Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/5c15be-aef2-4c31-bfb4-31baf6eede8a/1/BuqivcDhQPyiLVB8vGwO8ZDkTKE.roa
File: BuqivcDhQPyiLVB8vGwO8ZDkTKE.roa (raw, json)
Hash identifier: FnopT0w9d72ksquAWPAmN7ic84tZp0x1DUY1aI6UZpk=
Subject key identifier: 06:EA:A2:BD:C0:E1:40:FC:A2:2D:50:7C:BC:6C:0E:F1:90:E4:4C:A1
Certificate issuer: /CN=279159ef22f82b936731664ee67c3b6ea96ef443
Certificate serial: 018C8E1DFA26B64F15C25150A6B29246AEB7
Authority key identifier: 27:91:59:EF:22:F8:2B:93:67:31:66:4E:E6:7C:3B:6E:A9:6E:F4:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J5FZ7yL4K5NnMWZO5nw7bqlu9EM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/5c15be-aef2-4c31-bfb4-31baf6eede8a/1/BuqivcDhQPyiLVB8vGwO8ZDkTKE.roa
Signing time: Thu 21 Dec 2023 20:42:58 +0000
ROA not before: Thu 21 Dec 2023 20:42:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43754
IP address blocks: 5.22.192.0/21 maxlen: 21
5.22.200.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8e:1d:fa:26:b6:4f:15:c2:51:50:a6:b2:92:46:ae:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279159ef22f82b936731664ee67c3b6ea96ef443
Validity
Not Before: Dec 21 20:42:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06eaa2bdc0e140fca22d507cbc6c0ef190e44ca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5e:16:00:41:f6:8f:3c:a9:ec:76:31:48:f7:
78:87:28:ce:53:93:ac:97:98:f8:e0:0e:1a:99:7f:
53:4a:c6:a5:86:55:99:b7:db:38:38:9c:22:6f:b1:
83:6d:eb:d7:8e:90:35:c2:6b:cd:80:44:8b:ba:31:
16:33:5d:8a:40:cf:d2:8a:a8:4f:4c:26:19:22:f1:
1c:e0:69:a9:6c:16:c2:f6:08:5e:04:91:ce:85:c5:
a2:5c:96:f1:ad:9d:bc:97:0f:0a:d0:12:21:ed:9f:
de:85:60:21:b2:68:49:66:fc:46:e0:02:d7:5a:77:
af:90:f4:8c:56:6d:14:2c:68:6f:51:5f:0c:9c:6f:
3a:26:07:2d:25:25:4e:0d:6c:2c:8c:be:e5:a1:98:
8c:87:d1:d7:80:eb:ff:f2:c7:45:ac:b1:8c:0f:39:
9e:8e:47:c1:00:11:44:3e:a6:90:08:e0:33:3e:68:
a1:d0:d2:a0:83:09:f8:3c:ad:e1:01:06:5c:df:d4:
6e:4b:98:97:b8:0b:13:6d:f5:5f:0d:4b:ff:c1:ff:
e5:76:be:b0:9c:ab:a3:e4:b4:d9:1c:32:5a:3a:a6:
70:e2:78:78:a0:fd:55:01:d6:eb:b7:c5:09:f3:1a:
f4:3b:09:83:fb:62:83:1f:a2:a1:42:cb:fd:f4:19:
02:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:EA:A2:BD:C0:E1:40:FC:A2:2D:50:7C:BC:6C:0E:F1:90:E4:4C:A1
X509v3 Authority Key Identifier:
keyid:27:91:59:EF:22:F8:2B:93:67:31:66:4E:E6:7C:3B:6E:A9:6E:F4:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J5FZ7yL4K5NnMWZO5nw7bqlu9EM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/5c15be-aef2-4c31-bfb4-31baf6eede8a/1/BuqivcDhQPyiLVB8vGwO8ZDkTKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/5c15be-aef2-4c31-bfb4-31baf6eede8a/1/J5FZ7yL4K5NnMWZO5nw7bqlu9EM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.192.0-5.22.203.255
Signature Algorithm: sha256WithRSAEncryption
52:b1:5f:0d:e7:47:98:7b:5d:4d:11:bd:18:5f:b3:13:d5:6e:
de:60:8d:d4:33:6f:2e:c4:20:44:ff:0b:43:11:7f:a5:3b:00:
aa:63:c9:71:86:80:7e:e4:a4:9a:69:30:56:32:2b:80:ee:bc:
9a:31:ae:8f:1a:ba:20:67:c9:52:41:e5:60:dd:57:47:14:92:
22:5c:71:87:f3:46:60:05:44:0a:ac:fa:1d:b0:e7:a8:af:1d:
11:b8:33:08:7f:b7:f7:45:f1:89:66:ba:0c:ef:62:5a:ce:74:
ae:0f:71:e8:04:2d:2f:be:48:51:62:63:52:4f:9c:db:62:fd:
b1:c6:b1:13:f7:26:1a:00:5c:74:ce:c9:20:2c:47:72:bc:bd:
05:c9:2e:a3:a9:19:1c:6b:71:77:20:ce:39:56:af:41:62:75:
22:dd:78:c1:5b:45:64:91:b8:f4:d6:de:1c:b4:3a:da:d2:ec:
b0:9c:76:c5:ee:be:45:84:c3:c5:10:82:0f:56:de:71:08:5f:
69:9f:d4:8c:68:36:3b:66:6b:0a:5c:77:ae:65:d0:c5:d1:a3:
72:73:dc:4d:08:4e:0a:c3:86:40:53:de:6c:46:ce:22:0d:33:
dc:f0:0d:59:e0:8c:80:7d:bc:2c:85:b8:df:9c:13:5e:8d:3e:
76:d7:55:3a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYyOHfomtk8VwlFQprKSRq63MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OTE1OWVmMjJmODJiOTM2NzMxNjY0ZWU2N2MzYjZlYTk2
ZWY0NDMwHhcNMjMxMjIxMjA0MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmVhYTJiZGMwZTE0MGZjYTIyZDUwN2NiYzZjMGVmMTkwZTQ0Y2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAml4WAEH2jzyp7HYxSPd4hyjOU5Os
l5j44A4amX9TSsalhlWZt9s4OJwib7GDbevXjpA1wmvNgESLujEWM12KQM/SiqhP
TCYZIvEc4GmpbBbC9gheBJHOhcWiXJbxrZ28lw8K0BIh7Z/ehWAhsmhJZvxG4ALX
WnevkPSMVm0ULGhvUV8MnG86JgctJSVODWwsjL7loZiMh9HXgOv/8sdFrLGMDzme
jkfBABFEPqaQCOAzPmih0NKggwn4PK3hAQZc39RuS5iXuAsTbfVfDUv/wf/ldr6w
nKuj5LTZHDJaOqZw4nh4oP1VAdbrt8UJ8xr0OwmD+2KDH6KhQsv99BkCowIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAbqor3A4UD8oi1QfLxsDvGQ5EyhMB8GA1UdIwQY
MBaAFCeRWe8i+CuTZzFmTuZ8O26pbvRDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjVGWjd5TDRLNU5uTVdaTzVudzdicWx1OUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS81YzE1YmUtYWVmMi00YzMxLWJmYjQt
MzFiYWY2ZWVkZThhLzEvQnVxaXZjRGhRUHlpTFZCOHZHd084WkRrVEtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS81YzE1YmUtYWVmMi00YzMxLWJmYjQtMzFiYWY2ZWVkZThh
LzEvSjVGWjd5TDRLNU5uTVdaTzVudzdicWx1OUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAYFFsAD
BAIFFsgwDQYJKoZIhvcNAQELBQADggEBAFKxXw3nR5h7XU0RvRhfsxPVbt5gjdQz
by7EIET/C0MRf6U7AKpjyXGGgH7kpJppMFYyK4DuvJoxro8auiBnyVJB5WDdV0cU
kiJccYfzRmAFRAqs+h2w56ivHRG4Mwh/t/dF8YlmugzvYlrOdK4PcegELS++SFFi
Y1JPnNti/bHGsRP3JhoAXHTOySAsR3K8vQXJLqOpGRxrcXcgzjlWr0FidSLdeMFb
RWSRuPTW3hy0OtrS7LCcdsXuvkWEw8UQgg9W3nEIX2mf1IxoNjtmawpcd65l0MXR
o3Jz3E0ITgrDhkBT3mxGziINM9zwDVngjIB9vCyFuN+cE16NPnbXVTo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:37 2024 by rpki-client on console-ams.rpki-client.org