Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/Ygz-9wrcegBNOdqwNLrDgk18eog.roa
File: Ygz-9wrcegBNOdqwNLrDgk18eog.roa (raw, json)
Hash identifier: oMzzHVxXPpo0qGiDS0qBSyQrcQ+btDZEMXDNoiigHjk=
Subject key identifier: 62:0C:FE:F7:0A:DC:7A:00:4D:39:DA:B0:34:BA:C3:82:4D:7C:7A:88
Certificate issuer: /CN=68b22eea4a4a3b81654a227eda94e0e75937b015
Certificate serial: 02CFD045
Authority key identifier: 68:B2:2E:EA:4A:4A:3B:81:65:4A:22:7E:DA:94:E0:E7:59:37:B0:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLIu6kpKO4FlSiJ-2pTg51k3sBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/Ygz-9wrcegBNOdqwNLrDgk18eog.roa
Signing time: Sat 01 Jan 2022 07:54:14 +0000
ROA not before: Sat 01 Jan 2022 07:54:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34984
IP address blocks: 45.143.190.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47173701 (0x2cfd045)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68b22eea4a4a3b81654a227eda94e0e75937b015
Validity
Not Before: Jan 1 07:54:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=620cfef70adc7a004d39dab034bac3824d7c7a88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:13:d5:ed:da:23:29:32:a4:d2:35:50:5e:e4:
99:64:b0:d3:89:7f:53:05:a9:7e:2b:63:15:fc:6c:
79:a9:67:58:1f:70:9a:ee:8b:7d:85:19:a6:a5:86:
35:20:d6:7a:d9:53:85:3a:da:f5:78:81:30:3c:19:
50:28:4e:0c:ee:ea:03:59:57:eb:2c:53:01:1c:af:
b8:b6:e7:7f:b5:6e:9a:57:34:8d:2b:5a:a7:e5:ac:
cd:0a:64:28:52:f7:99:9c:72:e4:84:9c:13:a7:3e:
45:81:4a:13:f6:4c:aa:4e:5a:4c:b6:34:4e:7e:d5:
1d:3b:18:c3:60:8b:b5:9a:f9:50:10:1a:67:43:11:
78:ab:3d:68:25:9e:71:0f:ce:c6:4e:71:41:62:7d:
29:7a:32:00:d5:90:4e:41:93:ef:f2:42:31:21:e2:
a3:89:65:ec:2f:ec:2e:86:39:1c:17:16:a7:d7:96:
07:2f:96:bd:91:8c:1b:cf:68:b3:0e:04:39:a6:a0:
4a:5d:57:be:7c:c1:63:86:68:5a:e6:2c:7e:81:32:
e1:07:ef:00:78:ad:3d:84:e5:de:8f:ae:5b:e1:5c:
bc:aa:94:22:66:67:61:3f:2b:a8:b7:a6:fd:ac:9d:
34:dc:11:4c:70:ae:81:5f:72:b1:86:95:df:70:41:
5c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:0C:FE:F7:0A:DC:7A:00:4D:39:DA:B0:34:BA:C3:82:4D:7C:7A:88
X509v3 Authority Key Identifier:
keyid:68:B2:2E:EA:4A:4A:3B:81:65:4A:22:7E:DA:94:E0:E7:59:37:B0:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLIu6kpKO4FlSiJ-2pTg51k3sBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/Ygz-9wrcegBNOdqwNLrDgk18eog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/aLIu6kpKO4FlSiJ-2pTg51k3sBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.190.0/24
Signature Algorithm: sha256WithRSAEncryption
02:31:27:37:9c:9b:4b:af:13:21:fa:fc:38:ea:12:34:f3:9c:
23:9f:08:5b:6a:58:ff:0e:bc:19:6d:a1:43:eb:e5:81:0b:f3:
5b:99:df:f8:ec:51:02:8d:57:30:1a:0a:27:35:d8:6b:59:86:
37:f6:12:f5:64:f3:32:1e:07:c8:e6:73:2e:d7:a7:d7:cc:14:
a2:c2:ee:20:9e:5b:12:5d:59:42:92:a5:21:a6:90:f9:e4:36:
43:c9:94:1c:29:13:93:6a:d7:f7:a8:bb:21:c6:1e:93:6e:f3:
d0:ed:be:2a:97:5a:98:b8:83:be:c5:22:73:87:bb:02:bc:78:
80:a5:10:1a:70:6f:8a:34:bd:db:15:68:2b:e1:d5:32:cd:6b:
b8:44:ed:2f:38:c3:ab:e3:48:9d:11:c9:d8:e7:db:1e:fc:90:
73:e7:c9:31:09:8e:d8:10:79:63:72:82:ca:51:4c:12:82:9d:
35:8d:02:b7:5c:1f:30:6e:79:b9:52:79:4d:62:62:43:a1:5c:
83:d7:af:75:2b:78:6b:de:eb:ce:d7:55:2f:8d:ed:e5:5a:62:
56:b9:d6:b8:73:cd:90:35:73:23:25:8c:7c:bd:42:67:92:b5:
35:d8:4a:03:f5:26:80:28:c9:ae:ae:a1:03:77:53:8c:da:7b:
98:b1:32:66
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAs/QRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGIyMmVlYTRhNGEzYjgxNjU0YTIyN2VkYTk0ZTBlNzU5MzdiMDE1MB4XDTIyMDEw
MTA3NTQxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjIwY2ZlZjcwYWRj
N2EwMDRkMzlkYWIwMzRiYWMzODI0ZDdjN2E4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJUT1e3aIykypNI1UF7kmWSw04l/UwWpfitjFfxsealnWB9w
mu6LfYUZpqWGNSDWetlThTra9XiBMDwZUChODO7qA1lX6yxTARyvuLbnf7Vumlc0
jStap+WszQpkKFL3mZxy5IScE6c+RYFKE/ZMqk5aTLY0Tn7VHTsYw2CLtZr5UBAa
Z0MReKs9aCWecQ/Oxk5xQWJ9KXoyANWQTkGT7/JCMSHio4ll7C/sLoY5HBcWp9eW
By+WvZGMG89osw4EOaagSl1XvnzBY4ZoWuYsfoEy4QfvAHitPYTl3o+uW+FcvKqU
ImZnYT8rqLem/aydNNwRTHCugV9ysYaV33BBXLUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRiDP73Ctx6AE052rA0usOCTXx6iDAfBgNVHSMEGDAWgBRosi7qSko7gWVK
In7alODnWTewFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FMSXU2a3BLTzRGbFNpSi0ycFRnNTFrM3NCVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvNjljYmMwLWI2YzUtNGU2Ny1hNzNiLTJiNjVhN2E4YmU4Yy8x
L1lnei05d3JjZWdCTk9kcXdOTHJEZ2sxOGVvZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
NjljYmMwLWI2YzUtNGU2Ny1hNzNiLTJiNjVhN2E4YmU4Yy8xL2FMSXU2a3BLTzRG
bFNpSi0ycFRnNTFrM3NCVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2PvjANBgkqhkiG9w0BAQsFAAOC
AQEAAjEnN5ybS68TIfr8OOoSNPOcI58IW2pY/w68GW2hQ+vlgQvzW5nf+OxRAo1X
MBoKJzXYa1mGN/YS9WTzMh4HyOZzLten18wUosLuIJ5bEl1ZQpKlIaaQ+eQ2Q8mU
HCkTk2rX96i7IcYek27z0O2+KpdamLiDvsUic4e7Arx4gKUQGnBvijS92xVoK+HV
Ms1ruETtLzjDq+NInRHJ2OfbHvyQc+fJMQmO2BB5Y3KCylFMEoKdNY0Ct1wfMG55
uVJ5TWJiQ6Fcg9evdSt4a97rztdVL43t5VpiVrnWuHPNkDVzIyWMfL1CZ5K1NdhK
A/UmgCjJrq6hA3dTjNp7mLEyZg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:27:48 2025 by rpki-client