Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/KCon9dh8vqxXR4t-XvqpdCLVK3U.roa
File: KCon9dh8vqxXR4t-XvqpdCLVK3U.roa (raw, json)
Hash identifier: GQPaz4pV9GNcPW/hHWLGRLBgP90KVjLi+7ogy5rDBn4=
Subject key identifier: 28:2A:27:F5:D8:7C:BE:AC:57:47:8B:7E:5E:FA:A9:74:22:D5:2B:75
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 0182F038FBFC0B39B3C2E0D9A64177F480B2
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/KCon9dh8vqxXR4t-XvqpdCLVK3U.roa
Signing time: Tue 30 Aug 2022 19:27:22 +0000
ROA not before: Tue 30 Aug 2022 19:27:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201194
IP address blocks: 45.81.17.0/24 maxlen: 24
45.81.16.0/24 maxlen: 24
45.81.18.0/24 maxlen: 24
45.81.19.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f0:38:fb:fc:0b:39:b3:c2:e0:d9:a6:41:77:f4:80:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Aug 30 19:27:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=282a27f5d87cbeac57478b7e5efaa97422d52b75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:70:8c:13:a5:99:06:00:58:38:e7:4b:3b:92:
2d:cc:88:57:47:3d:8b:fd:d6:5c:91:a0:44:15:be:
68:fa:2f:55:ba:c7:e6:5e:9e:c6:63:1b:f8:38:45:
41:11:b2:8b:2e:5b:1c:bb:7e:82:88:88:c5:c2:c7:
39:c3:87:79:ca:8e:57:17:48:10:48:f1:90:d0:0f:
71:ac:11:86:63:37:d4:94:ba:3d:73:bf:57:8f:40:
a0:79:d0:03:f5:12:ac:63:24:b9:dc:71:d4:a3:44:
8e:13:a4:26:6d:70:26:2d:64:35:57:0e:22:7b:22:
0a:c1:f8:5d:79:b7:1a:a6:72:f7:24:e6:60:20:6f:
52:84:1a:e8:af:f9:d5:a7:80:d1:44:74:c9:68:1d:
aa:8c:5d:e5:e8:74:20:5c:80:da:45:7e:97:dc:af:
a4:35:d4:a8:67:b8:d1:7d:0b:ba:7f:5c:49:35:02:
40:69:19:32:74:a6:20:cd:0f:17:c4:61:d4:d9:22:
f8:fa:71:9a:75:ad:bf:8f:71:b4:20:ce:27:7d:52:
72:39:fd:ad:a0:cf:92:30:ad:f9:89:d8:aa:18:18:
e5:af:3c:0a:bd:3b:9b:e2:99:0c:b0:84:50:13:27:
47:58:10:d8:c0:12:fe:3d:87:90:05:b3:c2:99:4b:
f8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:2A:27:F5:D8:7C:BE:AC:57:47:8B:7E:5E:FA:A9:74:22:D5:2B:75
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/KCon9dh8vqxXR4t-XvqpdCLVK3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.16.0/22
Signature Algorithm: sha256WithRSAEncryption
73:38:a5:22:ef:a1:80:8b:e0:9c:d9:30:6e:09:ba:60:c7:77:
f4:c8:a4:e2:d1:c4:09:fd:1f:ea:ce:8c:c9:6a:f1:8c:38:05:
df:6b:75:b9:bc:13:e3:5b:fb:06:f6:44:4c:66:16:95:93:63:
f4:d0:e4:42:36:dd:eb:2f:3d:70:03:03:15:d7:29:18:65:92:
70:d5:16:7e:c3:ec:ff:a0:60:47:4d:31:ed:f5:7c:60:e8:2b:
f1:a7:7d:cb:0b:77:c8:6f:aa:22:cf:1b:58:6a:0b:d4:e8:a2:
39:76:0d:4b:ec:74:41:4a:b1:08:3b:e9:42:18:bf:12:eb:91:
08:56:54:f2:f9:9b:cd:78:3c:6d:b5:d2:6c:58:33:3d:13:44:
bc:98:b7:af:31:36:50:f6:c7:22:61:2a:f2:74:9c:1b:2c:f9:
49:2a:25:e1:14:dd:f4:2a:06:76:fb:db:f0:cf:fa:43:fc:c3:
a2:70:bb:e3:41:21:71:36:c7:2f:f5:ec:ed:d0:b6:82:20:62:
6f:2e:e1:14:f3:e3:01:d2:ca:08:48:94:aa:53:04:99:14:0d:
eb:ce:04:eb:4b:ed:d3:e5:2c:26:c2:f3:08:be:b1:71:37:0f:
02:25:1c:b0:13:01:da:3d:63:aa:ac:50:f1:9b:bd:ad:7a:f8:
ef:57:d0:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLwOPv8CzmzwuDZpkF39ICyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjIwODMwMTkyNzIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODJhMjdmNWQ4N2NiZWFjNTc0NzhiN2U1ZWZhYTk3NDIyZDUyYjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnCME6WZBgBYOOdLO5ItzIhXRz2L
/dZckaBEFb5o+i9VusfmXp7GYxv4OEVBEbKLLlscu36CiIjFwsc5w4d5yo5XF0gQ
SPGQ0A9xrBGGYzfUlLo9c79Xj0CgedAD9RKsYyS53HHUo0SOE6QmbXAmLWQ1Vw4i
eyIKwfhdebcapnL3JOZgIG9ShBror/nVp4DRRHTJaB2qjF3l6HQgXIDaRX6X3K+k
NdSoZ7jRfQu6f1xJNQJAaRkydKYgzQ8XxGHU2SL4+nGada2/j3G0IM4nfVJyOf2t
oM+SMK35idiqGBjlrzwKvTub4pkMsIRQEydHWBDYwBL+PYeQBbPCmUv4GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgqJ/XYfL6sV0eLfl76qXQi1St1MB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvS0NvbjlkaDh2cXhYUjR0LVh2cXBkQ0xWSzNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVEQMA0G
CSqGSIb3DQEBCwUAA4IBAQBzOKUi76GAi+Cc2TBuCbpgx3f0yKTi0cQJ/R/qzozJ
avGMOAXfa3W5vBPjW/sG9kRMZhaVk2P00ORCNt3rLz1wAwMV1ykYZZJw1RZ+w+z/
oGBHTTHt9Xxg6Cvxp33LC3fIb6oizxtYagvU6KI5dg1L7HRBSrEIO+lCGL8S65EI
VlTy+ZvNeDxttdJsWDM9E0S8mLevMTZQ9sciYSrydJwbLPlJKiXhFN30KgZ2+9vw
z/pD/MOicLvjQSFxNscv9ezt0LaCIGJvLuEU8+MB0soISJSqUwSZFA3rzgTrS+3T
5SwmwvMIvrFxNw8CJRywEwHaPWOqrFDxm72tevjvV9A1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:53 2025 by rpki-client