Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/OAWxed4cHvtIjH-KmtmSjNGmvZs.roa
File: OAWxed4cHvtIjH-KmtmSjNGmvZs.roa (raw, json)
Hash identifier: ts4qWJVZ3UPUZvua1Zm9oTq0OjIZkJIgnj0wxzOccb4=
Subject key identifier: 38:05:B1:79:DE:1C:1E:FB:48:8C:7F:8A:9A:D9:92:8C:D1:A6:BD:9B
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 2B10D10C
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/OAWxed4cHvtIjH-KmtmSjNGmvZs.roa
Signing time: Tue 19 Apr 2022 12:31:43 +0000
ROA not before: Tue 19 Apr 2022 12:31:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43297
IP address blocks: 178.57.64.0/24 maxlen: 24
178.57.69.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 722522380 (0x2b10d10c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Apr 19 12:31:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3805b179de1c1efb488c7f8a9ad9928cd1a6bd9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c1:b0:be:f2:a9:33:ef:be:7c:5e:27:a8:c8:
9b:94:e4:79:f0:b9:9b:95:0b:4a:08:49:aa:4a:7f:
1a:80:b8:88:d7:9f:c5:4c:73:0c:c3:36:d2:ec:08:
6f:df:ac:2c:e4:c9:80:7b:34:bc:84:b2:5a:47:9e:
e6:e0:06:22:9d:61:22:d5:b7:43:e1:35:05:ed:cf:
15:47:38:68:51:84:aa:c0:37:0f:82:c9:0c:6d:32:
c6:48:21:9e:02:b8:f1:80:c6:6d:76:a1:4c:ed:db:
47:45:8c:35:a7:f0:0c:7a:4d:dd:22:4e:fe:1c:90:
5c:47:6f:87:31:56:8e:51:d5:75:5b:60:64:1c:09:
2a:b4:16:05:c8:d5:4d:8f:ca:75:3e:4e:dc:73:06:
a4:a6:f8:05:e6:28:48:06:c1:09:44:c3:ae:88:46:
e9:f3:e2:91:8b:25:45:b0:a3:1d:a4:2a:f0:5d:c3:
b2:38:f8:25:a5:45:d5:0b:9d:1b:c4:42:33:1d:75:
3e:07:86:ca:d4:70:f4:c5:67:fa:84:2a:03:2f:e4:
62:c2:72:d1:6d:96:1a:b0:a7:f3:4c:c6:f9:b1:bb:
fb:f7:9b:dd:15:49:5a:a7:af:a8:29:1c:80:b8:fc:
4f:b3:28:34:1f:a6:a3:21:1a:ec:34:6c:86:1c:52:
1c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:05:B1:79:DE:1C:1E:FB:48:8C:7F:8A:9A:D9:92:8C:D1:A6:BD:9B
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/OAWxed4cHvtIjH-KmtmSjNGmvZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.57.64.0/24
178.57.69.0/24
Signature Algorithm: sha256WithRSAEncryption
84:81:25:7c:bb:61:0a:89:fa:aa:88:98:98:0e:42:72:01:80:
f2:f3:6d:42:57:34:fe:1b:06:a4:03:13:a0:c7:cc:4d:c8:d3:
fc:24:f1:0d:eb:22:f4:b9:78:65:94:06:19:5c:61:1b:76:39:
07:c6:eb:22:2c:a6:8c:2b:62:d7:8b:76:0d:23:ab:28:92:aa:
3a:71:b4:b4:55:5e:09:e0:54:a7:41:7d:54:67:7b:d7:f5:74:
e5:ad:8e:3e:f3:b0:47:b5:e4:d3:e7:4d:31:85:52:44:86:68:
de:cc:ac:69:97:dc:3a:a1:8d:a9:8a:0f:ab:79:fc:b4:d3:03:
14:e8:7b:9f:86:bd:6a:cc:09:37:d7:ba:ca:60:f7:31:00:03:
42:72:b1:81:92:fc:88:15:c7:17:a0:1c:11:92:dc:88:7d:cf:
0a:da:3f:87:1b:28:78:cd:f4:51:35:6a:b8:a8:fe:7d:8f:6f:
0a:1e:d9:29:03:bb:76:84:dc:3a:3e:d2:35:21:0e:20:4f:53:
27:65:b6:ff:e8:2c:eb:2d:54:32:2b:97:ad:88:1e:9f:32:41:
2d:98:4b:c5:05:62:c5:d8:d7:9f:81:e7:0c:e9:65:03:1d:8e:
cc:6e:64:62:a1:48:13:c9:6a:26:1b:b7:84:3d:87:82:90:f5:
b4:cf:97:c1
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEKxDRDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDQ1ZGFjYzgzNzc5OGMzZTZjZjMxZjRkMjc5NDZhMzNiMGRlNjYxMB4XDTIyMDQx
OTEyMzE0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzgwNWIxNzlkZTFj
MWVmYjQ4OGM3ZjhhOWFkOTkyOGNkMWE2YmQ5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKvBsL7yqTPvvnxeJ6jIm5TkefC5m5ULSghJqkp/GoC4iNef
xUxzDMM20uwIb9+sLOTJgHs0vISyWkee5uAGIp1hItW3Q+E1Be3PFUc4aFGEqsA3
D4LJDG0yxkghngK48YDGbXahTO3bR0WMNafwDHpN3SJO/hyQXEdvhzFWjlHVdVtg
ZBwJKrQWBcjVTY/KdT5O3HMGpKb4BeYoSAbBCUTDrohG6fPikYslRbCjHaQq8F3D
sjj4JaVF1QudG8RCMx11PgeGytRw9MVn+oQqAy/kYsJy0W2WGrCn80zG+bG7+/eb
3RVJWqevqCkcgLj8T7MoNB+moyEa7DRshhxSHNcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ4BbF53hwe+0iMf4qa2ZKM0aa9mzAfBgNVHSMEGDAWgBQQRdrMg3eYw+bP
MfTSeUajOw3mYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VFWGF6SU4zbU1QbXp6SDAwbmxHb3pzTjVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8x
L09BV3hlZDRjSHZ0SWpILUttdG1Tak5HbXZacy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8xL0VFWGF6SU4zbU1Q
bXp6SDAwbmxHb3pzTjVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALI5QAMEALI5RTANBgkqhkiG9w0B
AQsFAAOCAQEAhIElfLthCon6qoiYmA5CcgGA8vNtQlc0/hsGpAMToMfMTcjT/CTx
Desi9Ll4ZZQGGVxhG3Y5B8brIiymjCti14t2DSOrKJKqOnG0tFVeCeBUp0F9VGd7
1/V05a2OPvOwR7Xk0+dNMYVSRIZo3sysaZfcOqGNqYoPq3n8tNMDFOh7n4a9aswJ
N9e6ymD3MQADQnKxgZL8iBXHF6AcEZLciH3PCto/hxsoeM30UTVquKj+fY9vCh7Z
KQO7doTcOj7SNSEOIE9TJ2W2/+gs6y1UMiuXrYgenzJBLZhLxQVixdjXn4HnDOll
Ax2OzG5kYqFIE8lqJhu3hD2HgpD1tM+XwQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:25 2025 by rpki-client