Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Ftwmpd0yGwjxhtxTipIuWw1Ftm8.roa
File: Ftwmpd0yGwjxhtxTipIuWw1Ftm8.roa (raw, json)
Hash identifier: fZgP6qEj5LmpTeSD/WRp3qqAFtuYUJ4k8lu4VVHhL6M=
Subject key identifier: 16:DC:26:A5:DD:32:1B:08:F1:86:DC:53:8A:92:2E:5B:0D:45:B6:6F
Certificate issuer: /CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Certificate serial: 01905901A7DA385A51E445C11638C17297A3
Authority key identifier: 46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Ftwmpd0yGwjxhtxTipIuWw1Ftm8.roa
Signing time: Thu 27 Jun 2024 09:23:19 +0000
ROA not before: Thu 27 Jun 2024 09:23:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41789
IP address blocks: 45.82.14.0/23 maxlen: 23
45.91.64.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:59:01:a7:da:38:5a:51:e4:45:c1:16:38:c1:72:97:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=465eba5c1a80f86a4589278edd9304b3f5169f83
Validity
Not Before: Jun 27 09:23:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16dc26a5dd321b08f186dc538a922e5b0d45b66f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:eb:df:2f:c5:08:db:ea:4c:e6:49:18:54:84:
41:dd:cb:dd:b7:e6:41:87:ed:c9:bd:ce:7c:a0:6f:
a9:5d:d4:83:86:84:a1:72:96:ad:a1:2b:bf:e1:80:
e9:27:59:69:7f:27:0e:c1:ad:91:ab:cb:fc:02:79:
a6:ea:57:d1:34:81:ad:bf:40:db:08:e7:9d:a3:e7:
cb:c6:1a:26:5f:9d:01:97:7f:93:99:40:53:3b:8a:
86:49:ca:27:c4:c3:5c:ab:46:0e:2d:1e:43:05:0e:
72:cb:d1:4b:cc:03:d4:fb:31:90:7c:6f:1a:60:c0:
d3:3d:f7:a4:82:ef:48:76:b9:ab:db:e8:4c:d9:d2:
32:51:5d:f8:ce:f7:2e:3f:7e:01:04:88:b6:80:c1:
b9:5c:8c:e8:5f:22:3b:1a:8c:b0:78:d6:49:d6:74:
68:bf:58:6a:b4:79:12:91:10:89:33:88:4c:c8:e9:
5d:42:24:37:59:b4:f7:93:c5:85:9b:eb:b6:34:00:
ff:3d:77:97:5c:30:4c:a8:23:ef:1c:fc:14:39:9d:
b4:43:28:3e:af:7d:3a:cc:22:30:1c:5b:be:c0:ef:
33:1a:08:0b:e8:e1:06:72:73:8f:a8:25:80:de:06:
dc:f5:3e:9e:b9:d4:b9:a8:4c:e9:c7:22:04:05:2f:
67:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:DC:26:A5:DD:32:1B:08:F1:86:DC:53:8A:92:2E:5B:0D:45:B6:6F
X509v3 Authority Key Identifier:
keyid:46:5E:BA:5C:1A:80:F8:6A:45:89:27:8E:DD:93:04:B3:F5:16:9F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Ftwmpd0yGwjxhtxTipIuWw1Ftm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/c12a7b-5caf-4e7c-970d-5c476e3325f5/1/Rl66XBqA-GpFiSeO3ZMEs_UWn4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.14.0/23
45.91.64.0/24
Signature Algorithm: sha256WithRSAEncryption
92:ec:77:c1:3c:73:0a:b1:b2:1a:5a:73:83:6c:b2:2c:40:2a:
23:b3:53:64:ce:8d:d2:a2:38:15:5b:26:04:f3:4c:f4:63:6f:
71:31:be:96:75:3e:16:f9:e1:e5:f9:1a:bd:e1:39:3a:fa:82:
42:d7:ee:c4:ea:8f:a5:8e:0c:f7:2f:27:01:03:5f:a7:25:dc:
7b:09:e5:00:80:03:96:13:b5:51:73:22:07:0b:f2:95:2b:09:
c8:3e:26:30:c6:47:9b:70:95:95:f1:0e:d8:d6:dc:44:4d:92:
b6:6d:27:8d:85:35:67:02:fa:97:0c:f2:d7:44:1f:32:23:fa:
6b:a8:b8:ea:a7:7b:62:ef:1a:d7:41:64:53:a2:ea:72:3f:db:
ac:c9:4f:da:68:84:08:8d:09:bb:97:ef:af:6e:14:ee:2d:8c:
8f:c1:a4:b9:e3:dd:28:47:35:aa:26:5d:b0:dc:a7:cf:0c:31:
86:29:71:26:4b:b4:f0:cf:8c:0a:61:a2:99:a9:c9:52:8f:d3:
f8:84:c5:c4:c2:11:85:00:9f:3a:c9:87:14:a6:d3:81:62:0e:
10:01:a2:95:ac:65:02:64:35:bd:20:88:5a:8f:d1:a9:13:ce:
de:fc:94:17:ff:b0:55:fc:6b:a8:25:3d:77:c3:8e:28:98:4f:
1e:54:e5:ed
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZBZAafaOFpR5EXBFjjBcpejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NWViYTVjMWE4MGY4NmE0NTg5Mjc4ZWRkOTMwNGIzZjUx
NjlmODMwHhcNMjQwNjI3MDkyMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmRjMjZhNWRkMzIxYjA4ZjE4NmRjNTM4YTkyMmU1YjBkNDViNjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6OvfL8UI2+pM5kkYVIRB3cvdt+ZB
h+3Jvc58oG+pXdSDhoShcpatoSu/4YDpJ1lpfycOwa2Rq8v8Anmm6lfRNIGtv0Db
COedo+fLxhomX50Bl3+TmUBTO4qGSconxMNcq0YOLR5DBQ5yy9FLzAPU+zGQfG8a
YMDTPfekgu9Idrmr2+hM2dIyUV34zvcuP34BBIi2gMG5XIzoXyI7GoyweNZJ1nRo
v1hqtHkSkRCJM4hMyOldQiQ3WbT3k8WFm+u2NAD/PXeXXDBMqCPvHPwUOZ20Qyg+
r306zCIwHFu+wO8zGggL6OEGcnOPqCWA3gbc9T6eudS5qEzpxyIEBS9nBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBbcJqXdMhsI8YbcU4qSLlsNRbZvMB8GA1UdIwQY
MBaAFEZeulwagPhqRYknjt2TBLP1Fp+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQt
NWM0NzZlMzMyNWY1LzEvRnR3bXBkMHlHd2p4aHR4VGlwSXVXdzFGdG04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9jMTJhN2ItNWNhZi00ZTdjLTk3MGQtNWM0NzZlMzMyNWY1
LzEvUmw2NlhCcUEtR3BGaVNlTzNaTUVzX1VXbjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLVIOAwQA
LVtAMA0GCSqGSIb3DQEBCwUAA4IBAQCS7HfBPHMKsbIaWnODbLIsQCojs1Nkzo3S
ojgVWyYE80z0Y29xMb6WdT4W+eHl+Rq94Tk6+oJC1+7E6o+ljgz3LycBA1+nJdx7
CeUAgAOWE7VRcyIHC/KVKwnIPiYwxkebcJWV8Q7Y1txETZK2bSeNhTVnAvqXDPLX
RB8yI/prqLjqp3ti7xrXQWRToupyP9usyU/aaIQIjQm7l++vbhTuLYyPwaS5490o
RzWqJl2w3KfPDDGGKXEmS7Twz4wKYaKZqclSj9P4hMXEwhGFAJ86yYcUptOBYg4Q
AaKVrGUCZDW9IIhaj9GpE87e/JQX/7BV/GuoJT13w44omE8eVOXt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:49 2025 by rpki-client