Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/Z_uydhNv7cQeRz_Ax_Q_J9t2Tio.roa
File: Z_uydhNv7cQeRz_Ax_Q_J9t2Tio.roa (raw, json)
Hash identifier: rWVogHXXFRZwFXlQH0wjygYEf7LOUDJhIdh1bvSK7+g=
Subject key identifier: 67:FB:B2:76:13:6F:ED:C4:1E:47:3F:C0:C7:F4:3F:27:DB:76:4E:2A
Certificate issuer: /CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Certificate serial: 0188BFC9F59E663FAEAD24AEAAB2DAB6C26A
Authority key identifier: E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/Z_uydhNv7cQeRz_Ax_Q_J9t2Tio.roa
Signing time: Thu 15 Jun 2023 16:01:03 +0000
ROA not before: Thu 15 Jun 2023 16:01:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 45.149.153.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:bf:c9:f5:9e:66:3f:ae:ad:24:ae:aa:b2:da:b6:c2:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Validity
Not Before: Jun 15 16:01:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67fbb276136fedc41e473fc0c7f43f27db764e2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:4f:d8:a7:35:32:6a:1a:65:d5:bb:d8:f2:65:
4b:65:e1:19:c5:54:19:e7:fb:4c:cd:5b:b4:2f:7d:
6d:08:48:e3:4b:2c:bf:94:1b:a3:32:17:9c:11:c1:
4e:59:ac:34:34:01:dc:6f:30:00:7c:eb:40:fe:3b:
28:b3:33:72:0f:ee:e5:61:08:87:ae:c4:43:18:80:
3c:e8:fc:e4:f3:0e:c1:3c:ef:77:3b:81:d2:e0:cf:
1b:fd:f7:f9:60:3f:85:42:a6:e3:5f:8f:24:9c:61:
ad:33:7e:0a:1c:90:90:ec:7a:7b:50:57:c6:1d:07:
41:78:09:b8:3f:fc:f6:c8:f4:4a:81:68:a5:52:57:
20:0d:e2:c2:0a:60:eb:47:7b:e2:8f:98:b7:c6:c9:
33:b8:69:5b:fd:27:59:a2:3a:5a:13:34:37:eb:0d:
66:07:7d:ef:fe:df:d9:29:79:0e:3c:ce:c3:36:0b:
06:b7:9b:cc:ed:d2:31:f8:eb:94:5e:37:b7:b8:c1:
c6:c4:f2:6a:81:bb:19:20:8a:52:f3:70:4c:00:85:
ac:52:b4:a4:a5:ff:9c:2d:08:96:4f:00:41:62:f5:
b5:0c:33:33:25:25:71:c9:18:76:1e:4e:fe:20:8b:
61:8d:77:8e:5d:14:53:54:99:46:6b:1b:b6:83:e3:
c3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:FB:B2:76:13:6F:ED:C4:1E:47:3F:C0:C7:F4:3F:27:DB:76:4E:2A
X509v3 Authority Key Identifier:
keyid:E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/Z_uydhNv7cQeRz_Ax_Q_J9t2Tio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/55XJYXylpqO_8mP8GDeZL9GsR_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.153.0/24
Signature Algorithm: sha256WithRSAEncryption
81:74:cb:e7:ac:b2:67:93:8a:7f:83:3f:7b:d7:6c:9a:bf:25:
b3:a2:1a:1a:3c:5b:94:7f:18:e0:ee:61:f7:63:70:88:d0:0c:
4f:a2:08:f5:eb:d2:04:69:b2:82:59:ff:f6:61:2f:82:26:f5:
6c:04:44:21:a8:e1:e1:62:67:f5:0d:d3:ea:b3:cf:0e:d4:04:
30:e7:a4:9b:f2:ec:82:c4:c6:00:b4:2d:ac:5c:4e:32:bf:ce:
97:36:61:60:e1:35:0b:51:19:3f:fb:54:e5:39:cd:c2:28:c5:
34:80:c6:fd:5e:2c:2c:f3:01:c9:3e:63:4f:f1:a0:53:a6:a6:
ee:9f:7e:f1:33:24:2c:67:12:53:d3:fc:df:ea:c9:b5:93:8e:
77:72:aa:96:70:ca:d0:fd:d0:1f:7f:8c:e3:54:df:44:75:ba:
d3:11:ec:04:d6:9a:3f:6d:fd:53:d9:62:31:76:96:1f:5f:c9:
f4:66:29:ac:c3:8a:70:2f:10:dd:b4:16:15:df:cb:e5:75:b1:
2b:b0:9a:e4:58:a1:52:4d:3a:42:72:3f:5c:3f:87:e7:e8:39:
e0:d9:35:7e:09:20:bf:3d:ea:04:af:5b:38:50:74:cc:98:66:
04:e1:88:12:02:26:1a:cb:d1:37:24:f0:e6:2f:82:6d:7b:cc:
13:97:12:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYi/yfWeZj+urSSuqrLatsJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3OTVjOTYxN2NhNWE2YTNiZmYyNjNmYzE4Mzc5OTJmZDFh
YzQ3ZjIwHhcNMjMwNjE1MTYwMTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2ZiYjI3NjEzNmZlZGM0MWU0NzNmYzBjN2Y0M2YyN2RiNzY0ZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30/YpzUyahpl1bvY8mVLZeEZxVQZ
5/tMzVu0L31tCEjjSyy/lBujMhecEcFOWaw0NAHcbzAAfOtA/jsoszNyD+7lYQiH
rsRDGIA86Pzk8w7BPO93O4HS4M8b/ff5YD+FQqbjX48knGGtM34KHJCQ7Hp7UFfG
HQdBeAm4P/z2yPRKgWilUlcgDeLCCmDrR3vij5i3xskzuGlb/SdZojpaEzQ36w1m
B33v/t/ZKXkOPM7DNgsGt5vM7dIx+OuUXje3uMHGxPJqgbsZIIpS83BMAIWsUrSk
pf+cLQiWTwBBYvW1DDMzJSVxyRh2Hk7+IIthjXeOXRRTVJlGaxu2g+PD+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGf7snYTb+3EHkc/wMf0Pyfbdk4qMB8GA1UdIwQY
MBaAFOeVyWF8paajv/Jj/Bg3mS/RrEfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTVYSllYeWxwcU9fOG1QOEdEZVpMOUdzUl9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC85ODZkZGUtNWY2OC00YzIxLWI1NDYt
ZDU0MGRmODg2YmFiLzEvWl91eWRoTnY3Y1FlUnpfQXhfUV9KOXQyVGlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC85ODZkZGUtNWY2OC00YzIxLWI1NDYtZDU0MGRmODg2YmFi
LzEvNTVYSllYeWxwcU9fOG1QOEdEZVpMOUdzUl9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZWZMA0G
CSqGSIb3DQEBCwUAA4IBAQCBdMvnrLJnk4p/gz9712yavyWzohoaPFuUfxjg7mH3
Y3CI0AxPogj169IEabKCWf/2YS+CJvVsBEQhqOHhYmf1DdPqs88O1AQw56Sb8uyC
xMYAtC2sXE4yv86XNmFg4TULURk/+1TlOc3CKMU0gMb9Xiws8wHJPmNP8aBTpqbu
n37xMyQsZxJT0/zf6sm1k453cqqWcMrQ/dAff4zjVN9EdbrTEewE1po/bf1T2WIx
dpYfX8n0Zimsw4pwLxDdtBYV38vldbErsJrkWKFSTTpCcj9cP4fn6Dng2TV+CSC/
PeoEr1s4UHTMmGYE4YgSAiYay9E3JPDmL4Jte8wTlxJh
-----END CERTIFICATE-----
Generated at Tue Apr 15 14:05:39 2025 by rpki-client