Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/rYICGV1bGL3sk9UCuKi9flCNDgQ.roa
File: rYICGV1bGL3sk9UCuKi9flCNDgQ.roa (raw, json)
Hash identifier: +T6BKTf3macViDacN2yhWSkC3xzzhCYWuFx3d85AmgM=
Subject key identifier: AD:82:02:19:5D:5B:18:BD:EC:93:D5:02:B8:A8:BD:7E:50:8D:0E:04
Certificate issuer: /CN=333361fba8409174fb3c482b8ca26f235ebd22c2
Certificate serial: 018846B584BE186091A870D154F37D4FBE95
Authority key identifier: 33:33:61:FB:A8:40:91:74:FB:3C:48:2B:8C:A2:6F:23:5E:BD:22:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/rYICGV1bGL3sk9UCuKi9flCNDgQ.roa
Signing time: Tue 23 May 2023 03:44:41 +0000
ROA not before: Tue 23 May 2023 03:44:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 18013
IP address blocks: 45.145.230.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:46:b5:84:be:18:60:91:a8:70:d1:54:f3:7d:4f:be:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=333361fba8409174fb3c482b8ca26f235ebd22c2
Validity
Not Before: May 23 03:44:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad8202195d5b18bdec93d502b8a8bd7e508d0e04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:12:f9:85:6e:6f:0c:ad:8c:f7:f1:d8:19:0a:
87:70:03:b7:ab:6f:41:12:51:64:78:c2:6a:f6:03:
9a:22:47:ef:52:8c:1c:d6:c1:d7:72:8c:b5:99:19:
53:50:8d:e0:04:c5:0b:c0:7f:8d:f2:41:53:c9:7c:
cb:8c:a2:df:bb:f5:c4:5a:df:71:72:c1:27:35:f3:
d2:f8:08:3d:05:29:a6:a4:a8:58:0e:9e:19:01:c9:
d0:3f:e8:ad:7b:a8:98:e1:15:82:f3:a7:a4:f8:87:
ee:2c:82:65:0a:05:45:79:30:60:99:a6:a8:ff:79:
c6:2a:29:83:e0:dd:70:b0:ff:cd:82:dc:8e:d8:89:
10:09:d6:5a:45:3d:66:58:85:e4:8a:ca:0a:7f:6a:
db:5e:c0:d1:32:99:ea:f0:a0:92:4c:cf:83:5e:c8:
09:e4:4b:a7:f5:6d:bf:b1:f8:e5:22:20:d2:2f:59:
7e:c4:22:54:b1:7c:b9:bf:2d:d2:8c:29:5f:76:b6:
f6:d5:e0:a5:48:fe:3e:70:53:2c:5b:d9:6d:78:8f:
e5:d6:75:1d:ae:b9:f1:7c:e9:00:c8:14:b0:73:5a:
06:ed:ff:3a:e5:1e:41:6e:32:f2:1e:f1:19:69:d1:
3b:3f:f5:ab:0f:6e:8f:e1:71:f6:75:4f:c8:74:0d:
85:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:82:02:19:5D:5B:18:BD:EC:93:D5:02:B8:A8:BD:7E:50:8D:0E:04
X509v3 Authority Key Identifier:
keyid:33:33:61:FB:A8:40:91:74:FB:3C:48:2B:8C:A2:6F:23:5E:BD:22:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzNh-6hAkXT7PEgrjKJvI169IsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/rYICGV1bGL3sk9UCuKi9flCNDgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/11e13f-4cea-44af-81f9-b2cccf0eadab/1/MzNh-6hAkXT7PEgrjKJvI169IsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.230.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:a3:41:bb:83:d3:97:03:73:84:24:43:ae:a8:4b:f0:24:55:
91:63:d0:c9:20:f7:04:f1:c6:8b:a8:43:78:93:56:9e:16:2a:
ed:5b:75:44:56:cd:1d:fb:b6:18:b1:5c:da:9c:a7:74:77:62:
bc:36:61:dd:44:87:04:6d:15:7e:37:bb:ce:52:b5:e3:58:f9:
62:95:e9:fe:28:65:6d:09:1a:58:0a:2f:10:70:89:f7:66:2d:
14:fd:45:b1:62:5b:64:32:85:7c:86:ae:aa:77:99:43:2d:81:
c2:8c:2b:55:fd:6b:ab:26:b7:9c:71:9b:51:62:31:5c:ac:ed:
62:0b:96:43:a8:60:3d:71:d8:db:ca:34:dd:e7:63:61:aa:a0:
12:99:d0:bb:fd:08:56:07:da:fd:e6:57:c1:43:87:d5:7e:a2:
55:71:06:84:a5:01:11:70:57:11:12:88:6f:44:3a:0e:4b:55:
71:30:63:3c:12:e0:3b:51:29:20:7b:97:2b:e4:ae:7d:e2:8b:
be:3c:1a:32:12:db:21:c1:e9:41:ad:77:cb:98:aa:ec:dd:57:
47:15:a1:ad:bd:25:85:87:02:be:cf:fc:7b:3f:2a:3b:a2:53:
b3:f6:e6:df:3f:0c:af:42:40:d7:3a:f7:4f:3a:45:46:53:c0:
29:5f:40:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhGtYS+GGCRqHDRVPN9T76VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMzM2MWZiYTg0MDkxNzRmYjNjNDgyYjhjYTI2ZjIzNWVi
ZDIyYzIwHhcNMjMwNTIzMDM0NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDgyMDIxOTVkNWIxOGJkZWM5M2Q1MDJiOGE4YmQ3ZTUwOGQwZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBL5hW5vDK2M9/HYGQqHcAO3q29B
ElFkeMJq9gOaIkfvUowc1sHXcoy1mRlTUI3gBMULwH+N8kFTyXzLjKLfu/XEWt9x
csEnNfPS+Ag9BSmmpKhYDp4ZAcnQP+ite6iY4RWC86ek+IfuLIJlCgVFeTBgmaao
/3nGKimD4N1wsP/NgtyO2IkQCdZaRT1mWIXkisoKf2rbXsDRMpnq8KCSTM+DXsgJ
5Eun9W2/sfjlIiDSL1l+xCJUsXy5vy3SjClfdrb21eClSP4+cFMsW9lteI/l1nUd
rrnxfOkAyBSwc1oG7f865R5BbjLyHvEZadE7P/WrD26P4XH2dU/IdA2FywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK2CAhldWxi97JPVAriovX5QjQ4EMB8GA1UdIwQY
MBaAFDMzYfuoQJF0+zxIK4yibyNevSLCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXpOaC02aEFrWFQ3UEVncmpLSnZJMTY5SXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8xMWUxM2YtNGNlYS00NGFmLTgxZjkt
YjJjY2NmMGVhZGFiLzEvcllJQ0dWMWJHTDNzazlVQ3VLaTlmbENORGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8xMWUxM2YtNGNlYS00NGFmLTgxZjktYjJjY2NmMGVhZGFi
LzEvTXpOaC02aEFrWFQ3UEVncmpLSnZJMTY5SXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZHmMA0G
CSqGSIb3DQEBCwUAA4IBAQALo0G7g9OXA3OEJEOuqEvwJFWRY9DJIPcE8caLqEN4
k1aeFirtW3VEVs0d+7YYsVzanKd0d2K8NmHdRIcEbRV+N7vOUrXjWPlilen+KGVt
CRpYCi8QcIn3Zi0U/UWxYltkMoV8hq6qd5lDLYHCjCtV/WurJreccZtRYjFcrO1i
C5ZDqGA9cdjbyjTd52NhqqASmdC7/QhWB9r95lfBQ4fVfqJVcQaEpQERcFcREohv
RDoOS1VxMGM8EuA7USkge5cr5K594ou+PBoyEtshwelBrXfLmKrs3VdHFaGtvSWF
hwK+z/x7Pyo7olOz9ubfPwyvQkDXOvdPOkVGU8ApX0Ce
-----END CERTIFICATE-----
Generated at Fri Apr 18 01:14:09 2025 by rpki-client