Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/0rrZvlYx1T0HDfpwrKVX_hme0Pg.roa
File: 0rrZvlYx1T0HDfpwrKVX_hme0Pg.roa (raw, json)
Hash identifier: wK9jit+EdnaZdowh4ISezyT0d7tlOaTjZOnKQM2k/3U=
Subject key identifier: D2:BA:D9:BE:56:31:D5:3D:07:0D:FA:70:AC:A5:57:FE:19:9E:D0:F8
Certificate issuer: /CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Certificate serial: 0414BCFA
Authority key identifier: E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/0rrZvlYx1T0HDfpwrKVX_hme0Pg.roa
Signing time: Mon 07 Mar 2022 15:16:03 +0000
ROA not before: Mon 07 Mar 2022 15:16:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 45.149.154.0/24 maxlen: 24
45.149.153.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68467962 (0x414bcfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Validity
Not Before: Mar 7 15:16:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2bad9be5631d53d070dfa70aca557fe199ed0f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ed:c9:ae:cf:74:3e:7f:9a:5f:42:75:b4:82:
c5:89:35:ab:fd:79:f8:c8:d8:21:3d:3a:7d:0a:f6:
8a:5b:8a:da:53:72:75:c2:47:64:60:1c:94:c0:15:
9f:bf:43:da:1b:f9:21:43:28:5d:c8:9f:3e:ba:06:
16:57:da:6b:d6:05:bc:ef:33:85:3b:ae:45:37:da:
35:fb:93:db:b2:f9:47:95:ec:58:4f:1e:d9:e5:a0:
1a:ab:23:5e:04:d0:79:1e:60:99:3a:c0:90:25:74:
b5:36:68:b0:57:5d:4f:1b:d6:05:93:3d:25:74:37:
5f:02:00:62:46:24:18:57:a9:df:50:5b:b9:06:3f:
a6:97:9b:76:1d:af:99:2b:42:e0:13:34:8c:19:97:
19:9f:44:38:ca:bb:73:f9:61:1d:9f:75:47:af:89:
31:93:d8:c0:f5:0a:6e:43:37:2d:c7:d7:b6:f5:bc:
cc:33:65:5a:b5:16:86:87:0d:ef:9d:fd:af:2c:d6:
3e:50:57:c5:09:90:68:91:5a:53:ba:e2:4f:7e:d4:
27:11:54:60:e3:d1:88:94:cb:3a:dd:5d:55:63:f9:
dc:a0:1b:de:68:47:be:39:b9:5c:4a:c6:6d:be:d4:
0f:1c:d4:1e:f3:98:ce:62:22:92:7b:95:c6:17:56:
6a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:BA:D9:BE:56:31:D5:3D:07:0D:FA:70:AC:A5:57:FE:19:9E:D0:F8
X509v3 Authority Key Identifier:
keyid:E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/0rrZvlYx1T0HDfpwrKVX_hme0Pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/55XJYXylpqO_8mP8GDeZL9GsR_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.153.0-45.149.154.255
Signature Algorithm: sha256WithRSAEncryption
dd:73:2c:53:99:9c:b4:38:d6:40:0b:f2:a7:ec:19:61:39:75:
72:44:04:1d:66:c8:2a:57:4f:20:67:bb:d0:3b:c7:f7:6c:df:
b6:e0:c3:03:00:08:c0:92:c2:73:76:1e:de:22:d3:b1:35:2c:
b9:7d:0f:44:14:4c:e2:c1:23:0e:4c:91:28:8c:b5:bb:dc:5b:
0a:82:ac:06:ac:17:e3:db:82:20:bd:38:ff:d0:c5:da:d2:b2:
d6:63:4f:f2:23:cb:7e:eb:f8:d7:e7:78:2b:aa:a4:7a:34:d9:
85:72:4a:d0:15:3a:33:df:57:5f:81:4b:6f:28:75:18:11:bd:
39:f6:d0:00:e1:e9:dd:cf:75:75:ea:29:87:41:a3:16:49:48:
aa:48:f2:68:5f:92:e8:4f:38:55:d0:93:0c:55:54:51:0a:c0:
38:db:3f:b7:f7:8c:18:ec:6d:88:95:09:d1:0c:73:32:5a:5f:
7d:c9:19:e3:a6:46:83:49:75:ba:27:68:04:14:58:a4:09:58:
b8:c3:9a:42:48:f8:d3:2e:28:07:3e:8e:a1:b7:54:f4:10:82:
6f:ca:c0:9c:b0:cc:18:23:28:48:cb:b6:fe:9e:b4:a6:c5:c1:
0c:c2:5e:7d:64:17:7a:06:6b:f8:f5:d1:f3:06:e3:35:8e:e1:
ae:43:d5:d5
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBBS8+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
Nzk1Yzk2MTdjYTVhNmEzYmZmMjYzZmMxODM3OTkyZmQxYWM0N2YyMB4XDTIyMDMw
NzE1MTYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDJiYWQ5YmU1NjMx
ZDUzZDA3MGRmYTcwYWNhNTU3ZmUxOTllZDBmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPtya7PdD5/ml9CdbSCxYk1q/15+MjYIT06fQr2iluK2lNy
dcJHZGAclMAVn79D2hv5IUMoXcifProGFlfaa9YFvO8zhTuuRTfaNfuT27L5R5Xs
WE8e2eWgGqsjXgTQeR5gmTrAkCV0tTZosFddTxvWBZM9JXQ3XwIAYkYkGFep31Bb
uQY/ppebdh2vmStC4BM0jBmXGZ9EOMq7c/lhHZ91R6+JMZPYwPUKbkM3LcfXtvW8
zDNlWrUWhocN7539ryzWPlBXxQmQaJFaU7riT37UJxFUYOPRiJTLOt1dVWP53KAb
3mhHvjm5XErGbb7UDxzUHvOYzmIiknuVxhdWatECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTSutm+VjHVPQcN+nCspVf+GZ7Q+DAfBgNVHSMEGDAWgBTnlclhfKWmo7/y
Y/wYN5kv0axH8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU1WEpZWHlscHFPXzhtUDhHRGVaTDlHc1JfSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvOTg2ZGRlLTVmNjgtNGMyMS1iNTQ2LWQ1NDBkZjg4NmJhYi8x
LzByclp2bFl4MVQwSERmcHdyS1ZYX2htZTBQZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
OTg2ZGRlLTVmNjgtNGMyMS1iNTQ2LWQ1NDBkZjg4NmJhYi8xLzU1WEpZWHlscHFP
XzhtUDhHRGVaTDlHc1JfSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQALZWZAwQALZWaMA0GCSqGSIb3
DQEBCwUAA4IBAQDdcyxTmZy0ONZAC/Kn7BlhOXVyRAQdZsgqV08gZ7vQO8f3bN+2
4MMDAAjAksJzdh7eItOxNSy5fQ9EFEziwSMOTJEojLW73FsKgqwGrBfj24IgvTj/
0MXa0rLWY0/yI8t+6/jX53grqqR6NNmFckrQFToz31dfgUtvKHUYEb059tAA4end
z3V16imHQaMWSUiqSPJoX5LoTzhV0JMMVVRRCsA42z+394wY7G2IlQnRDHMyWl99
yRnjpkaDSXW6J2gEFFikCVi4w5pCSPjTLigHPo6ht1T0EIJvysCcsMwYIyhIy7b+
nrSmxcEMwl59ZBd6Bmv49dHzBuM1juGuQ9XV
-----END CERTIFICATE-----
Generated at Tue Apr 15 14:03:12 2025 by rpki-client