Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/_m1rHHlR2r0364OMDp8q01CNnZs.roa
File: _m1rHHlR2r0364OMDp8q01CNnZs.roa (raw, json)
Hash identifier: FLY1KoHxZQqZM9Dbqy2P9rr2XcBDUSkg7kx5Po9EJis=
Subject key identifier: FE:6D:6B:1C:79:51:DA:BD:37:EB:83:8C:0E:9F:2A:D3:50:8D:9D:9B
Certificate issuer: /CN=e5bcfc1077cf876888fb6c75b2e394923205f3b5
Certificate serial: 04F761A3
Authority key identifier: E5:BC:FC:10:77:CF:87:68:88:FB:6C:75:B2:E3:94:92:32:05:F3:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5bz8EHfPh2iI-2x1suOUkjIF87U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/_m1rHHlR2r0364OMDp8q01CNnZs.roa
Signing time: Sat 01 Jan 2022 13:07:22 +0000
ROA not before: Sat 01 Jan 2022 13:07:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 176.116.116.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83321251 (0x4f761a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bcfc1077cf876888fb6c75b2e394923205f3b5
Validity
Not Before: Jan 1 13:07:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe6d6b1c7951dabd37eb838c0e9f2ad3508d9d9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:76:66:8b:fc:15:e9:36:a9:88:69:b4:a2:42:
b1:09:26:25:a5:f9:5e:1b:d9:17:bf:fc:2d:73:2f:
f3:86:11:83:bd:bb:95:e1:63:64:b0:7c:c1:ee:7c:
78:94:a1:3c:7f:6a:87:27:9e:9b:3f:6c:3e:d8:ca:
e2:3e:50:ae:8a:08:d4:d2:a6:42:06:4f:45:de:80:
20:fe:ce:75:f5:3d:1a:8e:89:78:f0:d6:20:c2:75:
55:7e:3a:47:0d:20:41:a9:2a:24:7b:f0:df:c7:5e:
b4:e7:b8:1d:bc:ec:8a:d2:1f:7d:4f:27:ce:1f:87:
bc:1f:1c:e2:dc:6c:00:8f:4d:8e:a6:a3:d6:01:9a:
f7:8b:02:71:5a:f9:c6:35:37:e3:fb:78:ca:98:5d:
cf:2b:fc:7e:81:fc:e0:2d:dd:41:0d:f1:c5:dd:f8:
76:76:fd:a3:6e:fe:c2:f1:b7:61:9a:1f:e7:29:63:
a3:dd:3e:5f:ac:e1:2b:3a:9a:c4:96:ff:77:06:e1:
b5:64:bb:eb:37:bd:e7:98:3e:2c:63:47:19:7c:cd:
b0:e2:a4:e1:9f:ab:61:66:c2:fb:45:aa:4e:6f:ce:
1d:cf:0d:f6:de:62:6c:d2:1c:8e:2c:40:64:ff:ae:
dd:f3:31:55:35:1c:7c:7d:47:4b:d4:09:29:42:73:
af:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:6D:6B:1C:79:51:DA:BD:37:EB:83:8C:0E:9F:2A:D3:50:8D:9D:9B
X509v3 Authority Key Identifier:
keyid:E5:BC:FC:10:77:CF:87:68:88:FB:6C:75:B2:E3:94:92:32:05:F3:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5bz8EHfPh2iI-2x1suOUkjIF87U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/_m1rHHlR2r0364OMDp8q01CNnZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/5bz8EHfPh2iI-2x1suOUkjIF87U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.116.0/23
Signature Algorithm: sha256WithRSAEncryption
15:31:29:be:bc:8b:c3:5c:6e:03:98:2b:c4:0c:ac:b0:a0:ae:
68:5c:d3:40:85:d2:bb:f5:ef:63:86:0e:19:7e:f2:f8:bd:4b:
ec:7d:5d:fb:7c:c3:72:3e:97:1a:d2:0d:ed:31:b7:31:77:3d:
69:ba:09:3a:7f:29:64:ce:8d:b9:bc:25:39:2b:d7:f5:3d:44:
4e:af:3b:d3:75:94:b8:e6:e3:ca:82:ef:51:93:04:c2:2d:e0:
22:bb:59:d0:c0:49:d2:95:95:ea:e6:36:2a:fe:93:92:49:97:
99:e0:dc:c4:7c:11:a6:8d:f0:12:4b:68:98:1b:c9:5b:f5:5b:
4d:9a:e1:71:e4:60:3a:06:db:63:0f:65:bd:06:f7:49:57:84:
9c:3c:d1:43:73:cf:6d:c8:d9:fc:fa:2b:49:ba:c4:3f:08:82:
e0:e0:53:b4:6c:b6:51:8c:6f:02:00:2c:b9:6b:4e:0d:3c:7f:
a5:ea:80:ee:1e:f1:69:a0:8f:17:b2:dd:d8:2d:8b:9b:73:3a:
a4:dc:78:2c:b9:56:15:96:4a:af:55:cd:23:0d:6f:16:8a:4f:
87:c4:f8:c1:16:56:b0:ae:9a:1c:ce:3e:8e:7c:d5:ad:04:b3:
a5:88:98:58:77:99:29:38:fd:f8:2c:e9:a4:61:72:74:10:3d:
b3:cc:c0:eb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBPdhozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NWJjZmMxMDc3Y2Y4NzY4ODhmYjZjNzViMmUzOTQ5MjMyMDVmM2I1MB4XDTIyMDEw
MTEzMDcyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmU2ZDZiMWM3OTUx
ZGFiZDM3ZWI4MzhjMGU5ZjJhZDM1MDhkOWQ5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZ2Zov8Fek2qYhptKJCsQkmJaX5XhvZF7/8LXMv84YRg727
leFjZLB8we58eJShPH9qhyeemz9sPtjK4j5QrooI1NKmQgZPRd6AIP7OdfU9Go6J
ePDWIMJ1VX46Rw0gQakqJHvw38detOe4HbzsitIffU8nzh+HvB8c4txsAI9Njqaj
1gGa94sCcVr5xjU34/t4yphdzyv8foH84C3dQQ3xxd34dnb9o27+wvG3YZof5ylj
o90+X6zhKzqaxJb/dwbhtWS76ze955g+LGNHGXzNsOKk4Z+rYWbC+0WqTm/OHc8N
9t5ibNIcjixAZP+u3fMxVTUcfH1HS9QJKUJzrwUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT+bWsceVHavTfrg4wOnyrTUI2dmzAfBgNVHSMEGDAWgBTlvPwQd8+HaIj7
bHWy45SSMgXztTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzViejhFSGZQaDJpSS0yeDFzdU9Va2pJRjg3VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvZTA1ZTc3LTEyYWUtNGY1OS05NDkxLWNhZGQxMTI5Yzk4ZC8x
L19tMXJISGxSMnIwMzY0T01EcDhxMDFDTm5acy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
ZTA1ZTc3LTEyYWUtNGY1OS05NDkxLWNhZGQxMTI5Yzk4ZC8xLzViejhFSGZQaDJp
SS0yeDFzdU9Va2pJRjg3VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbB0dDANBgkqhkiG9w0BAQsFAAOC
AQEAFTEpvryLw1xuA5grxAyssKCuaFzTQIXSu/XvY4YOGX7y+L1L7H1d+3zDcj6X
GtIN7TG3MXc9aboJOn8pZM6NubwlOSvX9T1ETq8703WUuObjyoLvUZMEwi3gIrtZ
0MBJ0pWV6uY2Kv6TkkmXmeDcxHwRpo3wEktomBvJW/VbTZrhceRgOgbbYw9lvQb3
SVeEnDzRQ3PPbcjZ/PorSbrEPwiC4OBTtGy2UYxvAgAsuWtODTx/peqA7h7xaaCP
F7Ld2C2Lm3M6pNx4LLlWFZZKr1XNIw1vFopPh8T4wRZWsK6aHM4+jnzVrQSzpYiY
WHeZKTj9+CzppGFydBA9s8zA6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:06 2024 by rpki-client on console-fra.rpki-client.org