Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/khqaayy5q4nAaQZgPp6i_1RgVs8.roa
File: khqaayy5q4nAaQZgPp6i_1RgVs8.roa (raw, json)
Hash identifier: /55mfU4PiJhuxbiktHs/6u9mG2GB+AXVRVvDQGiER2c=
Subject key identifier: 92:1A:9A:6B:2C:B9:AB:89:C0:69:06:60:3E:9E:A2:FF:54:60:56:CF
Certificate issuer: /CN=e5bcfc1077cf876888fb6c75b2e394923205f3b5
Certificate serial: 05C606EC
Authority key identifier: E5:BC:FC:10:77:CF:87:68:88:FB:6C:75:B2:E3:94:92:32:05:F3:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5bz8EHfPh2iI-2x1suOUkjIF87U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/khqaayy5q4nAaQZgPp6i_1RgVs8.roa
Signing time: Fri 01 Apr 2022 14:29:30 +0000
ROA not before: Fri 01 Apr 2022 14:29:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8708
IP address blocks: 176.116.117.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96863980 (0x5c606ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bcfc1077cf876888fb6c75b2e394923205f3b5
Validity
Not Before: Apr 1 14:29:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=921a9a6b2cb9ab89c06906603e9ea2ff546056cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6b:9a:2e:ba:b8:62:4a:c1:f0:9a:e0:d0:f9:
0d:ea:f1:eb:69:ae:0c:cc:ff:fc:a5:bc:0a:56:8d:
8f:86:9c:d5:89:a9:08:06:7b:21:3b:e5:69:41:83:
8e:fa:fe:e4:9c:ff:71:0f:6d:ea:5e:b6:2c:a5:2b:
d5:fb:ed:66:9d:a5:6a:76:04:a8:03:9e:42:42:b1:
a1:ca:03:85:82:10:a6:13:44:5e:b2:3b:6f:97:98:
23:50:3b:d0:d3:e3:91:04:3f:f4:7e:7b:f4:5c:c3:
99:2c:6c:5c:06:8d:db:39:b8:49:5f:3b:55:b4:36:
27:68:5a:43:76:af:1a:ad:7f:1f:97:14:3a:b8:45:
d7:80:2b:bd:7f:a7:a4:82:ee:fe:99:a5:fd:be:35:
57:23:d0:10:38:c2:da:b9:fe:dc:07:2e:fe:94:4e:
c5:5c:c6:42:be:19:58:23:52:93:a8:18:f6:a0:aa:
cd:05:5d:90:49:5d:1e:6b:dd:4e:f7:79:fb:e3:1c:
07:05:97:8c:44:c2:92:f9:0c:0c:2d:e6:61:ab:86:
1f:22:c9:a6:5a:4d:0c:af:5b:54:3e:a7:df:09:d0:
8c:3a:42:a8:b0:a1:70:7e:e2:c2:57:ab:56:7a:b7:
3b:82:b0:35:4a:c2:57:87:f8:aa:4e:94:66:21:20:
a9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:1A:9A:6B:2C:B9:AB:89:C0:69:06:60:3E:9E:A2:FF:54:60:56:CF
X509v3 Authority Key Identifier:
keyid:E5:BC:FC:10:77:CF:87:68:88:FB:6C:75:B2:E3:94:92:32:05:F3:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5bz8EHfPh2iI-2x1suOUkjIF87U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/khqaayy5q4nAaQZgPp6i_1RgVs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/5bz8EHfPh2iI-2x1suOUkjIF87U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.117.0/24
Signature Algorithm: sha256WithRSAEncryption
38:a9:07:fa:ed:e9:fd:0e:c5:c4:bd:46:67:41:be:69:ee:87:
63:06:7e:21:93:cf:97:f1:ac:23:26:b0:9d:c5:45:a4:5d:49:
ba:71:ba:0d:69:81:84:f8:3e:3f:ba:be:30:f6:73:4f:e5:4b:
b2:08:dd:f6:b8:de:b1:f2:40:f7:01:24:47:4a:24:69:0f:37:
09:77:c4:9c:2b:99:43:11:f7:fb:aa:38:e6:8f:36:85:7d:e7:
95:2c:26:60:96:f3:87:95:7b:40:0d:74:83:17:3c:d6:8a:bb:
c9:74:b7:e8:a3:d2:b6:45:02:9e:c6:59:1a:7a:5f:38:53:58:
df:58:76:de:a4:01:a8:e7:40:0b:dc:16:52:72:96:95:4a:71:
7f:83:17:21:25:2b:e6:d0:ce:70:be:71:bb:c5:7e:61:51:7e:
f8:d0:c8:2a:fd:f5:5d:03:4c:09:0a:5d:d8:d8:cc:45:89:d3:
cc:81:0e:4d:77:0c:5b:53:b4:58:2f:1c:ae:08:f1:18:67:3a:
b8:f6:74:8c:26:ef:dc:ef:90:cb:e3:7e:af:c5:89:ad:af:0b:
55:ec:2b:cd:db:74:35:fb:48:22:c8:c1:b7:0a:0c:ea:af:c3:
02:5f:d4:3d:6d:1e:ec:d4:81:05:92:5f:2d:01:f1:37:1f:94:
28:5c:01:f2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBcYG7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NWJjZmMxMDc3Y2Y4NzY4ODhmYjZjNzViMmUzOTQ5MjMyMDVmM2I1MB4XDTIyMDQw
MTE0MjkzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTIxYTlhNmIyY2I5
YWI4OWMwNjkwNjYwM2U5ZWEyZmY1NDYwNTZjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1rmi66uGJKwfCa4ND5Derx62muDMz//KW8ClaNj4ac1Ymp
CAZ7ITvlaUGDjvr+5Jz/cQ9t6l62LKUr1fvtZp2lanYEqAOeQkKxocoDhYIQphNE
XrI7b5eYI1A70NPjkQQ/9H579FzDmSxsXAaN2zm4SV87VbQ2J2haQ3avGq1/H5cU
OrhF14ArvX+npILu/pml/b41VyPQEDjC2rn+3Acu/pROxVzGQr4ZWCNSk6gY9qCq
zQVdkEldHmvdTvd5++McBwWXjETCkvkMDC3mYauGHyLJplpNDK9bVD6n3wnQjDpC
qLChcH7iwlerVnq3O4KwNUrCV4f4qk6UZiEgqbkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSSGpprLLmricBpBmA+nqL/VGBWzzAfBgNVHSMEGDAWgBTlvPwQd8+HaIj7
bHWy45SSMgXztTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzViejhFSGZQaDJpSS0yeDFzdU9Va2pJRjg3VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvZTA1ZTc3LTEyYWUtNGY1OS05NDkxLWNhZGQxMTI5Yzk4ZC8x
L2tocWFheXk1cTRuQWFRWmdQcDZpXzFSZ1ZzOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
ZTA1ZTc3LTEyYWUtNGY1OS05NDkxLWNhZGQxMTI5Yzk4ZC8xLzViejhFSGZQaDJp
SS0yeDFzdU9Va2pJRjg3VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALB0dTANBgkqhkiG9w0BAQsFAAOC
AQEAOKkH+u3p/Q7FxL1GZ0G+ae6HYwZ+IZPPl/GsIyawncVFpF1JunG6DWmBhPg+
P7q+MPZzT+VLsgjd9rjesfJA9wEkR0okaQ83CXfEnCuZQxH3+6o45o82hX3nlSwm
YJbzh5V7QA10gxc81oq7yXS36KPStkUCnsZZGnpfOFNY31h23qQBqOdAC9wWUnKW
lUpxf4MXISUr5tDOcL5xu8V+YVF++NDIKv31XQNMCQpd2NjMRYnTzIEOTXcMW1O0
WC8crgjxGGc6uPZ0jCbv3O+Qy+N+r8WJra8LVewrzdt0NftIIsjBtwoM6q/DAl/U
PW0e7NSBBZJfLQHxNx+UKFwB8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:22 2024 by rpki-client on console-ams.rpki-client.org