Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/bL2ImfMg5hjwdq6Vj0oXLhjZ9P4.roa
File: bL2ImfMg5hjwdq6Vj0oXLhjZ9P4.roa (raw, json)
Hash identifier: TkmiecPDWlsaVSO37xoH/JTXCeC/ljlNOM5IA3EkvVI=
Subject key identifier: 6C:BD:88:99:F3:20:E6:18:F0:76:AE:95:8F:4A:17:2E:18:D9:F4:FE
Certificate issuer: /CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Certificate serial: 0188AECF30B6A258F4AEFD72DE5924B94021
Authority key identifier: E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/bL2ImfMg5hjwdq6Vj0oXLhjZ9P4.roa
Signing time: Mon 12 Jun 2023 08:53:13 +0000
ROA not before: Mon 12 Jun 2023 08:53:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.149.153.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ae:cf:30:b6:a2:58:f4:ae:fd:72:de:59:24:b9:40:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Validity
Not Before: Jun 12 08:53:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cbd8899f320e618f076ae958f4a172e18d9f4fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:af:3a:c2:c2:a0:52:48:c7:ed:49:e0:49:58:
25:13:33:49:54:1f:73:d5:63:cb:60:3d:8a:41:61:
e2:69:7e:1a:ce:63:9c:b9:8c:f9:d6:46:b6:d7:d8:
0b:7f:21:eb:b1:f7:26:a6:0f:4b:40:19:91:46:58:
2f:41:9e:40:bd:27:c7:37:aa:21:28:e0:0e:95:2e:
28:9d:75:98:02:3e:38:4d:08:a0:c7:63:78:49:10:
23:ca:c3:0f:ae:02:c1:27:ed:18:ae:c6:37:ba:f8:
1f:bf:0d:8d:25:71:c8:d1:82:77:4a:9d:76:56:ef:
3d:06:1b:34:56:34:0b:88:8e:08:08:2f:24:ba:3f:
0a:9d:d4:ad:9d:d3:4e:a8:c8:b5:e4:e4:34:b3:0e:
0a:11:67:f2:db:81:13:15:27:e9:91:de:a3:7c:e0:
d6:e3:3a:8b:3b:8b:db:3b:bb:76:59:09:fe:b8:60:
ea:c0:da:c1:3e:2b:21:90:b1:f0:07:25:86:22:89:
ed:7a:92:9a:3b:d3:98:6e:a2:0e:98:27:ce:9f:23:
f9:cc:65:37:c7:f0:a8:24:77:6e:3d:45:c2:6c:04:
16:f7:52:e0:3d:97:ea:cd:3c:08:fc:73:31:53:49:
4b:ff:f8:e8:7e:a9:7d:c4:d8:f2:58:95:29:91:25:
59:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:BD:88:99:F3:20:E6:18:F0:76:AE:95:8F:4A:17:2E:18:D9:F4:FE
X509v3 Authority Key Identifier:
keyid:E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/bL2ImfMg5hjwdq6Vj0oXLhjZ9P4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/55XJYXylpqO_8mP8GDeZL9GsR_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.153.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:46:7a:de:ca:e7:4a:48:0b:01:80:0a:5d:2d:28:26:08:15:
30:8f:eb:57:f7:e9:66:5b:bc:e0:e6:c8:f2:fd:6f:b8:fe:52:
fd:1e:17:b2:86:84:dc:fd:dd:79:27:14:c7:94:f4:ed:cc:2f:
e1:06:87:7b:b2:7b:48:69:aa:00:5c:70:17:6e:a1:b1:f2:83:
e0:18:38:ff:ac:a4:aa:62:91:00:9d:f0:28:d6:b8:61:25:3a:
ac:d6:71:18:f5:5d:fb:78:eb:0b:bc:48:74:92:82:f0:7b:cd:
66:5a:ce:4b:7f:18:cb:fa:4e:4b:83:0d:3b:32:ab:41:7e:56:
87:20:92:eb:64:11:08:8c:a5:09:6f:ef:6e:60:94:54:5c:a6:
a4:1c:d7:01:cf:97:1a:45:39:5b:4d:cf:b1:88:af:8c:32:c1:
91:ce:54:d4:53:31:08:49:c6:95:41:00:27:a6:2f:00:d5:13:
a4:e1:d7:01:a9:71:39:25:5e:ea:8f:4d:29:72:05:f1:a3:47:
80:2c:2d:6f:99:5e:cb:6c:c4:8d:68:7e:a0:f6:59:06:49:c1:
7e:63:e2:26:c0:0f:f9:4a:4e:40:de:17:57:b0:e7:43:5a:fb:
91:ff:fa:96:02:f1:b0:ae:e3:71:8a:e6:9e:ea:f8:c4:ed:7a:
bb:a3:be:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiuzzC2olj0rv1y3lkkuUAhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3OTVjOTYxN2NhNWE2YTNiZmYyNjNmYzE4Mzc5OTJmZDFh
YzQ3ZjIwHhcNMjMwNjEyMDg1MzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2JkODg5OWYzMjBlNjE4ZjA3NmFlOTU4ZjRhMTcyZTE4ZDlmNGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmq86wsKgUkjH7UngSVglEzNJVB9z
1WPLYD2KQWHiaX4azmOcuYz51ka219gLfyHrsfcmpg9LQBmRRlgvQZ5AvSfHN6oh
KOAOlS4onXWYAj44TQigx2N4SRAjysMPrgLBJ+0YrsY3uvgfvw2NJXHI0YJ3Sp12
Vu89Bhs0VjQLiI4ICC8kuj8KndStndNOqMi15OQ0sw4KEWfy24ETFSfpkd6jfODW
4zqLO4vbO7t2WQn+uGDqwNrBPishkLHwByWGIontepKaO9OYbqIOmCfOnyP5zGU3
x/CoJHduPUXCbAQW91LgPZfqzTwI/HMxU0lL//jofql9xNjyWJUpkSVZbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGy9iJnzIOYY8HaulY9KFy4Y2fT+MB8GA1UdIwQY
MBaAFOeVyWF8paajv/Jj/Bg3mS/RrEfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTVYSllYeWxwcU9fOG1QOEdEZVpMOUdzUl9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC85ODZkZGUtNWY2OC00YzIxLWI1NDYt
ZDU0MGRmODg2YmFiLzEvYkwySW1mTWc1aGp3ZHE2Vmowb1hMaGpaOVA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC85ODZkZGUtNWY2OC00YzIxLWI1NDYtZDU0MGRmODg2YmFi
LzEvNTVYSllYeWxwcU9fOG1QOEdEZVpMOUdzUl9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZWZMA0G
CSqGSIb3DQEBCwUAA4IBAQDGRnreyudKSAsBgApdLSgmCBUwj+tX9+lmW7zg5sjy
/W+4/lL9HheyhoTc/d15JxTHlPTtzC/hBod7sntIaaoAXHAXbqGx8oPgGDj/rKSq
YpEAnfAo1rhhJTqs1nEY9V37eOsLvEh0koLwe81mWs5LfxjL+k5Lgw07MqtBflaH
IJLrZBEIjKUJb+9uYJRUXKakHNcBz5caRTlbTc+xiK+MMsGRzlTUUzEIScaVQQAn
pi8A1ROk4dcBqXE5JV7qj00pcgXxo0eALC1vmV7LbMSNaH6g9lkGScF+Y+ImwA/5
Sk5A3hdXsOdDWvuR//qWAvGwruNxiuae6vjE7Xq7o762
-----END CERTIFICATE-----
Generated at Tue Apr 15 14:18:02 2025 by rpki-client