Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/djtdr2rsYzNSkFgTF0uNMb4qHk4.roa
File: djtdr2rsYzNSkFgTF0uNMb4qHk4.roa (raw, json)
Hash identifier: iM4A6YnUJ8m4HiL1HMHWrDMZUeJSEreaFxvwna+3Vfw=
Subject key identifier: 76:3B:5D:AF:6A:EC:63:33:52:90:58:13:17:4B:8D:31:BE:2A:1E:4E
Certificate issuer: /CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Certificate serial: 0426C9CA
Authority key identifier: E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/djtdr2rsYzNSkFgTF0uNMb4qHk4.roa
Signing time: Thu 10 Mar 2022 17:01:52 +0000
ROA not before: Thu 10 Mar 2022 17:01:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398465
IP address blocks: 45.149.153.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69650890 (0x426c9ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Validity
Not Before: Mar 10 17:01:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=763b5daf6aec633352905813174b8d31be2a1e4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c7:43:8f:6e:15:1d:72:17:0d:ae:49:65:cb:
44:74:bb:9d:50:98:a4:2a:8d:19:98:93:88:7a:fb:
66:6f:f6:fb:f4:d4:9d:06:8d:ce:c3:0f:a6:11:3d:
25:1d:26:b0:1c:1a:96:ec:9e:0e:42:0f:df:da:20:
b6:0d:36:49:c9:c4:3f:27:50:66:77:bc:ac:9b:5d:
ee:af:e9:87:bf:fa:59:1a:e9:8b:fc:b1:9c:93:a8:
a8:de:fb:87:c3:4a:e7:c6:59:5f:50:c1:00:c1:df:
5f:8f:8e:40:1d:a7:45:32:87:46:d3:9b:c1:b2:13:
fd:f2:85:51:4c:58:80:f9:bb:07:1c:cb:db:93:6e:
a2:1d:2d:4f:c4:c4:93:b0:6c:7f:50:34:02:6e:9f:
cb:02:c7:10:f1:65:e0:2b:ea:3b:3e:36:0c:94:e2:
82:c2:58:b4:3e:a8:10:bc:20:9e:66:27:5a:7b:36:
bf:38:2f:18:0e:50:39:f9:95:e4:08:55:68:bf:42:
50:08:7f:cf:07:f0:d5:85:4d:53:28:2b:c2:75:38:
82:0f:92:82:b1:f7:73:b1:89:4a:7c:f6:9f:36:fd:
c1:ba:5a:3d:d9:f1:90:a9:2c:50:7c:5c:79:03:8d:
0f:38:d6:e1:a2:03:53:d2:87:ca:21:65:08:29:03:
12:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:3B:5D:AF:6A:EC:63:33:52:90:58:13:17:4B:8D:31:BE:2A:1E:4E
X509v3 Authority Key Identifier:
keyid:E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/djtdr2rsYzNSkFgTF0uNMb4qHk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/55XJYXylpqO_8mP8GDeZL9GsR_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.153.0/24
Signature Algorithm: sha256WithRSAEncryption
87:ec:f9:34:ee:ec:c8:9b:e7:aa:d9:60:ea:f0:7f:41:42:e8:
b4:04:a4:b1:b8:1d:0d:36:2a:d6:f3:4a:9a:be:22:6b:a7:4b:
b5:0d:0d:c5:54:bb:e7:d8:54:ef:27:42:25:8d:90:53:86:39:
65:ac:9c:6d:86:da:33:14:46:55:75:1c:1e:8f:46:5f:55:bc:
df:9a:8e:f5:d9:a7:5a:0e:36:05:65:4b:79:0f:23:00:56:ad:
4d:60:ff:b7:df:0e:22:65:bd:56:96:ed:bb:7b:e2:4b:e6:30:
f2:1a:84:e7:09:18:02:e0:57:ca:82:af:b3:90:52:2a:26:7d:
c9:ea:32:b3:f8:ca:a9:0f:9f:4c:98:f7:5e:67:33:2e:2e:20:
be:66:af:4d:80:27:ee:60:e2:df:c3:c5:1f:5b:7e:86:eb:c3:
04:db:c1:37:0b:c3:9c:59:8e:f1:ef:40:ae:fd:43:d9:cd:07:
99:b8:cc:a7:a1:b4:2f:04:3b:a5:b5:5c:f6:dc:2b:6c:45:49:
34:6e:86:5c:d9:26:18:91:f6:45:96:5d:00:61:67:93:32:63:
27:5c:98:a6:83:48:89:62:be:71:69:0b:23:60:91:cf:3d:f8:
62:ef:54:62:50:eb:e7:6a:6f:88:08:13:54:5e:d0:ef:10:16:
f2:55:54:3f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBCbJyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
Nzk1Yzk2MTdjYTVhNmEzYmZmMjYzZmMxODM3OTkyZmQxYWM0N2YyMB4XDTIyMDMx
MDE3MDE1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzYzYjVkYWY2YWVj
NjMzMzUyOTA1ODEzMTc0YjhkMzFiZTJhMWU0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHHQ49uFR1yFw2uSWXLRHS7nVCYpCqNGZiTiHr7Zm/2+/TU
nQaNzsMPphE9JR0msBwaluyeDkIP39ogtg02ScnEPydQZne8rJtd7q/ph7/6WRrp
i/yxnJOoqN77h8NK58ZZX1DBAMHfX4+OQB2nRTKHRtObwbIT/fKFUUxYgPm7BxzL
25Nuoh0tT8TEk7Bsf1A0Am6fywLHEPFl4CvqOz42DJTigsJYtD6oELwgnmYnWns2
vzgvGA5QOfmV5AhVaL9CUAh/zwfw1YVNUygrwnU4gg+SgrH3c7GJSnz2nzb9wbpa
PdnxkKksUHxceQONDzjW4aIDU9KHyiFlCCkDEi0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR2O12vauxjM1KQWBMXS40xvioeTjAfBgNVHSMEGDAWgBTnlclhfKWmo7/y
Y/wYN5kv0axH8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU1WEpZWHlscHFPXzhtUDhHRGVaTDlHc1JfSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvOTg2ZGRlLTVmNjgtNGMyMS1iNTQ2LWQ1NDBkZjg4NmJhYi8x
L2RqdGRyMnJzWXpOU2tGZ1RGMHVOTWI0cUhrNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
OTg2ZGRlLTVmNjgtNGMyMS1iNTQ2LWQ1NDBkZjg4NmJhYi8xLzU1WEpZWHlscHFP
XzhtUDhHRGVaTDlHc1JfSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2VmTANBgkqhkiG9w0BAQsFAAOC
AQEAh+z5NO7syJvnqtlg6vB/QULotASksbgdDTYq1vNKmr4ia6dLtQ0NxVS759hU
7ydCJY2QU4Y5ZaycbYbaMxRGVXUcHo9GX1W835qO9dmnWg42BWVLeQ8jAFatTWD/
t98OImW9Vpbtu3viS+Yw8hqE5wkYAuBXyoKvs5BSKiZ9yeoys/jKqQ+fTJj3Xmcz
Li4gvmavTYAn7mDi38PFH1t+huvDBNvBNwvDnFmO8e9Arv1D2c0HmbjMp6G0LwQ7
pbVc9twrbEVJNG6GXNkmGJH2RZZdAGFnkzJjJ1yYpoNIiWK+cWkLI2CRzz34Yu9U
YlDr52pviAgTVF7Q7xAW8lVUPw==
-----END CERTIFICATE-----
Generated at Tue Apr 15 14:18:01 2025 by rpki-client