Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/82pr9V1GQ0dNXvxi_XtGvfrt2FM.roa
File: 82pr9V1GQ0dNXvxi_XtGvfrt2FM.roa (raw, json)
Hash identifier: 72WbU9uiChdPO3rBWWVJfSO0QquWCGkaVWIXiM+gNuw=
Subject key identifier: F3:6A:6B:F5:5D:46:43:47:4D:5E:FC:62:FD:7B:46:BD:FA:ED:D8:53
Certificate issuer: /CN=32c78eeef7acb451fc37575feb9114dfccc1cdfb
Certificate serial: 018508FD8F9234DC88698A4A7D2DC0483057
Authority key identifier: 32:C7:8E:EE:F7:AC:B4:51:FC:37:57:5F:EB:91:14:DF:CC:C1:CD:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/82pr9V1GQ0dNXvxi_XtGvfrt2FM.roa
Signing time: Tue 13 Dec 2022 00:58:33 +0000
ROA not before: Tue 13 Dec 2022 00:58:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202349
IP address blocks: 2.56.87.0/24 maxlen: 24
45.141.243.0/24 maxlen: 24
45.141.254.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:08:fd:8f:92:34:dc:88:69:8a:4a:7d:2d:c0:48:30:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32c78eeef7acb451fc37575feb9114dfccc1cdfb
Validity
Not Before: Dec 13 00:58:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f36a6bf55d4643474d5efc62fd7b46bdfaedd853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c2:ec:04:f9:db:62:e3:42:e1:c9:02:73:31:
d8:4b:44:c9:3d:1a:36:4c:70:2e:cb:b1:04:c9:9e:
3d:d9:af:48:10:a7:0f:db:a5:f3:83:ad:5e:41:97:
b8:08:15:a7:c8:47:6a:d7:c1:dc:47:c8:15:72:f7:
27:6d:37:cb:c4:59:ee:72:77:fb:db:ff:15:19:cc:
ca:05:f5:21:e9:76:a2:ff:43:44:41:e2:41:32:87:
74:57:06:f1:e9:ec:1a:ac:12:32:9c:71:a7:a8:8a:
61:24:5f:f6:d0:0e:c7:b0:1a:9e:8a:9c:0d:fe:28:
d1:2e:18:b1:de:0e:8e:83:e2:0a:ac:cc:da:78:ef:
47:7a:d8:ba:29:0b:42:bd:8d:6e:7a:46:49:18:45:
23:76:c5:f4:31:41:e8:ff:3f:06:d3:2b:33:58:f6:
19:ed:8f:71:f6:3f:b6:ba:c1:62:e4:e1:67:7c:95:
81:de:b1:d2:ac:2b:f8:08:b3:8e:45:83:57:7e:fa:
c7:e7:3b:20:26:b5:30:72:03:aa:5b:ac:3b:d5:26:
0c:27:f5:85:cc:1e:c7:75:26:d5:36:68:04:b9:e9:
a2:bd:eb:58:34:cc:ab:04:19:68:ca:bf:6a:58:5c:
b7:a6:2a:b2:b7:a7:d1:b9:3f:94:3a:48:61:ad:32:
d2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:6A:6B:F5:5D:46:43:47:4D:5E:FC:62:FD:7B:46:BD:FA:ED:D8:53
X509v3 Authority Key Identifier:
keyid:32:C7:8E:EE:F7:AC:B4:51:FC:37:57:5F:EB:91:14:DF:CC:C1:CD:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/82pr9V1GQ0dNXvxi_XtGvfrt2FM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/MseO7vestFH8N1df65EU38zBzfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.87.0/24
45.141.243.0/24
45.141.254.0/24
Signature Algorithm: sha256WithRSAEncryption
24:24:96:a9:f7:9d:df:e7:27:77:0b:51:32:a2:12:37:ba:27:
97:00:7f:dc:f8:bc:18:6e:bd:42:ee:6b:69:14:da:5d:62:71:
15:70:53:7b:60:d5:c8:94:cd:c4:ae:7f:bf:91:3b:78:95:85:
37:3b:1f:23:bc:6b:c7:01:90:75:33:ee:de:7d:70:81:cb:cb:
28:bc:e4:0c:fb:00:c4:33:24:02:17:7e:5a:31:01:73:6d:b2:
90:a9:55:dd:68:57:41:44:e0:ff:64:11:ea:e8:fb:3a:b7:aa:
f6:ad:6f:5f:25:d7:e8:8a:54:ec:a6:9a:c8:58:4f:76:f1:69:
2b:5b:3a:8c:d4:6e:f0:05:2d:40:d6:5b:75:10:45:af:61:f6:
85:d2:31:5e:00:b7:0f:e6:97:d0:14:fe:1b:fc:e6:35:3d:e3:
19:23:77:7b:17:47:3d:37:46:00:76:bd:78:44:8e:59:89:fe:
4e:5e:7e:72:cd:c0:a7:92:28:a6:fa:c6:b9:c5:dd:54:6c:58:
ca:fb:6a:e3:b0:f2:19:74:6d:eb:70:33:7f:63:c0:79:f1:78:
eb:57:6e:ff:a9:3f:3b:64:ee:a7:41:da:6d:fd:56:11:2d:4e:
80:05:6e:20:38:30:a5:75:aa:3f:56:16:55:c5:7b:0e:32:1a:
5f:f9:1e:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUI/Y+SNNyIaYpKfS3ASDBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYzc4ZWVlZjdhY2I0NTFmYzM3NTc1ZmViOTExNGRmY2Nj
MWNkZmIwHhcNMjIxMjEzMDA1ODMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzZhNmJmNTVkNDY0MzQ3NGQ1ZWZjNjJmZDdiNDZiZGZhZWRkODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsLsBPnbYuNC4ckCczHYS0TJPRo2
THAuy7EEyZ492a9IEKcP26Xzg61eQZe4CBWnyEdq18HcR8gVcvcnbTfLxFnucnf7
2/8VGczKBfUh6Xai/0NEQeJBMod0Vwbx6ewarBIynHGnqIphJF/20A7HsBqeipwN
/ijRLhix3g6Og+IKrMzaeO9Heti6KQtCvY1uekZJGEUjdsX0MUHo/z8G0yszWPYZ
7Y9x9j+2usFi5OFnfJWB3rHSrCv4CLOORYNXfvrH5zsgJrUwcgOqW6w71SYMJ/WF
zB7HdSbVNmgEuemivetYNMyrBBloyr9qWFy3piqyt6fRuT+UOkhhrTLSBQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPNqa/VdRkNHTV78Yv17Rr367dhTMB8GA1UdIwQY
MBaAFDLHju73rLRR/DdXX+uRFN/Mwc37MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXNlTzd2ZXN0Rkg4TjFkZjY1RVUzOHpCemZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yMjViY2ItNmQzZC00YzBlLTgyNGYt
MmYxYzhlNDA4YjY0LzEvODJwcjlWMUdRMGROWHZ4aV9YdEd2ZnJ0MkZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yMjViY2ItNmQzZC00YzBlLTgyNGYtMmYxYzhlNDA4YjY0
LzEvTXNlTzd2ZXN0Rkg4TjFkZjY1RVUzOHpCemZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjhXAwQA
LY3zAwQALY3+MA0GCSqGSIb3DQEBCwUAA4IBAQAkJJap953f5yd3C1EyohI3uieX
AH/c+LwYbr1C7mtpFNpdYnEVcFN7YNXIlM3Ern+/kTt4lYU3Ox8jvGvHAZB1M+7e
fXCBy8sovOQM+wDEMyQCF35aMQFzbbKQqVXdaFdBROD/ZBHq6Ps6t6r2rW9fJdfo
ilTspprIWE928WkrWzqM1G7wBS1A1lt1EEWvYfaF0jFeALcP5pfQFP4b/OY1PeMZ
I3d7F0c9N0YAdr14RI5Zif5OXn5yzcCnkiim+sa5xd1UbFjK+2rjsPIZdG3rcDN/
Y8B58XjrV27/qT87ZO6nQdpt/VYRLU6ABW4gODCldao/VhZVxXsOMhpf+R5t
-----END CERTIFICATE-----
Generated at Mon Apr 28 12:32:39 2025 by rpki-client