Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/RquDtkoQh-Ck_92LUjF-OggcvJo.roa
File: RquDtkoQh-Ck_92LUjF-OggcvJo.roa (raw, json)
Hash identifier: lrUGLXOoYuA+hjtfuVeeqZv6UU2lOtzWgIaSlil9ePo=
Subject key identifier: 46:AB:83:B6:4A:10:87:E0:A4:FF:DD:8B:52:31:7E:3A:08:1C:BC:9A
Certificate issuer: /CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Certificate serial: 019408684712C1FF1618F56EEF8F3A9DE0F1
Authority key identifier: E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/RquDtkoQh-Ck_92LUjF-OggcvJo.roa
Signing time: Fri 27 Dec 2024 13:57:19 +0000
ROA not before: Fri 27 Dec 2024 13:57:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56339
IP address blocks: 45.149.152.0/22 maxlen: 22
45.149.155.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:08:68:47:12:c1:ff:16:18:f5:6e:ef:8f:3a:9d:e0:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Validity
Not Before: Dec 27 13:57:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46ab83b64a1087e0a4ffdd8b52317e3a081cbc9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ac:ab:9e:a5:3e:90:28:d6:d3:5f:77:65:d4:
51:1a:ba:61:ee:ca:2b:23:59:ee:71:d3:ad:40:18:
26:1b:65:ab:c1:f9:fe:af:00:94:6d:88:41:70:a7:
0d:52:9e:44:77:2b:b2:07:e6:1a:5e:38:b4:95:f9:
4e:01:c1:4f:66:16:b1:54:bb:a7:84:1e:3c:5f:0e:
76:72:45:38:39:0a:d6:16:88:17:26:c1:f5:e2:ef:
27:e3:dd:7b:37:4c:c6:55:1c:16:0e:b8:a1:ee:77:
6b:29:e9:c7:76:ce:53:f5:cb:68:1a:c6:4f:af:78:
8c:7c:81:ee:2c:8c:7e:98:7c:45:f9:51:dc:2a:52:
b7:52:ac:bc:25:65:1d:e5:a1:a5:a7:b8:9f:ab:44:
0b:3c:17:25:0c:0b:eb:62:a8:6c:dd:ac:73:57:76:
e5:46:de:ad:e1:ca:61:ea:ab:bf:75:ee:9a:f0:30:
9c:c2:9f:b2:88:43:d6:b0:72:93:c9:e5:4e:f3:a6:
f5:12:b8:8f:fc:0b:c1:66:0d:2d:1d:27:1a:ab:55:
16:76:d7:3b:24:d7:fb:d3:ce:62:a9:54:bf:6b:0d:
62:57:84:ce:7b:49:f4:49:02:d9:99:a3:46:78:0a:
5c:76:7f:f1:7b:b8:34:f5:70:61:d3:7d:06:5a:e9:
8c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:AB:83:B6:4A:10:87:E0:A4:FF:DD:8B:52:31:7E:3A:08:1C:BC:9A
X509v3 Authority Key Identifier:
keyid:E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/RquDtkoQh-Ck_92LUjF-OggcvJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/55XJYXylpqO_8mP8GDeZL9GsR_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.152.0/22
Signature Algorithm: sha256WithRSAEncryption
b3:bf:f8:f0:de:46:74:b7:df:1b:57:f2:c5:ad:12:69:90:c5:
79:59:b3:b5:e7:2f:96:2e:fd:13:40:5c:88:2e:22:cb:cb:4e:
a9:b0:af:51:dd:7a:da:9d:7d:76:89:84:ca:5d:de:8e:54:12:
e5:e4:c3:68:21:be:2a:83:92:db:d9:4b:92:51:e5:89:8d:2c:
29:74:c5:4b:3e:4c:54:52:d0:a9:57:40:63:3c:09:e1:a1:8c:
16:4a:d5:b9:36:cb:de:83:a7:87:90:b4:b1:ed:2f:f3:26:dd:
7d:ef:e4:89:56:8d:6a:4a:f5:b3:71:4a:af:55:83:e4:bd:15:
f3:6c:9b:d6:88:b5:fe:bb:ce:22:52:21:59:da:59:6c:7d:ba:
4e:53:61:36:27:1a:84:9a:f4:40:5d:a4:ef:77:2b:44:3c:0f:
88:23:e6:89:80:f5:3a:9f:83:0d:b3:27:5e:b5:c4:a4:b6:4e:
2a:6d:7b:a6:cd:d0:9d:4a:9e:f1:a3:4d:dd:21:04:13:77:a6:
1d:a4:f9:fb:cd:e1:a4:03:50:8a:88:9e:b9:25:02:7f:cd:98:
2b:81:ad:0b:0e:1a:f9:ae:e5:6d:aa:c4:b1:18:44:05:35:92:
e1:ab:b4:ff:46:b2:84:0f:0e:8c:8b:32:3c:72:e8:25:bf:ea:
70:dd:82:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQIaEcSwf8WGPVu7486neDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3OTVjOTYxN2NhNWE2YTNiZmYyNjNmYzE4Mzc5OTJmZDFh
YzQ3ZjIwHhcNMjQxMjI3MTM1NzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmFiODNiNjRhMTA4N2UwYTRmZmRkOGI1MjMxN2UzYTA4MWNiYzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKyrnqU+kCjW0193ZdRRGrph7sor
I1nucdOtQBgmG2Wrwfn+rwCUbYhBcKcNUp5EdyuyB+YaXji0lflOAcFPZhaxVLun
hB48Xw52ckU4OQrWFogXJsH14u8n4917N0zGVRwWDrih7ndrKenHds5T9ctoGsZP
r3iMfIHuLIx+mHxF+VHcKlK3Uqy8JWUd5aGlp7ifq0QLPBclDAvrYqhs3axzV3bl
Rt6t4cph6qu/de6a8DCcwp+yiEPWsHKTyeVO86b1EriP/AvBZg0tHScaq1UWdtc7
JNf7085iqVS/aw1iV4TOe0n0SQLZmaNGeApcdn/xe7g09XBh030GWumMXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEarg7ZKEIfgpP/di1IxfjoIHLyaMB8GA1UdIwQY
MBaAFOeVyWF8paajv/Jj/Bg3mS/RrEfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTVYSllYeWxwcU9fOG1QOEdEZVpMOUdzUl9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC85ODZkZGUtNWY2OC00YzIxLWI1NDYt
ZDU0MGRmODg2YmFiLzEvUnF1RHRrb1FoLUNrXzkyTFVqRi1PZ2djdkpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC85ODZkZGUtNWY2OC00YzIxLWI1NDYtZDU0MGRmODg2YmFi
LzEvNTVYSllYeWxwcU9fOG1QOEdEZVpMOUdzUl9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZWYMA0G
CSqGSIb3DQEBCwUAA4IBAQCzv/jw3kZ0t98bV/LFrRJpkMV5WbO15y+WLv0TQFyI
LiLLy06psK9R3XranX12iYTKXd6OVBLl5MNoIb4qg5Lb2UuSUeWJjSwpdMVLPkxU
UtCpV0BjPAnhoYwWStW5Nsveg6eHkLSx7S/zJt197+SJVo1qSvWzcUqvVYPkvRXz
bJvWiLX+u84iUiFZ2llsfbpOU2E2JxqEmvRAXaTvdytEPA+II+aJgPU6n4MNsyde
tcSktk4qbXumzdCdSp7xo03dIQQTd6YdpPn7zeGkA1CKiJ65JQJ/zZgrga0LDhr5
ruVtqsSxGEQFNZLhq7T/RrKEDw6MizI8cuglv+pw3YIy
-----END CERTIFICATE-----
Generated at Tue Apr 15 14:03:13 2025 by rpki-client