Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/DZRlK-WxoN2-Gz6wRzLb_78f2X4.roa
File: DZRlK-WxoN2-Gz6wRzLb_78f2X4.roa (raw, json)
Hash identifier: GOmHq2BXFa65poGZhhyExfW/SoEUzZxcWvbrir2hQAM=
Subject key identifier: 0D:94:65:2B:E5:B1:A0:DD:BE:1B:3E:B0:47:32:DB:FF:BF:1F:D9:7E
Certificate issuer: /CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Certificate serial: 03EB72EA
Authority key identifier: E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/DZRlK-WxoN2-Gz6wRzLb_78f2X4.roa
Signing time: Tue 15 Feb 2022 18:57:31 +0000
ROA not before: Tue 15 Feb 2022 18:57:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 45.149.153.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65762026 (0x3eb72ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Validity
Not Before: Feb 15 18:57:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d94652be5b1a0ddbe1b3eb04732dbffbf1fd97e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:83:0b:a0:f7:5f:08:45:ed:32:f2:d4:e7:d2:
67:ac:5b:a2:11:7f:1d:1a:54:f4:2b:dc:bc:f1:9e:
48:9a:4d:8d:59:0b:d3:38:2c:ba:dd:bf:35:b9:9d:
ed:29:7f:b3:57:00:32:7d:38:53:6e:98:63:ec:0d:
78:39:d5:c3:78:78:01:45:9c:fc:65:64:bd:83:ef:
9b:5a:43:02:b8:5a:02:38:b1:99:58:09:26:5d:23:
9e:59:54:4c:ef:65:77:e2:53:e0:3b:06:90:31:8c:
87:20:50:00:bc:e4:af:e4:06:02:ae:d2:6c:a8:c8:
cf:36:4e:04:4d:46:3e:80:87:de:74:3b:67:48:6b:
2a:33:61:e9:47:96:bc:eb:ed:4b:56:a9:47:49:77:
25:fa:61:2c:d2:2f:8f:6e:10:bd:1f:f1:3a:62:8d:
2b:8b:f2:56:a0:a6:ab:5c:9c:a1:32:6d:3b:85:2a:
64:37:1e:60:02:ea:94:fb:98:5c:cc:c9:fb:0f:83:
bf:e4:fd:dd:3c:ec:70:5d:c1:96:0c:cb:0d:fd:57:
22:0a:d5:ee:d1:34:d4:1d:70:09:ee:47:b6:6e:8d:
5e:db:4c:b2:3a:28:38:c7:51:ee:45:63:c1:a9:80:
9f:cf:e3:e6:ef:70:f7:e0:ac:bd:79:2a:37:db:e9:
ed:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:94:65:2B:E5:B1:A0:DD:BE:1B:3E:B0:47:32:DB:FF:BF:1F:D9:7E
X509v3 Authority Key Identifier:
keyid:E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/DZRlK-WxoN2-Gz6wRzLb_78f2X4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/55XJYXylpqO_8mP8GDeZL9GsR_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.153.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:e6:d3:91:66:35:b8:db:f8:09:f7:eb:fd:8b:ce:f1:89:4a:
fa:1b:93:50:bd:4b:c4:d1:df:b1:fb:96:ba:30:7d:c1:db:a8:
4f:f2:d2:f9:53:78:3d:2b:b8:9e:51:5a:22:86:b7:b4:7a:7d:
50:b7:fa:f8:8f:ef:ba:85:2c:28:41:23:f0:2c:be:68:2a:60:
ef:cf:9a:7f:db:44:a9:7c:93:5a:0d:1a:3b:34:d8:cb:86:63:
9d:83:6b:7e:2c:14:9c:a4:e2:bc:0c:59:56:04:5f:ef:f6:45:
e8:1a:0d:45:60:5e:21:79:b7:cc:5a:64:59:78:2f:54:f7:12:
81:47:aa:dd:9e:ff:b5:be:96:9b:46:d0:ba:e5:63:92:4a:cf:
20:86:8c:ba:5e:c0:de:ab:e4:f3:b5:39:e4:35:2c:7e:7a:a1:
50:57:55:28:03:3b:bd:12:47:38:86:ec:9a:3b:68:88:a0:30:
0a:d1:49:c7:f2:d8:97:73:18:08:aa:c7:f1:e9:59:79:d2:10:
e5:74:45:20:1d:e7:cf:ac:3a:41:7b:ab:64:f1:b3:07:0c:93:
dc:60:4a:2d:09:8e:a5:60:e0:6a:32:7a:14:2e:88:0f:04:c4:
86:74:3c:2e:d5:cc:aa:74:85:51:3a:ea:9c:b7:bf:9d:1b:3b:
93:68:b0:fc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+ty6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
Nzk1Yzk2MTdjYTVhNmEzYmZmMjYzZmMxODM3OTkyZmQxYWM0N2YyMB4XDTIyMDIx
NTE4NTczMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGQ5NDY1MmJlNWIx
YTBkZGJlMWIzZWIwNDczMmRiZmZiZjFmZDk3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyDC6D3XwhF7TLy1OfSZ6xbohF/HRpU9CvcvPGeSJpNjVkL
0zgsut2/Nbmd7Sl/s1cAMn04U26YY+wNeDnVw3h4AUWc/GVkvYPvm1pDArhaAjix
mVgJJl0jnllUTO9ld+JT4DsGkDGMhyBQALzkr+QGAq7SbKjIzzZOBE1GPoCH3nQ7
Z0hrKjNh6UeWvOvtS1apR0l3JfphLNIvj24QvR/xOmKNK4vyVqCmq1ycoTJtO4Uq
ZDceYALqlPuYXMzJ+w+Dv+T93TzscF3BlgzLDf1XIgrV7tE01B1wCe5Htm6NXttM
sjooOMdR7kVjwamAn8/j5u9w9+CsvXkqN9vp7QMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQNlGUr5bGg3b4bPrBHMtv/vx/ZfjAfBgNVHSMEGDAWgBTnlclhfKWmo7/y
Y/wYN5kv0axH8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU1WEpZWHlscHFPXzhtUDhHRGVaTDlHc1JfSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvOTg2ZGRlLTVmNjgtNGMyMS1iNTQ2LWQ1NDBkZjg4NmJhYi8x
L0RaUmxLLVd4b04yLUd6NndSekxiXzc4ZjJYNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
OTg2ZGRlLTVmNjgtNGMyMS1iNTQ2LWQ1NDBkZjg4NmJhYi8xLzU1WEpZWHlscHFP
XzhtUDhHRGVaTDlHc1JfSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2VmTANBgkqhkiG9w0BAQsFAAOC
AQEAX+bTkWY1uNv4Cffr/YvO8YlK+huTUL1LxNHfsfuWujB9wduoT/LS+VN4PSu4
nlFaIoa3tHp9ULf6+I/vuoUsKEEj8Cy+aCpg78+af9tEqXyTWg0aOzTYy4ZjnYNr
fiwUnKTivAxZVgRf7/ZF6BoNRWBeIXm3zFpkWXgvVPcSgUeq3Z7/tb6Wm0bQuuVj
kkrPIIaMul7A3qvk87U55DUsfnqhUFdVKAM7vRJHOIbsmjtoiKAwCtFJx/LYl3MY
CKrH8elZedIQ5XRFIB3nz6w6QXurZPGzBwyT3GBKLQmOpWDgajJ6FC6IDwTEhnQ8
LtXMqnSFUTrqnLe/nRs7k2iw/A==
-----END CERTIFICATE-----
Generated at Tue Apr 15 14:00:43 2025 by rpki-client