Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/qmctq00Ri8zYZ0kL85Vf8gMHz6Y.roa
File: qmctq00Ri8zYZ0kL85Vf8gMHz6Y.roa (raw, json)
Hash identifier: sz6sxSczsYV6CBCunHTr687mRsfD4yNYNv/QC43GNmQ=
Subject key identifier: AA:67:2D:AB:4D:11:8B:CC:D8:67:49:0B:F3:95:5F:F2:03:07:CF:A6
Certificate issuer: /CN=333361fba8409174fb3c482b8ca26f235ebd22c2
Certificate serial: 01856CEF34BD5E08F88512BBC6073918CEBC
Authority key identifier: 33:33:61:FB:A8:40:91:74:FB:3C:48:2B:8C:A2:6F:23:5E:BD:22:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/qmctq00Ri8zYZ0kL85Vf8gMHz6Y.roa
Signing time: Sun 01 Jan 2023 10:44:53 +0000
ROA not before: Sun 01 Jan 2023 10:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6134
IP address blocks: 45.134.83.0/24 maxlen: 24
45.134.82.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:34:bd:5e:08:f8:85:12:bb:c6:07:39:18:ce:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=333361fba8409174fb3c482b8ca26f235ebd22c2
Validity
Not Before: Jan 1 10:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa672dab4d118bccd867490bf3955ff20307cfa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:59:44:9f:11:3a:eb:08:87:b5:64:7f:fa:1c:
76:87:23:b9:3c:1c:f4:f2:72:0c:dd:eb:e0:6f:92:
b8:2c:20:3c:9b:0f:3e:d8:b9:57:3e:ed:ea:24:22:
9b:cc:28:ca:12:cc:7f:d3:08:05:6c:a4:10:16:bc:
c0:a3:52:9d:ca:cd:31:89:b9:70:f8:72:86:d5:6d:
47:30:df:86:89:36:b7:59:2f:e9:22:33:76:19:48:
2c:9b:36:fb:89:72:a5:33:3d:3f:90:e5:0a:6d:b5:
04:e9:aa:b8:0c:c6:46:4a:5e:ab:7d:ef:ee:1d:6c:
40:2d:28:0c:d2:da:77:2a:5e:71:1b:c0:06:9d:d3:
c0:6b:29:f6:1f:7d:74:95:bc:2a:d2:90:33:0d:88:
58:6b:95:da:92:02:25:9a:b1:75:8f:a1:0a:bd:48:
45:ce:f3:6b:88:72:77:07:97:4d:5d:4a:35:1d:aa:
39:c1:b3:f4:14:76:0c:93:5c:28:60:86:bb:ef:21:
b7:d9:96:57:67:de:5f:a6:42:00:d6:3b:7e:bc:31:
71:d4:12:62:59:0a:d2:8d:ee:87:b9:bc:93:1b:52:
ad:73:7a:2b:b2:64:59:48:ac:e7:99:3b:b7:e4:6e:
60:b0:e9:d4:ee:fc:a3:6d:f4:6a:18:bd:56:55:7b:
c3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:67:2D:AB:4D:11:8B:CC:D8:67:49:0B:F3:95:5F:F2:03:07:CF:A6
X509v3 Authority Key Identifier:
keyid:33:33:61:FB:A8:40:91:74:FB:3C:48:2B:8C:A2:6F:23:5E:BD:22:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/qmctq00Ri8zYZ0kL85Vf8gMHz6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/MzNh-6hAkXT7PEgrjKJvI169IsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.82.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:d3:43:72:46:97:b2:93:a7:b8:cd:21:ab:fb:b3:f9:6b:c8:
b0:e5:6f:32:a0:f3:6b:db:16:d3:63:f7:5b:c4:f2:2f:e3:ee:
28:b4:8b:9f:21:52:d5:84:09:7c:40:ba:e7:6f:a0:6f:c4:b8:
41:7d:38:91:a8:c7:cf:61:af:57:a6:54:ae:ad:79:70:12:e4:
95:81:79:1b:4e:60:ea:53:33:a7:32:18:e8:02:9b:74:98:3e:
65:d7:fc:28:5d:bc:29:73:e6:06:16:76:7e:33:13:9f:20:70:
09:24:9f:f5:8b:26:af:3e:9e:b2:6d:d4:30:64:b8:68:4b:95:
46:62:b6:e4:86:31:a8:46:f2:8d:19:5d:55:83:49:fc:a9:ec:
3c:2e:05:f1:a8:dd:30:eb:6a:81:88:50:2f:ba:0f:c5:9e:74:
d8:56:c5:e8:aa:76:78:71:69:65:47:b5:15:c0:69:a9:74:f6:
6b:0a:27:76:9c:c3:0d:04:b2:ce:de:ce:25:c2:fc:83:aa:70:
11:6d:5e:b6:cd:76:96:b8:7e:d3:9f:24:14:d4:47:40:1c:56:
3b:4f:4f:45:26:76:fb:f9:4b:54:9a:6e:a0:16:30:4d:54:15:
d6:43:6e:6a:3f:2e:66:48:8a:c8:97:87:52:7c:40:ae:e2:58:
d3:9f:25:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs7zS9Xgj4hRK7xgc5GM68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMzM2MWZiYTg0MDkxNzRmYjNjNDgyYjhjYTI2ZjIzNWVi
ZDIyYzIwHhcNMjMwMTAxMTA0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTY3MmRhYjRkMTE4YmNjZDg2NzQ5MGJmMzk1NWZmMjAzMDdjZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVlEnxE66wiHtWR/+hx2hyO5PBz0
8nIM3evgb5K4LCA8mw8+2LlXPu3qJCKbzCjKEsx/0wgFbKQQFrzAo1Kdys0xiblw
+HKG1W1HMN+GiTa3WS/pIjN2GUgsmzb7iXKlMz0/kOUKbbUE6aq4DMZGSl6rfe/u
HWxALSgM0tp3Kl5xG8AGndPAayn2H310lbwq0pAzDYhYa5XakgIlmrF1j6EKvUhF
zvNriHJ3B5dNXUo1Hao5wbP0FHYMk1woYIa77yG32ZZXZ95fpkIA1jt+vDFx1BJi
WQrSje6HubyTG1Ktc3orsmRZSKznmTu35G5gsOnU7vyjbfRqGL1WVXvDPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKpnLatNEYvM2GdJC/OVX/IDB8+mMB8GA1UdIwQY
MBaAFDMzYfuoQJF0+zxIK4yibyNevSLCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXpOaC02aEFrWFQ3UEVncmpLSnZJMTY5SXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xMWUxM2YtNGNlYS00NGFmLTgxZjkt
YjJjY2NmMGVhZGFiLzEvcW1jdHEwMFJpOHpZWjBrTDg1VmY4Z01IejZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xMWUxM2YtNGNlYS00NGFmLTgxZjktYjJjY2NmMGVhZGFi
LzEvTXpOaC02aEFrWFQ3UEVncmpLSnZJMTY5SXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYZSMA0G
CSqGSIb3DQEBCwUAA4IBAQCy00NyRpeyk6e4zSGr+7P5a8iw5W8yoPNr2xbTY/db
xPIv4+4otIufIVLVhAl8QLrnb6BvxLhBfTiRqMfPYa9XplSurXlwEuSVgXkbTmDq
UzOnMhjoApt0mD5l1/woXbwpc+YGFnZ+MxOfIHAJJJ/1iyavPp6ybdQwZLhoS5VG
YrbkhjGoRvKNGV1Vg0n8qew8LgXxqN0w62qBiFAvug/FnnTYVsXoqnZ4cWllR7UV
wGmpdPZrCid2nMMNBLLO3s4lwvyDqnARbV62zXaWuH7TnyQU1EdAHFY7T09FJnb7
+UtUmm6gFjBNVBXWQ25qPy5mSIrIl4dSfECu4ljTnyUu
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:33 2025 by rpki-client