Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/9e22a2-9365-4956-8e66-ce4f25ace252/1/tKrIL1iKYlk5JIAFDqORekCHrpU.roa
File: tKrIL1iKYlk5JIAFDqORekCHrpU.roa (raw, json)
Hash identifier: wIB1c42NM3LCj4BgPJU+oOSI4RxecPDwrtwGG+8YO0c=
Subject key identifier: B4:AA:C8:2F:58:8A:62:59:39:24:80:05:0E:A3:91:7A:40:87:AE:95
Certificate issuer: /CN=27ce1e9a6522616ab30b0f123e09d305a82304af
Certificate serial: 01875A95D8BE4E38C8F62176C86FF6D5853D
Authority key identifier: 27:CE:1E:9A:65:22:61:6A:B3:0B:0F:12:3E:09:D3:05:A8:23:04:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J84emmUiYWqzCw8SPgnTBagjBK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/9e22a2-9365-4956-8e66-ce4f25ace252/1/tKrIL1iKYlk5JIAFDqORekCHrpU.roa
Signing time: Fri 07 Apr 2023 07:19:42 +0000
ROA not before: Fri 07 Apr 2023 07:19:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200156
IP address blocks: 5.154.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5a:95:d8:be:4e:38:c8:f6:21:76:c8:6f:f6:d5:85:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27ce1e9a6522616ab30b0f123e09d305a82304af
Validity
Not Before: Apr 7 07:19:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4aac82f588a6259392480050ea3917a4087ae95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:46:09:bc:21:4a:b1:15:db:82:16:47:8a:70:
6f:9c:68:11:a1:82:22:9b:5e:04:e9:e0:7a:a8:f1:
a9:ec:79:dd:8f:ad:60:21:9f:7f:ec:bb:f1:d7:b4:
50:1f:a9:64:72:45:64:57:4f:c3:54:44:24:49:be:
e8:50:ce:b8:fd:ce:f0:a8:f0:ac:49:85:d7:b5:c1:
ef:63:64:4c:66:1d:18:93:40:fa:97:2f:c1:07:fe:
58:6a:e1:86:7d:6c:7a:df:01:6a:42:88:4c:57:2a:
54:a0:c2:9a:f8:ac:5f:99:e8:b1:de:6f:b0:10:70:
ab:33:fe:1d:ba:e9:8c:9d:e2:db:ef:9b:55:05:35:
8a:41:ff:49:41:76:7e:ac:5b:a4:28:c6:2d:1f:e8:
fe:84:24:3b:d8:5d:16:21:eb:cb:f7:a6:c7:26:5c:
54:41:23:df:a2:e6:1e:b3:a2:2e:36:43:a7:d2:53:
c1:12:e6:b5:74:17:12:d9:47:6d:e1:6c:bf:02:1a:
80:92:50:be:37:0d:6e:4f:84:79:4f:46:5e:df:40:
3f:ee:c9:15:55:2d:86:50:36:5f:4c:b6:95:18:5d:
92:e3:b5:77:bc:9b:9a:54:96:b8:95:e2:71:d2:63:
24:e4:cd:e3:5a:ba:72:b9:ee:c2:23:13:a6:de:24:
6e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:AA:C8:2F:58:8A:62:59:39:24:80:05:0E:A3:91:7A:40:87:AE:95
X509v3 Authority Key Identifier:
keyid:27:CE:1E:9A:65:22:61:6A:B3:0B:0F:12:3E:09:D3:05:A8:23:04:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J84emmUiYWqzCw8SPgnTBagjBK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/9e22a2-9365-4956-8e66-ce4f25ace252/1/tKrIL1iKYlk5JIAFDqORekCHrpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/9e22a2-9365-4956-8e66-ce4f25ace252/1/J84emmUiYWqzCw8SPgnTBagjBK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.238.0/24
Signature Algorithm: sha256WithRSAEncryption
39:8a:85:b4:af:25:38:5f:32:8c:a0:9f:54:00:fe:80:b4:3a:
ca:6d:68:c5:88:a7:3b:29:24:64:83:2f:45:3e:9f:5b:7c:3f:
92:ee:29:63:6c:1f:9c:65:8a:8c:53:0e:36:f3:c9:17:3f:e1:
5f:1d:05:b7:bb:1e:0d:86:75:d0:de:50:70:ce:2b:e6:14:17:
e4:1c:de:12:4b:ac:96:ed:db:56:d5:db:d6:b5:d2:52:30:fc:
8c:e7:16:19:08:31:de:36:26:37:a1:d9:48:ee:68:a9:f3:a1:
58:c1:81:f4:0c:28:45:e5:fc:85:d8:94:05:31:cf:51:df:59:
f2:52:39:c8:cf:1b:eb:8b:c4:5b:0f:08:c9:40:6f:27:51:ad:
65:4e:b6:6c:70:9d:5b:fe:9b:51:24:85:77:66:4f:f1:9e:f7:
ce:79:3c:74:b8:27:7e:2a:39:23:95:56:74:c6:a4:41:ba:f9:
b5:c3:1d:12:98:17:35:c1:6e:85:e1:78:05:b3:aa:97:86:0e:
63:c9:f5:9a:89:2c:e6:29:f4:c4:1c:dc:69:9f:21:12:2b:6a:
14:e6:8f:3e:e9:ea:33:84:73:81:5e:47:e2:d7:54:cb:68:43:
a0:8d:00:b9:3f:e0:90:59:59:ed:73:41:2d:bf:5d:ad:54:a9:
4d:f0:f7:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdaldi+TjjI9iF2yG/21YU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3Y2UxZTlhNjUyMjYxNmFiMzBiMGYxMjNlMDlkMzA1YTgy
MzA0YWYwHhcNMjMwNDA3MDcxOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGFhYzgyZjU4OGE2MjU5MzkyNDgwMDUwZWEzOTE3YTQwODdhZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkYJvCFKsRXbghZHinBvnGgRoYIi
m14E6eB6qPGp7Hndj61gIZ9/7Lvx17RQH6lkckVkV0/DVEQkSb7oUM64/c7wqPCs
SYXXtcHvY2RMZh0Yk0D6ly/BB/5YauGGfWx63wFqQohMVypUoMKa+Kxfmeix3m+w
EHCrM/4duumMneLb75tVBTWKQf9JQXZ+rFukKMYtH+j+hCQ72F0WIevL96bHJlxU
QSPfouYes6IuNkOn0lPBEua1dBcS2Udt4Wy/AhqAklC+Nw1uT4R5T0Ze30A/7skV
VS2GUDZfTLaVGF2S47V3vJuaVJa4leJx0mMk5M3jWrpyue7CIxOm3iRuAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSqyC9YimJZOSSABQ6jkXpAh66VMB8GA1UdIwQY
MBaAFCfOHpplImFqswsPEj4J0wWoIwSvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjg0ZW1tVWlZV3F6Q3c4U1BnblRCYWdqQks4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC85ZTIyYTItOTM2NS00OTU2LThlNjYt
Y2U0ZjI1YWNlMjUyLzEvdEtySUwxaUtZbGs1SklBRkRxT1Jla0NIcnBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC85ZTIyYTItOTM2NS00OTU2LThlNjYtY2U0ZjI1YWNlMjUy
LzEvSjg0ZW1tVWlZV3F6Q3c4U1BnblRCYWdqQks4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZruMA0G
CSqGSIb3DQEBCwUAA4IBAQA5ioW0ryU4XzKMoJ9UAP6AtDrKbWjFiKc7KSRkgy9F
Pp9bfD+S7iljbB+cZYqMUw4288kXP+FfHQW3ux4NhnXQ3lBwzivmFBfkHN4SS6yW
7dtW1dvWtdJSMPyM5xYZCDHeNiY3odlI7mip86FYwYH0DChF5fyF2JQFMc9R31ny
UjnIzxvri8RbDwjJQG8nUa1lTrZscJ1b/ptRJIV3Zk/xnvfOeTx0uCd+KjkjlVZ0
xqRBuvm1wx0SmBc1wW6F4XgFs6qXhg5jyfWaiSzmKfTEHNxpnyESK2oU5o8+6eoz
hHOBXkfi11TLaEOgjQC5P+CQWVntc0Etv12tVKlN8PfK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:10 2024 by rpki-client on console-fra.rpki-client.org