Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/6kNzasx-vgob6kDaJc1TiU-32lI.roa
File: 6kNzasx-vgob6kDaJc1TiU-32lI.roa (raw, json)
Hash identifier: t83x/Shwr5wUWEUWZ1dPxhqy7QUSlcFZONwcQ4HIfSQ=
Subject key identifier: EA:43:73:6A:CC:7E:BE:0A:1B:EA:40:DA:25:CD:53:89:4F:B7:DA:52
Certificate issuer: /CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Certificate serial: 354A1437
Authority key identifier: E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/6kNzasx-vgob6kDaJc1TiU-32lI.roa
Signing time: Sat 01 Jan 2022 09:54:47 +0000
ROA not before: Sat 01 Jan 2022 09:54:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211610
IP address blocks: 5.153.172.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 894047287 (0x354a1437)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Validity
Not Before: Jan 1 09:54:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ea43736acc7ebe0a1bea40da25cd53894fb7da52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:19:07:c9:3a:7b:b6:0f:8b:51:63:5f:81:c3:
8d:7c:13:10:c4:13:26:9d:0d:a2:b4:e3:1f:b8:8c:
4f:d2:72:d9:ad:56:af:ff:24:3f:0b:5e:e9:f2:cb:
04:f3:6e:d2:52:d2:cf:54:76:4a:9c:79:97:0f:65:
4f:0b:7a:f4:98:45:d5:9e:31:61:ef:f8:6e:92:73:
9b:93:7a:71:85:0f:4d:74:b6:7b:0f:32:58:94:e4:
e4:eb:13:85:9b:88:6b:c2:ce:a2:08:0c:c7:dc:c3:
cb:49:0e:04:3f:ce:4b:ab:2f:25:5f:93:97:06:59:
2e:1f:2c:41:ed:31:17:5d:9f:39:fb:44:1a:16:d0:
3a:f3:c0:22:a8:b1:a7:ae:21:8e:9d:3f:3e:43:48:
89:32:5a:b3:e0:ca:78:89:2b:2b:33:5f:1f:7b:f6:
87:83:34:f9:9d:3d:9f:35:f7:f8:42:97:3d:e7:52:
a0:22:9f:b6:f2:0f:f6:39:8c:c5:48:32:56:8b:2c:
90:73:11:6f:df:41:fa:e1:48:93:d5:04:f2:0e:23:
ac:b3:d3:d4:3b:f5:1b:5c:e5:d3:a7:e5:22:24:f7:
d1:d2:1b:3c:6b:94:ce:26:4d:f3:14:c6:12:ec:14:
2d:a2:63:ba:94:6b:a4:7c:84:62:0b:81:e6:be:29:
e3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:43:73:6A:CC:7E:BE:0A:1B:EA:40:DA:25:CD:53:89:4F:B7:DA:52
X509v3 Authority Key Identifier:
keyid:E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/6kNzasx-vgob6kDaJc1TiU-32lI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/59eZrg792Ybd53-zWtChCCPLly8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.172.0/24
Signature Algorithm: sha256WithRSAEncryption
95:7b:ef:43:1c:1d:05:d2:30:9a:4d:af:b2:16:71:fb:7d:e8:
33:84:b5:9a:1d:2d:2f:3b:39:c2:fe:f6:cd:95:9c:c3:60:c8:
8a:54:c2:2c:47:aa:b7:83:b5:ac:d3:02:ff:de:3a:8a:4f:06:
34:39:f9:77:df:48:81:99:9e:79:f1:6c:9f:40:f2:94:e9:aa:
d9:98:40:14:65:05:e2:45:23:6b:75:f5:67:9e:9f:2a:5e:58:
43:c3:e7:ca:60:6d:c5:83:bb:34:55:53:ba:b6:57:5e:26:68:
98:ef:d1:88:6a:72:cb:f5:1c:f3:3d:7a:3b:f1:df:a0:b3:55:
fe:3d:67:3c:10:48:3c:3f:26:b8:9d:bb:9f:55:f8:75:6a:68:
fb:7f:96:5d:f1:04:e5:8a:18:ee:fd:e7:05:6a:a2:3f:1f:14:
fc:4d:b6:66:75:e6:dc:c9:5c:3d:6d:99:76:ed:dd:45:39:7f:
f3:61:39:34:27:a8:42:d4:a6:0a:ce:56:96:10:a5:35:04:c9:
26:33:6a:a4:9c:f2:7a:a9:17:52:d4:8c:87:9d:dc:a9:7b:62:
f1:ed:e4:95:4c:a5:ed:d2:18:4c:98:23:60:b4:10:c8:8b:c6:
99:e2:67:bd:c3:c2:d4:4d:4c:d0:76:66:d1:3d:60:fa:66:e9:
4d:4b:ac:e3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENUoUNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2Q3OTlhZTBlZmRkOTg2ZGRlNzdmYjM1YWQwYTEwODIzY2I5NzJmMB4XDTIyMDEw
MTA5NTQ0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWE0MzczNmFjYzdl
YmUwYTFiZWE0MGRhMjVjZDUzODk0ZmI3ZGE1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQZB8k6e7YPi1FjX4HDjXwTEMQTJp0NorTjH7iMT9Jy2a1W
r/8kPwte6fLLBPNu0lLSz1R2Spx5lw9lTwt69JhF1Z4xYe/4bpJzm5N6cYUPTXS2
ew8yWJTk5OsThZuIa8LOoggMx9zDy0kOBD/OS6svJV+TlwZZLh8sQe0xF12fOftE
GhbQOvPAIqixp64hjp0/PkNIiTJas+DKeIkrKzNfH3v2h4M0+Z09nzX3+EKXPedS
oCKftvIP9jmMxUgyVosskHMRb99B+uFIk9UE8g4jrLPT1Dv1G1zl06flIiT30dIb
PGuUziZN8xTGEuwULaJjupRrpHyEYguB5r4p49ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTqQ3NqzH6+ChvqQNolzVOJT7faUjAfBgNVHSMEGDAWgBTn15muDv3Zht3n
f7Na0KEII8uXLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU5ZVpyZzc5MlliZDUzLXpXdENoQ0NQTGx5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvMTEwODFiLTRlZjktNGUyZi04MTUzLTI4NzkzNzk0MGQ3Yi8x
LzZrTnphc3gtdmdvYjZrRGFKYzFUaVUtMzJsSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
MTEwODFiLTRlZjktNGUyZi04MTUzLTI4NzkzNzk0MGQ3Yi8xLzU5ZVpyZzc5Mlli
ZDUzLXpXdENoQ0NQTGx5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAWZrDANBgkqhkiG9w0BAQsFAAOC
AQEAlXvvQxwdBdIwmk2vshZx+33oM4S1mh0tLzs5wv72zZWcw2DIilTCLEeqt4O1
rNMC/946ik8GNDn5d99IgZmeefFsn0DylOmq2ZhAFGUF4kUja3X1Z56fKl5YQ8Pn
ymBtxYO7NFVTurZXXiZomO/RiGpyy/Uc8z16O/HfoLNV/j1nPBBIPD8muJ27n1X4
dWpo+3+WXfEE5YoY7v3nBWqiPx8U/E22ZnXm3MlcPW2Zdu3dRTl/82E5NCeoQtSm
Cs5WlhClNQTJJjNqpJzyeqkXUtSMh53cqXti8e3klUyl7dIYTJgjYLQQyIvGmeJn
vcPC1E1M0HZm0T1g+mbpTUus4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:44 2024 by rpki-client on console-fra.rpki-client.org