Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/c_YBh7cHjfVuH7oJY0z99mrLiSU.roa
File: c_YBh7cHjfVuH7oJY0z99mrLiSU.roa (raw, json)
Hash identifier: CoGQOeI6hlazgXseDqjp86m9oYL6xmiySN8uCUPicUQ=
Subject key identifier: 73:F6:01:87:B7:07:8D:F5:6E:1F:BA:09:63:4C:FD:F6:6A:CB:89:25
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018447D8EDE6BB50C94E2EB7576D43029C4E
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/c_YBh7cHjfVuH7oJY0z99mrLiSU.roa
Signing time: Sat 05 Nov 2022 12:51:49 +0000
ROA not before: Sat 05 Nov 2022 12:51:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201691
IP address blocks: 45.159.151.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:47:d8:ed:e6:bb:50:c9:4e:2e:b7:57:6d:43:02:9c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Nov 5 12:51:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73f60187b7078df56e1fba09634cfdf66acb8925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:47:23:74:e7:7b:2c:12:8b:d0:6b:e1:c5:82:
52:06:19:50:a3:f9:8a:f0:32:6b:aa:77:79:82:77:
85:c1:e2:d2:66:0f:01:08:c1:9b:4e:f7:70:f7:89:
84:cd:d3:51:6b:f3:e4:70:7c:ac:bf:25:c4:fc:1b:
01:d0:f7:6a:18:c1:45:e1:84:27:dc:f6:18:26:29:
0e:1c:7d:c9:d2:fe:9c:38:d1:26:fd:23:f3:4d:30:
66:df:83:b2:0f:51:43:77:66:4d:85:c9:ea:ab:15:
31:6d:6a:d3:39:fd:0a:8f:01:0e:f1:e2:2c:8d:3b:
27:5c:15:a8:f8:d7:09:eb:e9:18:f7:8d:e4:cd:36:
ba:5a:c8:de:27:ba:0a:1e:be:5c:3e:6b:99:63:11:
6f:3d:40:7b:8a:73:07:1d:33:c9:e1:a5:75:f2:b3:
3b:db:65:09:d3:4a:42:73:31:02:1f:88:7c:86:02:
85:38:df:5b:3c:ac:1b:43:28:ac:b3:3a:02:d9:e0:
ce:6f:ee:e3:08:fe:99:32:63:d8:25:ad:3a:00:62:
58:f9:6a:30:87:0c:79:47:41:18:7f:11:4e:72:2c:
06:2d:6f:4d:60:00:7b:73:1a:55:30:26:50:01:a2:
bd:64:d1:2e:e3:a8:42:68:6e:2e:fa:98:6e:da:d5:
8f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:F6:01:87:B7:07:8D:F5:6E:1F:BA:09:63:4C:FD:F6:6A:CB:89:25
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/c_YBh7cHjfVuH7oJY0z99mrLiSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.151.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:ad:75:ab:44:14:55:64:86:ad:d4:65:e3:ab:13:ed:b0:c6:
32:40:b2:9d:df:a5:f9:36:8d:1a:64:ca:71:25:61:2a:95:1e:
ee:06:3f:bc:ea:55:4b:d3:06:8e:cd:1f:95:d2:7c:4b:3a:64:
4e:13:8e:b1:ec:d0:e6:1e:16:ba:c7:18:79:42:01:3b:18:6d:
a7:07:b9:95:21:39:a0:bc:54:40:aa:a8:29:4e:68:e5:65:3e:
46:3b:99:2a:8e:42:3a:4d:a1:db:5b:ba:b3:3b:be:71:e3:70:
3d:34:6b:ee:fe:5c:02:78:ff:3d:63:47:1b:e2:a8:6f:55:3f:
13:8c:00:5c:3d:4c:94:cf:d3:8f:fc:8d:28:98:61:e4:f6:1d:
b8:c7:3c:8c:e0:ca:28:bc:e2:2f:5c:3e:12:23:ed:e2:89:cf:
fc:d8:c0:8b:c8:d2:71:c9:1c:5c:4d:fc:97:36:5b:2c:fd:21:
27:78:84:6a:a8:6c:83:2d:ac:62:0b:5d:6a:2b:98:08:a1:38:
76:72:67:62:66:34:8d:5e:2b:df:7b:36:e2:89:b7:3b:e1:91:
e2:1c:b6:60:87:ca:e2:f4:5c:f1:50:72:d7:57:bb:37:cd:17:
8d:b1:57:cc:77:2b:5e:2b:58:d2:0a:51:cb:b7:69:37:61:2c:
14:ae:84:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRH2O3mu1DJTi63V21DApxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjIxMTA1MTI1MTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2Y2MDE4N2I3MDc4ZGY1NmUxZmJhMDk2MzRjZmRmNjZhY2I4OTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUcjdOd7LBKL0GvhxYJSBhlQo/mK
8DJrqnd5gneFweLSZg8BCMGbTvdw94mEzdNRa/PkcHysvyXE/BsB0PdqGMFF4YQn
3PYYJikOHH3J0v6cONEm/SPzTTBm34OyD1FDd2ZNhcnqqxUxbWrTOf0KjwEO8eIs
jTsnXBWo+NcJ6+kY943kzTa6WsjeJ7oKHr5cPmuZYxFvPUB7inMHHTPJ4aV18rM7
22UJ00pCczECH4h8hgKFON9bPKwbQyisszoC2eDOb+7jCP6ZMmPYJa06AGJY+Wow
hwx5R0EYfxFOciwGLW9NYAB7cxpVMCZQAaK9ZNEu46hCaG4u+phu2tWPbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHP2AYe3B431bh+6CWNM/fZqy4klMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvY19ZQmg3Y0hqZlZ1SDdvSlkwejk5bXJMaVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ+XMA0G
CSqGSIb3DQEBCwUAA4IBAQBcrXWrRBRVZIat1GXjqxPtsMYyQLKd36X5No0aZMpx
JWEqlR7uBj+86lVL0waOzR+V0nxLOmROE46x7NDmHha6xxh5QgE7GG2nB7mVITmg
vFRAqqgpTmjlZT5GO5kqjkI6TaHbW7qzO75x43A9NGvu/lwCeP89Y0cb4qhvVT8T
jABcPUyUz9OP/I0omGHk9h24xzyM4MoovOIvXD4SI+3iic/82MCLyNJxyRxcTfyX
Nlss/SEneIRqqGyDLaxiC11qK5gIoTh2cmdiZjSNXivfezbiibc74ZHiHLZgh8ri
9FzxUHLXV7s3zReNsVfMdyteK1jSClHLt2k3YSwUroSi
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:57 2025 by rpki-client