Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/PaYllYDb1CBbCRXodhtCZmYIKWw.roa
File: PaYllYDb1CBbCRXodhtCZmYIKWw.roa (raw, json)
Hash identifier: Rpe3FM7OWF7lK7U8N0k+/FK4BEyVzP0DFYpi3QW3K/4=
Subject key identifier: 3D:A6:25:95:80:DB:D4:20:5B:09:15:E8:76:1B:42:66:66:08:29:6C
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018B34CA9E7B914D9A064D9D70C4BB80A461
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/PaYllYDb1CBbCRXodhtCZmYIKWw.roa
Signing time: Sun 15 Oct 2023 19:22:55 +0000
ROA not before: Sun 15 Oct 2023 19:22:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211056
IP address blocks: 45.81.17.0/24 maxlen: 24
45.81.16.0/24 maxlen: 24
45.81.19.0/24 maxlen: 24
45.81.18.0/24 maxlen: 24
185.201.49.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:34:ca:9e:7b:91:4d:9a:06:4d:9d:70:c4:bb:80:a4:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Oct 15 19:22:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3da6259580dbd4205b0915e8761b42666608296c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:50:94:a0:74:ab:1d:d1:85:ac:c2:59:f8:2d:
e4:2a:4f:d3:4d:36:22:a5:f8:b1:13:5f:17:74:c7:
0b:27:44:c5:f2:98:b9:57:b1:2e:5b:ae:9a:4c:b1:
db:ee:47:9d:95:7c:3d:5f:f1:d3:9c:04:52:bc:22:
90:2b:c2:23:88:a7:0d:54:81:94:51:ae:7a:d2:c8:
ea:75:bf:c0:c3:2d:b6:45:33:14:07:57:c9:ff:c5:
94:be:f9:cc:ef:8e:ac:92:b8:42:d5:7b:c5:88:12:
a7:46:f9:f4:b3:d3:62:76:5b:42:ab:61:0e:2f:3f:
3a:c9:cc:6f:44:f9:e1:b5:32:45:ea:15:4e:f1:26:
7d:81:c2:92:08:e7:bb:92:96:a8:12:1e:d6:03:ba:
47:1d:77:f1:9e:58:2b:9f:95:68:37:79:de:51:5e:
b9:4e:a5:01:a9:e1:30:42:99:11:5c:90:f5:be:33:
9d:31:7f:3c:4e:ec:21:1a:d9:ac:89:70:09:2c:97:
0f:5e:fb:d8:4a:ea:cb:f9:8b:18:23:28:dd:eb:82:
f3:de:1d:71:18:71:46:9b:62:d7:d7:a1:c1:53:b8:
df:0c:6a:f8:c6:f3:89:24:7b:ec:6f:6a:47:ce:c8:
b8:96:35:8f:96:99:8b:ea:5e:3a:13:dd:07:24:b8:
6b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A6:25:95:80:DB:D4:20:5B:09:15:E8:76:1B:42:66:66:08:29:6C
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/PaYllYDb1CBbCRXodhtCZmYIKWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.16.0/22
185.201.49.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:63:71:83:17:1a:6f:94:7a:4b:3b:62:4d:db:5b:54:ec:1a:
63:40:2b:f8:12:46:d3:5c:24:82:8f:df:8d:5a:fb:05:26:ee:
ca:e3:9d:7d:b4:4f:92:d4:48:ef:8b:70:bb:39:6e:cc:95:2d:
21:58:03:90:a2:60:17:e1:36:ea:80:a6:f0:a7:99:98:34:64:
db:89:6d:99:33:ae:98:1e:89:40:ad:f5:9c:c3:0b:0a:52:ad:
36:7c:68:ab:44:6b:38:80:81:47:25:21:9a:32:58:5b:98:4f:
b0:0d:f6:51:06:eb:38:d5:b9:e4:54:1e:f3:12:1c:51:a2:20:
16:ef:18:c0:3e:a8:a0:64:9e:c8:59:90:7c:3a:f5:7b:ca:8f:
a5:ff:11:50:08:52:0a:53:31:8a:e4:1f:99:3b:a4:b9:dc:45:
3d:d8:3a:08:ef:cc:b0:76:7f:8d:cc:b2:61:61:5f:6f:19:f1:
bd:11:89:de:fa:26:c3:9f:56:d7:da:08:f3:f1:89:75:f4:0d:
00:fa:da:cf:49:fe:4d:38:82:33:6e:c7:e3:b3:f2:af:ce:2c:
dd:b3:1a:7b:c1:9f:84:e3:50:75:e4:3f:40:76:cc:93:47:85:
5d:bb:88:54:a6:6e:00:4d:5c:a2:47:14:7a:e6:a8:de:e8:d7:
92:3f:20:84
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYs0yp57kU2aBk2dcMS7gKRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjMxMDE1MTkyMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGE2MjU5NTgwZGJkNDIwNWIwOTE1ZTg3NjFiNDI2NjY2MDgyOTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlCUoHSrHdGFrMJZ+C3kKk/TTTYi
pfixE18XdMcLJ0TF8pi5V7EuW66aTLHb7kedlXw9X/HTnARSvCKQK8IjiKcNVIGU
Ua560sjqdb/Awy22RTMUB1fJ/8WUvvnM746skrhC1XvFiBKnRvn0s9NidltCq2EO
Lz86ycxvRPnhtTJF6hVO8SZ9gcKSCOe7kpaoEh7WA7pHHXfxnlgrn5VoN3neUV65
TqUBqeEwQpkRXJD1vjOdMX88TuwhGtmsiXAJLJcPXvvYSurL+YsYIyjd64Lz3h1x
GHFGm2LX16HBU7jfDGr4xvOJJHvsb2pHzsi4ljWPlpmL6l46E90HJLhrwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD2mJZWA29QgWwkV6HYbQmZmCClsMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvUGFZbGxZRGIxQ0JiQ1JYb2RodENabVlJS1d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVEQAwQA
uckxMA0GCSqGSIb3DQEBCwUAA4IBAQCOY3GDFxpvlHpLO2JN21tU7BpjQCv4EkbT
XCSCj9+NWvsFJu7K4519tE+S1Ejvi3C7OW7MlS0hWAOQomAX4TbqgKbwp5mYNGTb
iW2ZM66YHolArfWcwwsKUq02fGirRGs4gIFHJSGaMlhbmE+wDfZRBus41bnkVB7z
EhxRoiAW7xjAPqigZJ7IWZB8OvV7yo+l/xFQCFIKUzGK5B+ZO6S53EU92DoI78yw
dn+NzLJhYV9vGfG9EYne+ibDn1bX2gjz8Yl19A0A+trPSf5NOIIzbsfjs/Kvzizd
sxp7wZ+E41B15D9AdsyTR4Vdu4hUpm4ATVyiRxR65qje6NeSPyCE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:07 2025 by rpki-client