Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/1954a6-da23-4952-9c09-024868ffd315/1/z0rsiFMzxqAppcgUwNqwbJXe2aM.roa
File: z0rsiFMzxqAppcgUwNqwbJXe2aM.roa (raw, json)
Hash identifier: I/a+s3CRC+lwU49eXUNgkb8ZidLI/SA5AkpXkajlLqI=
Subject key identifier: CF:4A:EC:88:53:33:C6:A0:29:A5:C8:14:C0:DA:B0:6C:95:DE:D9:A3
Certificate issuer: /CN=baaba2a56a0c30fdaf5934af8765c1ffd1357a48
Certificate serial: 08D76802
Authority key identifier: BA:AB:A2:A5:6A:0C:30:FD:AF:59:34:AF:87:65:C1:FF:D1:35:7A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uquipWoMMP2vWTSvh2XB_9E1ekg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/1954a6-da23-4952-9c09-024868ffd315/1/z0rsiFMzxqAppcgUwNqwbJXe2aM.roa
Signing time: Sat 01 Jan 2022 15:04:14 +0000
ROA not before: Sat 01 Jan 2022 15:04:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209146
IP address blocks: 5.180.56.0/22 maxlen: 23
2a09:ff40::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148334594 (0x8d76802)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaba2a56a0c30fdaf5934af8765c1ffd1357a48
Validity
Not Before: Jan 1 15:04:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf4aec885333c6a029a5c814c0dab06c95ded9a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:95:51:46:6f:9a:66:9d:44:35:5b:20:08:7f:
9d:9b:fd:8d:59:b6:9f:68:a3:43:a2:46:83:a6:45:
fb:4f:24:41:71:34:e2:62:e6:1b:f4:35:5f:93:bf:
5c:38:a1:87:c5:50:f1:c7:98:9b:f7:62:0b:eb:99:
02:bb:67:e7:59:26:5f:7c:f6:d3:80:e0:e6:77:99:
b9:83:5e:22:ea:eb:a5:d6:da:a2:ef:11:fe:38:53:
69:d0:84:e1:b6:2e:60:2e:84:54:b5:2a:18:2e:79:
a2:c5:3b:aa:49:fe:d1:c1:68:70:45:64:fa:1a:fd:
81:48:67:98:07:1e:53:58:06:24:ed:3e:3e:23:4d:
d5:05:c2:23:e6:dc:83:6d:fe:c4:26:e8:b5:7f:2f:
48:a9:4d:4e:26:38:c9:28:ae:e3:b6:ef:c3:82:66:
21:38:6c:02:d3:e3:ed:e7:4f:a1:08:8e:39:f7:57:
c4:9b:45:fa:5f:50:0e:aa:cf:a2:20:01:9c:8d:43:
c0:d1:2f:44:cb:97:9d:ec:91:d5:9b:f8:f9:52:cb:
b4:52:e0:06:9c:5a:33:a1:a9:8c:38:b4:26:d5:27:
e2:c6:91:4c:8e:ad:57:ef:b7:a3:78:99:ac:4f:87:
bf:10:06:ae:13:d7:5c:8a:f4:24:70:a4:43:fe:56:
c5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:4A:EC:88:53:33:C6:A0:29:A5:C8:14:C0:DA:B0:6C:95:DE:D9:A3
X509v3 Authority Key Identifier:
keyid:BA:AB:A2:A5:6A:0C:30:FD:AF:59:34:AF:87:65:C1:FF:D1:35:7A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uquipWoMMP2vWTSvh2XB_9E1ekg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/1954a6-da23-4952-9c09-024868ffd315/1/z0rsiFMzxqAppcgUwNqwbJXe2aM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/1954a6-da23-4952-9c09-024868ffd315/1/uquipWoMMP2vWTSvh2XB_9E1ekg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.56.0/22
IPv6:
2a09:ff40::/32
Signature Algorithm: sha256WithRSAEncryption
55:6f:d9:5e:77:1f:79:cc:8f:78:bb:86:98:49:6a:46:90:3b:
34:6f:40:a3:84:b2:86:30:45:da:53:d6:fb:36:49:57:96:3d:
aa:e4:25:8a:0c:60:20:be:7a:ce:00:1b:01:24:30:7e:8f:9a:
dc:e1:1e:29:80:7e:8a:3b:c4:6f:69:f6:f7:5e:af:17:2e:57:
e9:2d:17:51:6d:ac:fb:10:21:5f:0e:e8:8a:87:92:e3:16:5d:
71:bd:d6:ad:ab:37:73:6d:1f:ce:b8:06:dd:e1:b8:f6:03:5c:
d5:19:f1:83:38:fa:79:23:e7:6f:b9:4d:16:66:a7:97:b2:ae:
0f:8f:8a:1f:18:a4:b3:87:a5:85:75:a9:fb:c2:f5:c9:8a:52:
ee:13:02:64:a5:6e:77:d1:c3:c8:76:2b:63:2e:dc:9e:82:5e:
a7:1f:e1:28:07:4a:e7:b6:10:9c:fe:2a:a3:87:a0:f8:e9:c5:
d5:8b:2b:49:6b:45:f2:c6:4e:23:86:9d:49:8c:ad:e8:2c:f1:
9d:e9:7e:ac:2b:e0:e4:b9:84:5e:28:57:25:9b:84:8c:fe:0a:
9e:d1:e5:b7:15:0b:c4:55:53:d9:c3:53:b1:65:e9:50:07:8f:
df:a0:93:db:46:c5:38:ab:a7:d8:c0:f8:af:9f:8d:8f:33:e5:
c9:0f:1a:53
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECNdoAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YWFiYTJhNTZhMGMzMGZkYWY1OTM0YWY4NzY1YzFmZmQxMzU3YTQ4MB4XDTIyMDEw
MTE1MDQxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2Y0YWVjODg1MzMz
YzZhMDI5YTVjODE0YzBkYWIwNmM5NWRlZDlhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJeVUUZvmmadRDVbIAh/nZv9jVm2n2ijQ6JGg6ZF+08kQXE0
4mLmG/Q1X5O/XDihh8VQ8ceYm/diC+uZArtn51kmX3z204Dg5neZuYNeIurrpdba
ou8R/jhTadCE4bYuYC6EVLUqGC55osU7qkn+0cFocEVk+hr9gUhnmAceU1gGJO0+
PiNN1QXCI+bcg23+xCbotX8vSKlNTiY4ySiu47bvw4JmIThsAtPj7edPoQiOOfdX
xJtF+l9QDqrPoiABnI1DwNEvRMuXneyR1Zv4+VLLtFLgBpxaM6GpjDi0JtUn4saR
TI6tV++3o3iZrE+HvxAGrhPXXIr0JHCkQ/5WxVsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTPSuyIUzPGoCmlyBTA2rBsld7ZozAfBgNVHSMEGDAWgBS6q6Klagww/a9Z
NK+HZcH/0TV6SDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VxdWlwV29NTVAydldUU3ZoMlhCXzlFMWVrZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvMTk1NGE2LWRhMjMtNDk1Mi05YzA5LTAyNDg2OGZmZDMxNS8x
L3owcnNpRk16eHFBcHBjZ1V3TnF3YkpYZTJhTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
MTk1NGE2LWRhMjMtNDk1Mi05YzA5LTAyNDg2OGZmZDMxNS8xL3VxdWlwV29NTVAy
dldUU3ZoMlhCXzlFMWVrZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAgW0ODANBAIAAjAHAwUAKgn/QDAN
BgkqhkiG9w0BAQsFAAOCAQEAVW/ZXncfecyPeLuGmElqRpA7NG9Ao4SyhjBF2lPW
+zZJV5Y9quQligxgIL56zgAbASQwfo+a3OEeKYB+ijvEb2n2916vFy5X6S0XUW2s
+xAhXw7oioeS4xZdcb3Wras3c20fzrgG3eG49gNc1Rnxgzj6eSPnb7lNFmanl7Ku
D4+KHxiks4elhXWp+8L1yYpS7hMCZKVud9HDyHYrYy7cnoJepx/hKAdK57YQnP4q
o4eg+OnF1YsrSWtF8sZOI4adSYyt6Czxnel+rCvg5LmEXihXJZuEjP4KntHltxUL
xFVT2cNTsWXpUAeP36CT20bFOKun2MD4r5+NjzPlyQ8aUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:56 2024 by rpki-client on console-ams.rpki-client.org