Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/vUVorzLiikSRANgjqHPMosLmQLA.roa
File: vUVorzLiikSRANgjqHPMosLmQLA.roa (raw, json)
Hash identifier: +sKRLkZdU6T8lOawjoMK5hkhANZICWpX2L4j7aYh/OU=
Subject key identifier: BD:45:68:AF:32:E2:8A:44:91:00:D8:23:A8:73:CC:A2:C2:E6:40:B0
Certificate issuer: /CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Certificate serial: 03F831BF
Authority key identifier: E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/vUVorzLiikSRANgjqHPMosLmQLA.roa
Signing time: Tue 22 Feb 2022 07:54:37 +0000
ROA not before: Tue 22 Feb 2022 07:54:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 45.149.153.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66597311 (0x3f831bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Validity
Not Before: Feb 22 07:54:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd4568af32e28a449100d823a873cca2c2e640b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:47:e2:70:a6:58:be:d2:40:ed:5b:70:62:55:
7b:8e:b9:55:9c:67:e3:b0:36:a5:36:73:44:f6:18:
a6:af:2c:fd:20:d3:37:7c:78:4e:8e:21:cb:cf:d5:
af:3d:a7:25:66:b5:ec:a2:c5:0d:99:1e:48:46:b6:
54:f2:38:37:6c:dd:30:bf:90:f0:1c:d9:b0:aa:62:
15:21:5d:9e:80:35:a6:88:d3:0f:cb:5f:d7:56:b7:
59:f0:b7:4d:7c:27:2c:05:3d:07:e8:3d:0d:a5:ed:
6b:be:48:19:fe:d4:df:71:cd:74:3b:17:fa:89:51:
2d:1a:58:e5:af:56:62:6a:61:4b:ca:e8:11:e7:8e:
b9:36:08:46:fd:89:da:5d:6c:9a:9d:69:25:c7:da:
6e:e1:c5:72:5a:78:a7:da:7a:84:bf:56:35:9f:bc:
51:a4:7b:d9:0d:59:c1:a0:d1:d3:cb:9d:94:d9:0e:
6c:62:35:d0:96:b5:ac:a5:55:9f:05:a7:55:b5:33:
e4:b5:34:cc:bd:56:c7:2f:ef:51:dd:27:06:d1:84:
7d:b9:e4:81:7c:91:fb:df:7e:f5:32:7e:d8:e6:7a:
59:b4:0b:b3:4d:5a:d2:d6:a1:13:4a:35:fb:01:df:
1a:1b:2d:e9:0f:11:fc:69:8c:a9:fa:fe:d5:f6:5b:
b5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:45:68:AF:32:E2:8A:44:91:00:D8:23:A8:73:CC:A2:C2:E6:40:B0
X509v3 Authority Key Identifier:
keyid:E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/vUVorzLiikSRANgjqHPMosLmQLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/55XJYXylpqO_8mP8GDeZL9GsR_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.153.0/24
Signature Algorithm: sha256WithRSAEncryption
10:07:f1:91:ac:52:fa:d1:91:97:fc:ec:8c:c1:a8:e5:4f:6f:
46:8a:2f:2f:42:3e:d1:22:7d:80:a4:da:59:59:bd:91:98:a5:
d4:61:28:ca:c2:50:3e:41:6a:f9:b1:c3:65:48:ee:63:22:e3:
f6:5d:f5:ee:40:0d:08:a4:63:51:9c:4e:51:b0:c7:ee:25:4f:
35:67:b8:b0:eb:e9:7e:82:43:a0:8b:24:13:d6:e2:45:78:04:
da:7c:62:dc:45:bf:14:fc:41:e7:8e:47:9f:e9:76:d3:29:c9:
a7:52:3f:19:5a:04:7d:5e:93:81:21:2f:33:2a:15:bf:b0:e5:
38:8d:67:a2:a4:62:31:1a:a1:3c:45:57:5f:49:6d:38:30:78:
23:68:06:42:00:16:4f:35:80:b9:65:55:34:be:5b:77:3a:8d:
df:e0:bb:3a:2b:a0:5c:58:aa:ce:f7:cc:43:44:47:9b:3e:f5:
db:22:48:d6:b3:62:66:8a:15:20:70:5f:bb:c0:cf:0e:12:2d:
56:c4:d8:df:c9:a8:03:1e:46:77:c0:ab:04:df:7d:94:15:34:
c2:87:57:09:72:82:2e:94:fe:73:b1:24:6c:c7:e7:93:5f:0e:
55:e6:ce:11:6a:5b:36:4e:60:fa:6b:48:33:3d:b0:16:8a:45:
58:f3:1a:e1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA/gxvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
Nzk1Yzk2MTdjYTVhNmEzYmZmMjYzZmMxODM3OTkyZmQxYWM0N2YyMB4XDTIyMDIy
MjA3NTQzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmQ0NTY4YWYzMmUy
OGE0NDkxMDBkODIzYTg3M2NjYTJjMmU2NDBiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOJH4nCmWL7SQO1bcGJVe465VZxn47A2pTZzRPYYpq8s/SDT
N3x4To4hy8/Vrz2nJWa17KLFDZkeSEa2VPI4N2zdML+Q8BzZsKpiFSFdnoA1pojT
D8tf11a3WfC3TXwnLAU9B+g9DaXta75IGf7U33HNdDsX+olRLRpY5a9WYmphS8ro
EeeOuTYIRv2J2l1smp1pJcfabuHFclp4p9p6hL9WNZ+8UaR72Q1ZwaDR08udlNkO
bGI10Ja1rKVVnwWnVbUz5LU0zL1Wxy/vUd0nBtGEfbnkgXyR+99+9TJ+2OZ6WbQL
s01a0tahE0o1+wHfGhst6Q8R/GmMqfr+1fZbtWkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS9RWivMuKKRJEA2COoc8yiwuZAsDAfBgNVHSMEGDAWgBTnlclhfKWmo7/y
Y/wYN5kv0axH8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU1WEpZWHlscHFPXzhtUDhHRGVaTDlHc1JfSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvOTg2ZGRlLTVmNjgtNGMyMS1iNTQ2LWQ1NDBkZjg4NmJhYi8x
L3ZVVm9yekxpaWtTUkFOZ2pxSFBNb3NMbVFMQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
OTg2ZGRlLTVmNjgtNGMyMS1iNTQ2LWQ1NDBkZjg4NmJhYi8xLzU1WEpZWHlscHFP
XzhtUDhHRGVaTDlHc1JfSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2VmTANBgkqhkiG9w0BAQsFAAOC
AQEAEAfxkaxS+tGRl/zsjMGo5U9vRoovL0I+0SJ9gKTaWVm9kZil1GEoysJQPkFq
+bHDZUjuYyLj9l317kANCKRjUZxOUbDH7iVPNWe4sOvpfoJDoIskE9biRXgE2nxi
3EW/FPxB545Hn+l20ynJp1I/GVoEfV6TgSEvMyoVv7DlOI1noqRiMRqhPEVXX0lt
ODB4I2gGQgAWTzWAuWVVNL5bdzqN3+C7OiugXFiqzvfMQ0RHmz712yJI1rNiZooV
IHBfu8DPDhItVsTY38moAx5Gd8CrBN99lBU0wodXCXKCLpT+c7EkbMfnk18OVebO
EWpbNk5g+mtIMz2wFopFWPMa4Q==
-----END CERTIFICATE-----
Generated at Tue Apr 15 14:18:02 2025 by rpki-client