Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/nwx-qgM7LH7bRjrHhXL6xRoUl8c.roa
File: nwx-qgM7LH7bRjrHhXL6xRoUl8c.roa (raw, json)
Hash identifier: dp2ZC0bIA8H2Tfch0MbQ23ZMvdyb2uzxG98/NLkW3XU=
Subject key identifier: 9F:0C:7E:AA:03:3B:2C:7E:DB:46:3A:C7:85:72:FA:C5:1A:14:97:C7
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018447A2EA355360F6FB58EF893B668E68E4
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/nwx-qgM7LH7bRjrHhXL6xRoUl8c.roa
Signing time: Sat 05 Nov 2022 11:52:49 +0000
ROA not before: Sat 05 Nov 2022 11:52:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44436
IP address blocks: 194.59.214.0/24 maxlen: 24
45.90.75.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:47:a2:ea:35:53:60:f6:fb:58:ef:89:3b:66:8e:68:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Nov 5 11:52:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f0c7eaa033b2c7edb463ac78572fac51a1497c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:26:f0:bc:d0:ff:28:52:fb:74:ab:1c:28:37:
17:fe:2f:84:69:0d:86:a3:8a:89:4f:e1:3c:5f:2c:
d0:1e:9a:ea:66:9f:10:ae:8d:6b:9d:7a:93:37:99:
f5:b6:73:fa:25:ea:4c:f3:57:4e:ae:db:2e:9f:8b:
17:49:48:bd:fe:8d:db:01:41:84:5b:37:32:ad:e9:
b9:51:86:89:51:fd:18:6b:da:e1:96:eb:41:8c:ab:
6f:5a:46:4a:b5:5a:7d:89:bc:7e:d5:d8:53:e3:07:
4b:7d:63:c6:2b:1d:aa:0a:0a:58:1e:5d:8b:39:ad:
21:ad:f8:22:b1:4b:25:86:85:5d:f3:04:a0:5b:c3:
b5:37:75:fb:08:12:0d:bb:23:0c:ec:da:17:bc:9d:
4b:e1:fd:44:b3:0f:bc:4d:45:21:62:8a:c4:d3:81:
56:c5:23:03:02:21:ef:5f:1e:3f:3c:0a:c7:75:81:
12:3c:09:ff:88:5d:ba:48:4d:77:9d:9e:f7:77:d6:
0e:29:7d:5d:e0:e8:80:0b:54:fb:23:0c:3e:e9:c2:
75:56:6a:09:e5:a7:2d:1c:35:0d:4f:f6:c8:d2:7f:
03:9e:c5:17:af:ba:57:fe:d1:25:39:83:d9:bc:93:
84:a3:ae:e7:f0:7e:f3:51:57:68:47:2b:7d:c2:90:
c8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:0C:7E:AA:03:3B:2C:7E:DB:46:3A:C7:85:72:FA:C5:1A:14:97:C7
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/nwx-qgM7LH7bRjrHhXL6xRoUl8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.75.0/24
194.59.214.0/24
Signature Algorithm: sha256WithRSAEncryption
75:7a:e1:cc:1b:7a:5b:6d:5f:50:ee:5d:45:1f:10:56:a2:5f:
51:06:a8:7d:0b:da:60:3d:99:4c:76:0f:3b:73:43:f2:74:fc:
11:21:9c:64:9c:df:58:ac:40:ef:e3:70:08:68:7c:74:56:f4:
7f:0b:4f:c0:d3:9f:e0:73:e7:b0:63:49:91:8f:1d:59:ea:64:
fd:d4:15:a8:6d:d4:98:17:c3:0f:0e:c6:4b:14:cd:c4:a0:f8:
3d:de:be:fc:9c:68:d2:e8:c5:32:9e:e5:f9:3d:ee:d4:d2:06:
f4:cc:94:96:88:0a:4e:b2:0f:30:1e:a8:95:02:78:49:c2:09:
a3:3f:8b:81:54:d8:ea:4d:b9:1f:1e:2b:21:00:c9:6c:96:bc:
50:a9:0f:32:43:e1:51:30:d7:30:bf:ab:e2:85:24:9c:34:7f:
a1:98:26:52:05:c5:e3:f0:75:0c:8c:3b:25:db:dc:93:48:39:
3f:29:7a:0e:1f:d4:a5:fa:fc:1f:1e:7c:0b:f5:2a:2d:9f:e3:
1c:92:b0:d1:95:ab:f4:01:4b:fa:a8:1f:03:c4:81:2a:99:44:
ae:d5:8c:ad:92:77:c1:b5:b1:9e:b2:2e:ed:90:28:00:b0:00:
68:3d:22:8d:4f:42:19:08:86:31:e5:d8:69:b4:f3:6c:48:b6:
19:05:a9:3e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRHouo1U2D2+1jviTtmjmjkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjIxMTA1MTE1MjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjBjN2VhYTAzM2IyYzdlZGI0NjNhYzc4NTcyZmFjNTFhMTQ5N2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlybwvND/KFL7dKscKDcX/i+EaQ2G
o4qJT+E8XyzQHprqZp8Qro1rnXqTN5n1tnP6JepM81dOrtsun4sXSUi9/o3bAUGE
Wzcyrem5UYaJUf0Ya9rhlutBjKtvWkZKtVp9ibx+1dhT4wdLfWPGKx2qCgpYHl2L
Oa0hrfgisUslhoVd8wSgW8O1N3X7CBINuyMM7NoXvJ1L4f1Esw+8TUUhYorE04FW
xSMDAiHvXx4/PArHdYESPAn/iF26SE13nZ73d9YOKX1d4OiAC1T7Iww+6cJ1VmoJ
5actHDUNT/bI0n8DnsUXr7pX/tElOYPZvJOEo67n8H7zUVdoRyt9wpDIGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ8MfqoDOyx+20Y6x4Vy+sUaFJfHMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvbnd4LXFnTTdMSDdiUmpySGhYTDZ4Um9VbDhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVpLAwQA
wjvWMA0GCSqGSIb3DQEBCwUAA4IBAQB1euHMG3pbbV9Q7l1FHxBWol9RBqh9C9pg
PZlMdg87c0PydPwRIZxknN9YrEDv43AIaHx0VvR/C0/A05/gc+ewY0mRjx1Z6mT9
1BWobdSYF8MPDsZLFM3EoPg93r78nGjS6MUynuX5Pe7U0gb0zJSWiApOsg8wHqiV
AnhJwgmjP4uBVNjqTbkfHishAMlslrxQqQ8yQ+FRMNcwv6vihSScNH+hmCZSBcXj
8HUMjDsl29yTSDk/KXoOH9Sl+vwfHnwL9Sotn+MckrDRlav0AUv6qB8DxIEqmUSu
1YytknfBtbGesi7tkCgAsABoPSKNT0IZCIYx5dhptPNsSLYZBak+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:30 2025 by rpki-client