Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/4I-mONAOCNit-Wj8wHJ4Omqn_fg.roa
File: 4I-mONAOCNit-Wj8wHJ4Omqn_fg.roa (raw, json)
Hash identifier: K/zTLkFnGCWL8SgsdsmavwocWdpQohwW+FFqEn7smtg=
Subject key identifier: E0:8F:A6:38:D0:0E:08:D8:AD:F9:68:FC:C0:72:78:3A:6A:A7:FD:F8
Certificate issuer: /CN=333361fba8409174fb3c482b8ca26f235ebd22c2
Certificate serial: 0187E7C889D923B6B2A3EE5C3041F90052B4
Authority key identifier: 33:33:61:FB:A8:40:91:74:FB:3C:48:2B:8C:A2:6F:23:5E:BD:22:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/4I-mONAOCNit-Wj8wHJ4Omqn_fg.roa
Signing time: Thu 04 May 2023 17:21:32 +0000
ROA not before: Thu 04 May 2023 17:21:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136933
IP address blocks: 45.145.228.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e7:c8:89:d9:23:b6:b2:a3:ee:5c:30:41:f9:00:52:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=333361fba8409174fb3c482b8ca26f235ebd22c2
Validity
Not Before: May 4 17:21:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e08fa638d00e08d8adf968fcc072783a6aa7fdf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5d:04:22:27:fd:50:65:f9:52:d8:1f:cc:ed:
0e:0b:4a:ea:5e:9f:58:96:24:e4:a4:de:c9:fd:f2:
05:84:4e:fb:9d:c4:0d:a0:15:0b:05:e6:dc:f1:3c:
6f:09:6a:cc:14:b7:6f:a0:f5:03:0f:7f:db:35:d8:
ae:1f:6c:35:08:eb:f1:23:58:ca:c7:84:f7:47:ba:
1e:0d:20:a3:b7:a5:ac:36:d8:ae:7e:f5:5f:0d:22:
04:2c:2b:b8:a8:dc:5a:7f:55:b7:6c:9e:6d:1b:c6:
46:85:3b:13:0b:2a:1c:dc:46:aa:1c:82:29:40:ac:
f0:27:7f:47:d8:bd:36:b9:c8:e8:cb:68:8d:5f:0c:
47:2f:d2:5f:e8:80:78:06:ad:f2:a3:fd:e5:56:2a:
c7:63:37:81:a2:4e:4d:82:e3:32:84:98:a3:65:14:
d5:ea:c0:41:eb:9c:7f:35:84:8e:4b:6b:32:f5:72:
d3:5c:f3:4f:9a:5a:17:38:bb:55:ec:57:4f:ae:d9:
7a:45:85:22:db:9f:b8:40:6e:2a:14:5d:3a:1f:2a:
ca:ae:78:d0:34:3b:cf:b4:02:fd:b9:a0:14:78:f1:
c4:e5:14:00:9b:47:f3:99:2f:ee:31:28:7f:46:7a:
28:0d:76:a2:22:cd:6c:5f:84:16:55:8d:c7:18:78:
4e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:8F:A6:38:D0:0E:08:D8:AD:F9:68:FC:C0:72:78:3A:6A:A7:FD:F8
X509v3 Authority Key Identifier:
keyid:33:33:61:FB:A8:40:91:74:FB:3C:48:2B:8C:A2:6F:23:5E:BD:22:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/4I-mONAOCNit-Wj8wHJ4Omqn_fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/MzNh-6hAkXT7PEgrjKJvI169IsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.228.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:fd:87:24:9b:aa:b3:fe:b1:ab:04:1f:84:ef:a2:8f:8e:ad:
44:b1:d5:e9:d9:98:e6:b8:18:55:8a:03:8e:ed:10:13:bc:42:
a3:fa:86:5d:3e:07:6b:b1:8e:5b:91:a8:0d:ab:6a:69:2f:8f:
9f:26:89:5f:8f:1d:c6:9d:87:c2:df:85:99:48:2b:d0:47:5e:
54:19:d8:b8:ac:64:ba:ad:8c:fd:2a:c4:ed:ef:ce:97:30:b6:
c0:d2:2c:63:2d:a4:fe:67:7c:81:09:44:b5:aa:96:4b:d6:ec:
03:b2:b0:33:5b:d4:09:e8:98:0d:6e:1a:a9:0e:7f:9e:70:ea:
63:1e:f5:a1:49:6c:8b:0b:b3:0e:6e:bb:5a:7e:ba:a6:c8:ea:
f7:88:d2:9c:c0:ca:5b:52:be:4d:c8:f6:48:44:dd:3a:e5:e4:
aa:a9:b6:1d:6b:7c:35:d9:bd:de:76:16:08:3a:2f:99:09:0e:
d4:83:59:b2:70:75:09:81:56:b9:23:0d:aa:98:09:ae:10:36:
8f:a0:e0:4a:62:59:fe:cd:94:3e:e1:5d:a9:6f:6d:f8:ff:3c:
b2:f3:59:4e:b9:73:c3:53:2b:1a:8e:7a:c2:de:7b:8d:c0:8c:
0d:66:34:a9:30:5b:41:eb:42:37:31:3a:fe:82:9d:8e:23:b0:
d7:00:26:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfnyInZI7ayo+5cMEH5AFK0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMzM2MWZiYTg0MDkxNzRmYjNjNDgyYjhjYTI2ZjIzNWVi
ZDIyYzIwHhcNMjMwNTA0MTcyMTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDhmYTYzOGQwMGUwOGQ4YWRmOTY4ZmNjMDcyNzgzYTZhYTdmZGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF0EIif9UGX5UtgfzO0OC0rqXp9Y
liTkpN7J/fIFhE77ncQNoBULBebc8TxvCWrMFLdvoPUDD3/bNdiuH2w1COvxI1jK
x4T3R7oeDSCjt6WsNtiufvVfDSIELCu4qNxaf1W3bJ5tG8ZGhTsTCyoc3EaqHIIp
QKzwJ39H2L02ucjoy2iNXwxHL9Jf6IB4Bq3yo/3lVirHYzeBok5NguMyhJijZRTV
6sBB65x/NYSOS2sy9XLTXPNPmloXOLtV7FdPrtl6RYUi25+4QG4qFF06HyrKrnjQ
NDvPtAL9uaAUePHE5RQAm0fzmS/uMSh/RnooDXaiIs1sX4QWVY3HGHhOiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOCPpjjQDgjYrflo/MByeDpqp/34MB8GA1UdIwQY
MBaAFDMzYfuoQJF0+zxIK4yibyNevSLCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXpOaC02aEFrWFQ3UEVncmpLSnZJMTY5SXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xMWUxM2YtNGNlYS00NGFmLTgxZjkt
YjJjY2NmMGVhZGFiLzEvNEktbU9OQU9DTml0LVdqOHdISjRPbXFuX2ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xMWUxM2YtNGNlYS00NGFmLTgxZjktYjJjY2NmMGVhZGFi
LzEvTXpOaC02aEFrWFQ3UEVncmpLSnZJMTY5SXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZHkMA0G
CSqGSIb3DQEBCwUAA4IBAQDP/Yckm6qz/rGrBB+E76KPjq1EsdXp2ZjmuBhVigOO
7RATvEKj+oZdPgdrsY5bkagNq2ppL4+fJolfjx3GnYfC34WZSCvQR15UGdi4rGS6
rYz9KsTt786XMLbA0ixjLaT+Z3yBCUS1qpZL1uwDsrAzW9QJ6JgNbhqpDn+ecOpj
HvWhSWyLC7MObrtafrqmyOr3iNKcwMpbUr5NyPZIRN065eSqqbYda3w12b3edhYI
Oi+ZCQ7Ug1mycHUJgVa5Iw2qmAmuEDaPoOBKYln+zZQ+4V2pb234/zyy81lOuXPD
UysajnrC3nuNwIwNZjSpMFtB60I3MTr+gp2OI7DXACaG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:44 2025 by rpki-client