:
80:46:79:03:0a:05:5e:21:46:9e:be:03:2d:f4:fa:bf:d0:42:
24:e8:1e:05:5f:83:ed:a6:12:53:13:e3:69:1a:ee:cb:37:a8:
81:f6:b1:56:01:96:a7:36:9f:58:c6:a0:57:38:7a:0b:b1:d7:
8d:b5:26:72:dc:e9:84:51:7a:8a:76:92:cc:e7:23:16:df:93:
e8:cd:f7:0f:5e:87:f7:84:a5:f9:d5:7c:e7:98:7c:83:da:e8:
95:a7:e6:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP/lrwl4O1CkvF8VUI8UK/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjIxMDIyMTIwNjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTlkNDQ1MTA2MGQ3OTZkZTI3OGZkMDk1MTAyZThmMmJkZTE5ZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZXY+zrjT8OUd248PRQnao2G7D7p
YVbK2VQjZN10p5IJbFEFsLhsk3kidzuL9iK5+JLNd4itwQ/asT/q8swX2wC4CVgy
7BS4yG2RTkAbsUzh6JxOhAnbmorUZ6EEsJxd77LSJNrQjbOGx6HZXRk99xi5j9EV
Exp5F260zfDgxTqI80EKDJaZb99quwvf3/o2d5S1UvaGMGP8362o+460NIXJDtTb
DiiCL0av4T4M5U8YXDKL2gqE3HTxci/oNMXjQ4lrNYfpkSRX87HdUMfxkQ/VvSBd
yTNJurqrY8l+77A+T3oW626pWufJE4udlREPVN98slH1Lj33iQRzipbxRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOGdRFEGDXlt4nj9CVEC6PK94Z7RMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvNFoxRVVRWU5lVzNpZVAwSlVRTG84cjNobnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVpKMA0G
CSqGSIb3DQEBCwUAA4IBAQCCXa+NlRKCuDLeOB0yRDGF6AKlULtkuD69S9DEpkTM
5iEz12pjQT0GaXeYyIIYuLt8sDiubjOOHhxYvbFTFoI1ADvaqFyAg5ygWVa6mnp7
46BfB/rrKST5gV/bonjLVqCik0PiI7aCGZ5i5BSrLbXPWA22G+G0uvLTP6tfDMAH
MnyclsLAEg0XmGyWcyBFcPUW8Z0l7u0AdwvaCImBRTmSbHCARnkDCgVeIUaevgMt
9Pq/0EIk6B4FX4PtphJTE+NpGu7LN6iB9rFWAZanNp9YxqBXOHoLsdeNtSZy3OmE
UXqKdpLM5yMW35PozfcPXof3hKX51XznmHyD2uiVp+Yb
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:11 2025 by rpki-client