Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/PWrcuHtDVP5ogXPp3e1Z0ACbI9g.roa
File: PWrcuHtDVP5ogXPp3e1Z0ACbI9g.roa (raw, json)
Hash identifier: gyC4sZ1/T8v6brDv+lEbzrjoLp++CjDRrSvuS/Bbhj0=
Subject key identifier: 3D:6A:DC:B8:7B:43:54:FE:68:81:73:E9:DD:ED:59:D0:00:9B:23:D8
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018D82EEA93D966D0AADDA2A2BA53782D291
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/PWrcuHtDVP5ogXPp3e1Z0ACbI9g.roa
Signing time: Wed 07 Feb 2024 09:38:15 +0000
ROA not before: Wed 07 Feb 2024 09:38:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211056
IP address blocks: 45.81.16.0/24 maxlen: 24
45.81.17.0/24 maxlen: 24
45.81.18.0/24 maxlen: 24
45.81.19.0/24 maxlen: 24
185.201.49.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:82:ee:a9:3d:96:6d:0a:ad:da:2a:2b:a5:37:82:d2:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Feb 7 09:38:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d6adcb87b4354fe688173e9dded59d0009b23d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a4:60:10:57:da:dd:19:b6:14:c7:2a:74:4d:
72:57:38:87:15:50:4e:7f:e8:a3:f8:5c:10:a3:92:
37:0f:2f:13:dc:6b:f8:fa:f6:05:ec:d8:a0:5c:74:
83:ac:e6:96:9e:22:d4:db:15:63:a9:d0:45:de:c6:
a1:33:f6:31:88:2f:0f:a4:43:9e:78:55:55:fe:45:
4c:98:3a:31:3d:7c:e3:56:da:2d:6f:9e:0e:e4:4f:
71:f5:d9:5e:e2:96:19:e1:83:fc:f1:fe:f6:47:6c:
76:f3:6b:8d:d6:92:ad:ab:63:2d:4d:8d:00:74:8f:
0f:d0:57:34:2d:8a:3f:cd:a9:f7:0b:bc:3b:cd:de:
c1:fe:aa:09:d1:7e:69:dc:b5:25:0f:20:80:4d:b1:
b4:a7:92:7d:38:ef:c8:52:0d:8e:29:15:44:9a:8d:
17:f7:52:8c:dd:00:40:d4:ac:24:43:49:45:3b:5c:
a3:c2:99:90:7a:4b:95:a6:93:85:4e:8c:fa:5a:17:
1f:78:d7:a0:4b:bb:8b:85:8e:c8:76:17:50:bf:c2:
2e:32:43:63:ae:fa:46:11:b0:3a:81:4b:ab:e2:9e:
3c:9e:5a:0e:b6:a1:93:ef:d6:1b:c2:3e:a0:71:3c:
99:cb:80:4e:76:c3:59:f5:89:06:9c:f8:3b:74:a7:
c0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:6A:DC:B8:7B:43:54:FE:68:81:73:E9:DD:ED:59:D0:00:9B:23:D8
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/PWrcuHtDVP5ogXPp3e1Z0ACbI9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.16.0/22
185.201.49.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:e9:2a:ba:7e:79:37:7f:22:ff:08:11:bc:42:ef:bb:86:d6:
8b:a1:d9:07:64:c0:ce:a6:4b:64:f0:10:df:41:68:6a:ab:54:
80:14:0c:2a:3c:23:5c:fe:49:3c:5e:c1:a0:31:04:b1:c0:ce:
f3:5e:c2:b3:66:6f:84:c6:dd:4b:4d:88:59:81:82:64:f7:ff:
bc:3c:cb:18:ba:cf:2b:15:76:2c:c4:13:9f:b4:57:b9:d6:c6:
9e:9a:ff:9e:d6:5a:72:7e:3b:98:d0:4b:84:9c:07:5f:20:6c:
f9:fb:33:03:77:0b:a7:69:39:d6:48:be:ee:d4:d9:63:68:4d:
14:fa:4f:d2:91:a0:ce:b5:6a:08:69:a3:03:15:f0:8e:6b:a3:
bb:17:7f:66:84:0d:30:53:b3:c1:ce:65:ee:4c:9d:7f:67:0e:
27:c9:aa:6a:51:be:d8:d8:fd:0d:91:fa:52:5a:f4:56:65:f4:
29:9f:72:ac:13:25:b4:be:ca:ad:31:04:e7:ec:1d:de:8e:40:
9a:0b:09:c0:a9:fa:f1:28:f4:08:2a:66:ac:c0:60:61:20:84:
0b:20:37:de:69:2c:0b:62:88:39:ce:08:12:41:52:50:0b:99:
7b:cf:c1:6e:66:9d:e1:a8:f1:81:1b:2b:66:bc:c4:3f:9e:19:
5a:bf:55:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2C7qk9lm0KrdoqK6U3gtKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjQwMjA3MDkzODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDZhZGNiODdiNDM1NGZlNjg4MTczZTlkZGVkNTlkMDAwOWIyM2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6RgEFfa3Rm2FMcqdE1yVziHFVBO
f+ij+FwQo5I3Dy8T3Gv4+vYF7NigXHSDrOaWniLU2xVjqdBF3sahM/YxiC8PpEOe
eFVV/kVMmDoxPXzjVtotb54O5E9x9dle4pYZ4YP88f72R2x282uN1pKtq2MtTY0A
dI8P0Fc0LYo/zan3C7w7zd7B/qoJ0X5p3LUlDyCATbG0p5J9OO/IUg2OKRVEmo0X
91KM3QBA1KwkQ0lFO1yjwpmQekuVppOFToz6WhcfeNegS7uLhY7IdhdQv8IuMkNj
rvpGEbA6gUur4p48nloOtqGT79Ybwj6gcTyZy4BOdsNZ9YkGnPg7dKfAPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD1q3Lh7Q1T+aIFz6d3tWdAAmyPYMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvUFdyY3VIdERWUDVvZ1hQcDNlMVowQUNiSTlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVEQAwQA
uckxMA0GCSqGSIb3DQEBCwUAA4IBAQBM6Sq6fnk3fyL/CBG8Qu+7htaLodkHZMDO
pktk8BDfQWhqq1SAFAwqPCNc/kk8XsGgMQSxwM7zXsKzZm+Ext1LTYhZgYJk9/+8
PMsYus8rFXYsxBOftFe51saemv+e1lpyfjuY0EuEnAdfIGz5+zMDdwunaTnWSL7u
1NljaE0U+k/SkaDOtWoIaaMDFfCOa6O7F39mhA0wU7PBzmXuTJ1/Zw4nyapqUb7Y
2P0NkfpSWvRWZfQpn3KsEyW0vsqtMQTn7B3ejkCaCwnAqfrxKPQIKmaswGBhIIQL
IDfeaSwLYog5zggSQVJQC5l7z8FuZp3hqPGBGytmvMQ/nhlav1W6
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:32:54 2025 by rpki-client