Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/Kqzf8wDNuRjT546QC2xF40q6Amc.roa
File: Kqzf8wDNuRjT546QC2xF40q6Amc.roa (raw, json)
Hash identifier: O6/q38Og0nERYP34dx1pWbE8zAP7a9DNis6Wb1BpK00=
Subject key identifier: 2A:AC:DF:F3:00:CD:B9:18:D3:E7:8E:90:0B:6C:45:E3:4A:BA:02:67
Certificate issuer: /CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Certificate serial: 03883674
Authority key identifier: E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/Kqzf8wDNuRjT546QC2xF40q6Amc.roa
Signing time: Sat 01 Jan 2022 06:54:20 +0000
ROA not before: Sat 01 Jan 2022 06:54:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208275
IP address blocks: 45.149.152.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59258484 (0x3883674)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Validity
Not Before: Jan 1 06:54:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2aacdff300cdb918d3e78e900b6c45e34aba0267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:12:13:28:fa:94:4b:8a:e9:07:ee:ce:54:58:
b9:c2:3d:6a:bf:6b:eb:33:fd:38:4c:8c:85:29:40:
ae:a0:91:1f:89:3c:5f:bb:83:7e:e4:c6:d5:6b:8c:
f2:18:dc:6d:f9:9c:b3:58:26:05:96:a6:01:f3:2c:
8d:54:0f:d2:ee:aa:b1:e4:ff:95:1e:89:d4:49:45:
5d:f2:e4:fe:3f:8c:06:ef:a2:26:e6:db:13:b5:13:
f2:0e:9b:d4:b5:d2:ab:fb:bd:47:0c:08:09:99:3f:
16:09:28:53:10:78:17:cc:b1:e3:aa:a4:1b:52:91:
40:d7:48:1b:75:70:c8:d3:e2:ac:16:11:66:51:e9:
31:96:93:ee:d8:b5:ec:95:50:2b:c1:ec:dc:4c:01:
dc:31:da:e5:93:d6:ad:f4:b6:ad:ff:85:97:fc:a7:
a6:e6:e8:8a:c4:cc:c2:03:c2:26:b3:fa:53:52:8b:
c0:ef:f4:16:b1:2e:db:da:bf:d1:61:71:94:6d:da:
71:b1:7d:04:ff:15:7e:dd:ba:0f:a7:72:ab:df:20:
8a:36:eb:ed:a0:13:18:62:32:ca:37:7b:3c:67:67:
7b:89:e5:95:ef:2d:ab:d8:92:4c:47:ec:d7:66:07:
4e:a3:8c:cb:04:51:65:4e:88:b7:f1:bc:13:d6:c1:
7d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:AC:DF:F3:00:CD:B9:18:D3:E7:8E:90:0B:6C:45:E3:4A:BA:02:67
X509v3 Authority Key Identifier:
keyid:E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/Kqzf8wDNuRjT546QC2xF40q6Amc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/55XJYXylpqO_8mP8GDeZL9GsR_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.152.0/22
Signature Algorithm: sha256WithRSAEncryption
e2:8a:67:a3:15:b9:31:56:5f:08:07:eb:bf:78:0e:fa:c8:a5:
e2:fb:fa:f8:f3:11:c3:a1:f3:2f:d9:51:c9:6c:2e:7d:b6:6a:
38:cb:fa:a5:5d:84:2a:73:06:1e:76:a3:d6:4a:c1:00:87:3d:
b0:ab:6d:cd:ff:bd:a2:02:8e:6b:1b:4a:04:c0:f1:b6:fe:2f:
41:f3:ad:f1:bb:cc:46:91:b6:9e:50:02:29:88:a0:f3:1f:62:
64:eb:73:40:d7:7c:f9:a9:92:51:5b:95:03:38:db:9b:f6:4a:
8a:2d:91:cb:7c:04:d6:ff:c0:4b:7e:3c:51:36:ed:52:6b:2e:
21:64:20:8e:ff:08:78:4c:98:cd:4a:b0:7e:bb:b8:d0:02:af:
28:fe:46:de:ac:92:b0:42:d3:a0:d3:ee:75:1a:d0:ef:8c:dc:
28:47:36:25:6e:98:35:9c:5b:22:da:00:1b:5c:85:5e:03:29:
3e:ef:a8:e6:c7:8d:85:1c:6c:a9:83:68:e8:f8:f2:aa:62:2f:
d4:2b:47:82:49:c8:b5:44:26:f7:7b:f2:d3:16:5c:4d:a1:56:
aa:46:b8:21:c7:14:95:9e:72:94:86:a4:ce:88:6b:ab:de:df:
07:6a:25:f8:14:d9:32:cc:2f:de:39:a2:2b:0f:c5:c8:a3:b2:
05:fb:8f:78
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA4g2dDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
Nzk1Yzk2MTdjYTVhNmEzYmZmMjYzZmMxODM3OTkyZmQxYWM0N2YyMB4XDTIyMDEw
MTA2NTQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFhY2RmZjMwMGNk
YjkxOGQzZTc4ZTkwMGI2YzQ1ZTM0YWJhMDI2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPoSEyj6lEuK6QfuzlRYucI9ar9r6zP9OEyMhSlArqCRH4k8
X7uDfuTG1WuM8hjcbfmcs1gmBZamAfMsjVQP0u6qseT/lR6J1ElFXfLk/j+MBu+i
JubbE7UT8g6b1LXSq/u9RwwICZk/FgkoUxB4F8yx46qkG1KRQNdIG3VwyNPirBYR
ZlHpMZaT7ti17JVQK8Hs3EwB3DHa5ZPWrfS2rf+Fl/ynpuboisTMwgPCJrP6U1KL
wO/0FrEu29q/0WFxlG3acbF9BP8Vft26D6dyq98gijbr7aATGGIyyjd7PGdne4nl
le8tq9iSTEfs12YHTqOMywRRZU6It/G8E9bBfUsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQqrN/zAM25GNPnjpALbEXjSroCZzAfBgNVHSMEGDAWgBTnlclhfKWmo7/y
Y/wYN5kv0axH8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU1WEpZWHlscHFPXzhtUDhHRGVaTDlHc1JfSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvOTg2ZGRlLTVmNjgtNGMyMS1iNTQ2LWQ1NDBkZjg4NmJhYi8x
L0txemY4d0ROdVJqVDU0NlFDMnhGNDBxNkFtYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
OTg2ZGRlLTVmNjgtNGMyMS1iNTQ2LWQ1NDBkZjg4NmJhYi8xLzU1WEpZWHlscHFP
XzhtUDhHRGVaTDlHc1JfSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2VmDANBgkqhkiG9w0BAQsFAAOC
AQEA4opnoxW5MVZfCAfrv3gO+sil4vv6+PMRw6HzL9lRyWwufbZqOMv6pV2EKnMG
Hnaj1krBAIc9sKttzf+9ogKOaxtKBMDxtv4vQfOt8bvMRpG2nlACKYig8x9iZOtz
QNd8+amSUVuVAzjbm/ZKii2Ry3wE1v/AS348UTbtUmsuIWQgjv8IeEyYzUqwfru4
0AKvKP5G3qySsELToNPudRrQ74zcKEc2JW6YNZxbItoAG1yFXgMpPu+o5seNhRxs
qYNo6PjyqmIv1CtHgknItUQm93vy0xZcTaFWqka4IccUlZ5ylIakzohrq97fB2ol
+BTZMswv3jmiKw/FyKOyBfuPeA==
-----END CERTIFICATE-----
Generated at Tue Apr 15 14:16:14 2025 by rpki-client