Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/ppqbLWVmszkrNG3EovnK4N-hXyQ.roa
File: ppqbLWVmszkrNG3EovnK4N-hXyQ.roa (raw, json)
Hash identifier: 8tVKGQ2iculN75GHoyI9kU1Gf1zxMz20+iqTb3uYPCE=
Subject key identifier: A6:9A:9B:2D:65:66:B3:39:2B:34:6D:C4:A2:F9:CA:E0:DF:A1:5F:24
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018392A069C9FFB0B232CAACC1CFB8E5FE76
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/ppqbLWVmszkrNG3EovnK4N-hXyQ.roa
Signing time: Sat 01 Oct 2022 08:18:49 +0000
ROA not before: Sat 01 Oct 2022 08:18:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210818
IP address blocks: 45.90.72.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:92:a0:69:c9:ff:b0:b2:32:ca:ac:c1:cf:b8:e5:fe:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Oct 1 08:18:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a69a9b2d6566b3392b346dc4a2f9cae0dfa15f24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:84:5d:fc:6d:23:c5:f6:2a:de:31:4d:f9:6e:
02:50:28:76:85:b8:b2:e3:fc:c3:d8:ea:4b:8f:fa:
4d:32:04:cd:d0:cc:df:ec:e4:3c:d1:78:dc:36:28:
a1:06:5e:f3:68:fe:fc:d7:00:3e:4d:09:57:b6:6f:
67:be:05:68:2d:c2:46:b6:3c:6a:2b:b7:5b:d2:80:
08:eb:a6:7e:da:f1:be:19:33:a7:83:09:2c:b6:db:
02:ac:d3:91:d0:9f:99:dc:b1:4b:63:3a:ed:72:94:
d6:54:97:97:0a:a8:20:5a:ca:82:ab:72:cd:1a:81:
a4:da:e1:e9:67:42:5e:89:9a:c0:65:54:52:3b:dd:
ab:64:0a:b5:cd:67:39:8b:ef:e5:80:5e:bb:44:b2:
58:99:36:b6:3e:45:b8:c7:91:00:a0:77:42:70:ed:
84:bb:1b:f1:bf:de:16:48:43:5d:52:7f:80:5f:bc:
28:53:5b:36:61:bf:a4:9d:7d:47:7e:08:1f:b2:5c:
56:49:45:f2:0d:7b:79:fd:ac:f8:47:1b:c7:2e:c6:
0c:8d:a8:ef:81:aa:f5:e8:7f:03:5c:e3:38:0c:72:
bf:81:4b:30:f7:b8:85:ea:62:f0:e8:10:08:55:5e:
36:52:00:96:07:95:6e:e5:8d:21:6f:45:b5:ab:29:
ab:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:9A:9B:2D:65:66:B3:39:2B:34:6D:C4:A2:F9:CA:E0:DF:A1:5F:24
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/ppqbLWVmszkrNG3EovnK4N-hXyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.72.0/24
Signature Algorithm: sha256WithRSAEncryption
69:95:24:c8:93:fd:48:18:e4:fb:d0:64:92:23:93:7b:0c:0d:
88:4b:bb:00:65:63:6b:d0:17:0a:1a:3d:e2:09:a8:72:99:60:
d1:4e:3b:7d:6c:4f:8b:3c:e9:ab:02:32:86:c3:d2:c9:dc:f7:
0b:ad:8a:fa:b1:67:ad:80:7b:8a:55:df:17:5e:3b:dd:18:12:
f2:f0:d8:91:64:8f:d1:f2:5e:50:23:a9:0c:08:5f:80:5f:14:
d9:05:e1:ad:c8:c1:6d:a0:cc:e6:66:aa:ce:8b:e8:18:36:63:
37:a9:78:fa:a8:b0:ef:08:d7:a7:09:ab:c6:95:34:26:f0:89:
69:61:d7:8d:de:1d:62:11:8c:02:e1:df:a5:5a:a8:fc:62:29:
41:74:fe:e8:0a:e2:3e:32:f0:27:8e:96:ff:0a:fb:71:63:62:
f5:65:86:40:f9:1b:7f:b6:b0:34:e9:5b:c7:73:a8:a6:de:75:
f5:e2:ac:f2:7c:3a:b8:9e:d9:18:4d:00:ed:84:b4:f8:f4:99:
2b:23:f1:a2:18:af:89:9c:50:73:6f:9c:ee:23:f5:3f:7e:70:
13:03:67:b8:41:96:a0:80:cf:24:a3:90:42:61:20:ae:d5:0f:
23:ff:3a:06:c8:31:06:9b:37:72:68:7d:15:d1:11:54:45:44:
2c:26:96:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOSoGnJ/7CyMsqswc+45f52MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjIxMDAxMDgxODQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjlhOWIyZDY1NjZiMzM5MmIzNDZkYzRhMmY5Y2FlMGRmYTE1ZjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYRd/G0jxfYq3jFN+W4CUCh2hbiy
4/zD2OpLj/pNMgTN0Mzf7OQ80XjcNiihBl7zaP781wA+TQlXtm9nvgVoLcJGtjxq
K7db0oAI66Z+2vG+GTOngwksttsCrNOR0J+Z3LFLYzrtcpTWVJeXCqggWsqCq3LN
GoGk2uHpZ0JeiZrAZVRSO92rZAq1zWc5i+/lgF67RLJYmTa2PkW4x5EAoHdCcO2E
uxvxv94WSENdUn+AX7woU1s2Yb+knX1HfggfslxWSUXyDXt5/az4RxvHLsYMjajv
gar16H8DXOM4DHK/gUsw97iF6mLw6BAIVV42UgCWB5Vu5Y0hb0W1qymrvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKaamy1lZrM5KzRtxKL5yuDfoV8kMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvcHBxYkxXVm1zemtyTkczRW92bks0Ti1oWHlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVpIMA0G
CSqGSIb3DQEBCwUAA4IBAQBplSTIk/1IGOT70GSSI5N7DA2IS7sAZWNr0BcKGj3i
CahymWDRTjt9bE+LPOmrAjKGw9LJ3PcLrYr6sWetgHuKVd8XXjvdGBLy8NiRZI/R
8l5QI6kMCF+AXxTZBeGtyMFtoMzmZqrOi+gYNmM3qXj6qLDvCNenCavGlTQm8Ilp
YdeN3h1iEYwC4d+lWqj8YilBdP7oCuI+MvAnjpb/CvtxY2L1ZYZA+Rt/trA06VvH
c6im3nX14qzyfDq4ntkYTQDthLT49JkrI/GiGK+JnFBzb5zuI/U/fnATA2e4QZag
gM8ko5BCYSCu1Q8j/zoGyDEGmzdyaH0V0RFURUQsJpYX
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:08 2025 by rpki-client