Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/i33JVfz2ZHO3Aw-7sc1Ms-X6XkU.roa
File: i33JVfz2ZHO3Aw-7sc1Ms-X6XkU.roa (raw, json)
Hash identifier: GUIz8qeOIKqMd+cR8s+0U3CoogoufrIALtrrkKgkfx4=
Subject key identifier: 8B:7D:C9:55:FC:F6:64:73:B7:03:0F:BB:B1:CD:4C:B3:E5:FA:5E:45
Certificate issuer: /CN=68b22eea4a4a3b81654a227eda94e0e75937b015
Certificate serial: 02CF09CB
Authority key identifier: 68:B2:2E:EA:4A:4A:3B:81:65:4A:22:7E:DA:94:E0:E7:59:37:B0:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLIu6kpKO4FlSiJ-2pTg51k3sBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/i33JVfz2ZHO3Aw-7sc1Ms-X6XkU.roa
Signing time: Sat 01 Jan 2022 07:54:13 +0000
ROA not before: Sat 01 Jan 2022 07:54:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15924
IP address blocks: 45.143.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47122891 (0x2cf09cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68b22eea4a4a3b81654a227eda94e0e75937b015
Validity
Not Before: Jan 1 07:54:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b7dc955fcf66473b7030fbbb1cd4cb3e5fa5e45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8a:05:ed:7f:bc:ff:f1:bf:32:d6:fb:59:a9:
af:55:81:2f:41:f9:02:fb:7b:fd:a8:90:5c:46:14:
25:f8:55:cb:3c:e4:c9:98:41:2a:21:86:a0:81:4f:
a7:7b:d3:21:a3:b8:d4:c5:63:ca:71:57:69:47:4b:
b3:06:75:4d:bd:47:ab:92:49:d3:03:40:86:f8:59:
b1:29:e6:4a:4b:8a:78:56:fc:b1:62:a8:79:11:19:
81:e7:bf:32:5e:cb:3b:2a:17:27:e6:0f:c5:13:ea:
cd:fc:2c:5e:4c:f6:89:97:92:af:6c:17:3f:6b:14:
8f:4a:e0:80:9a:6b:ae:d9:e4:f9:2b:da:b6:47:78:
11:ca:cc:55:d1:bf:f1:d3:af:41:00:39:5b:72:d3:
61:59:8e:1e:09:ec:ec:53:e0:c1:a6:23:0f:17:af:
15:81:67:d8:ef:be:b2:af:c7:96:df:64:f2:66:18:
1d:21:3f:33:15:90:9f:04:ba:c7:8b:6b:27:ac:4a:
9c:fb:05:51:22:fb:4a:00:b1:3e:f2:2b:66:4a:07:
8f:ed:8c:5a:cc:21:26:a4:12:fc:07:62:08:3a:7c:
a6:19:8f:5c:4c:f4:77:5f:fa:1d:63:20:d0:50:ac:
d6:67:06:1c:28:38:83:c6:4e:24:47:0b:c9:57:4b:
e6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:7D:C9:55:FC:F6:64:73:B7:03:0F:BB:B1:CD:4C:B3:E5:FA:5E:45
X509v3 Authority Key Identifier:
keyid:68:B2:2E:EA:4A:4A:3B:81:65:4A:22:7E:DA:94:E0:E7:59:37:B0:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLIu6kpKO4FlSiJ-2pTg51k3sBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/i33JVfz2ZHO3Aw-7sc1Ms-X6XkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/aLIu6kpKO4FlSiJ-2pTg51k3sBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.191.0/24
Signature Algorithm: sha256WithRSAEncryption
80:1b:ce:8e:8c:14:36:f5:09:ab:07:b6:c4:99:c9:cb:3a:b2:
99:55:72:9e:c7:95:f8:92:85:f7:e2:0b:a0:6e:60:40:47:cb:
09:ba:c8:aa:23:36:1a:2a:76:7c:4a:ae:37:bb:36:12:98:d5:
89:a0:d2:ee:28:38:c8:f5:d6:e2:d9:87:d5:ac:72:84:c5:3e:
fa:a2:68:89:13:91:10:0e:d4:fa:70:5e:71:70:1d:0a:8f:aa:
57:5d:04:45:5f:a0:2b:0b:c5:55:0f:9b:a3:a3:d8:aa:76:e3:
3d:bd:0e:43:84:92:5e:78:ff:cd:18:ad:92:01:82:50:f6:50:
86:2f:17:66:70:15:5f:8f:f0:21:dd:9d:c7:c7:68:3b:63:bc:
a1:fd:5c:6a:80:e7:22:27:d7:5a:3d:43:44:3c:8d:95:47:b1:
0d:7f:5a:01:a4:a9:4d:5e:e2:7d:2a:6a:22:60:b0:e7:c4:46:
cd:67:87:87:a7:d7:5e:5a:b6:21:bf:ed:5c:19:1a:69:00:48:
e9:63:9c:1e:b3:9b:f3:d2:59:12:35:ff:a0:97:31:52:d6:39:
96:ce:c3:4d:22:6c:8e:a2:be:bf:09:d3:f5:c5:04:3e:2a:e6:
e5:66:e1:78:5f:66:a1:ce:5d:98:94:51:57:13:f1:43:c9:c2:
0a:f5:96:15
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAs8JyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGIyMmVlYTRhNGEzYjgxNjU0YTIyN2VkYTk0ZTBlNzU5MzdiMDE1MB4XDTIyMDEw
MTA3NTQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGI3ZGM5NTVmY2Y2
NjQ3M2I3MDMwZmJiYjFjZDRjYjNlNWZhNWU0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuKBe1/vP/xvzLW+1mpr1WBL0H5Avt7/aiQXEYUJfhVyzzk
yZhBKiGGoIFPp3vTIaO41MVjynFXaUdLswZ1Tb1Hq5JJ0wNAhvhZsSnmSkuKeFb8
sWKoeREZgee/Ml7LOyoXJ+YPxRPqzfwsXkz2iZeSr2wXP2sUj0rggJprrtnk+Sva
tkd4EcrMVdG/8dOvQQA5W3LTYVmOHgns7FPgwaYjDxevFYFn2O++sq/Hlt9k8mYY
HSE/MxWQnwS6x4trJ6xKnPsFUSL7SgCxPvIrZkoHj+2MWswhJqQS/AdiCDp8phmP
XEz0d1/6HWMg0FCs1mcGHCg4g8ZOJEcLyVdL5p8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSLfclV/PZkc7cDD7uxzUyz5fpeRTAfBgNVHSMEGDAWgBRosi7qSko7gWVK
In7alODnWTewFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FMSXU2a3BLTzRGbFNpSi0ycFRnNTFrM3NCVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvNjljYmMwLWI2YzUtNGU2Ny1hNzNiLTJiNjVhN2E4YmU4Yy8x
L2kzM0pWZnoyWkhPM0F3LTdzYzFNcy1YNlhrVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
NjljYmMwLWI2YzUtNGU2Ny1hNzNiLTJiNjVhN2E4YmU4Yy8xL2FMSXU2a3BLTzRG
bFNpSi0ycFRnNTFrM3NCVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2PvzANBgkqhkiG9w0BAQsFAAOC
AQEAgBvOjowUNvUJqwe2xJnJyzqymVVynseV+JKF9+ILoG5gQEfLCbrIqiM2Gip2
fEquN7s2EpjViaDS7ig4yPXW4tmH1axyhMU++qJoiROREA7U+nBecXAdCo+qV10E
RV+gKwvFVQ+bo6PYqnbjPb0OQ4SSXnj/zRitkgGCUPZQhi8XZnAVX4/wId2dx8do
O2O8of1caoDnIifXWj1DRDyNlUexDX9aAaSpTV7ifSpqImCw58RGzWeHh6fXXlq2
Ib/tXBkaaQBI6WOcHrOb89JZEjX/oJcxUtY5ls7DTSJsjqK+vwnT9cUEPirm5Wbh
eF9moc5dmJRRVxPxQ8nCCvWWFQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:37 2025 by rpki-client