Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/5c15be-aef2-4c31-bfb4-31baf6eede8a/1/fjBo4f4DhR_1lHV25T6riNB7mq8.roa
File: fjBo4f4DhR_1lHV25T6riNB7mq8.roa (raw, json)
Hash identifier: 5x/rj/hp4oGAtKg2Q55JOqsgrr6ImmRi8mM1oeEMtwQ=
Subject key identifier: 7E:30:68:E1:FE:03:85:1F:F5:94:75:76:E5:3E:AB:88:D0:7B:9A:AF
Certificate issuer: /CN=279159ef22f82b936731664ee67c3b6ea96ef443
Certificate serial: 0233EA24
Authority key identifier: 27:91:59:EF:22:F8:2B:93:67:31:66:4E:E6:7C:3B:6E:A9:6E:F4:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J5FZ7yL4K5NnMWZO5nw7bqlu9EM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/5c15be-aef2-4c31-bfb4-31baf6eede8a/1/fjBo4f4DhR_1lHV25T6riNB7mq8.roa
Signing time: Sat 01 Jan 2022 14:01:34 +0000
ROA not before: Sat 01 Jan 2022 14:01:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48289
IP address blocks: 5.22.192.0/21 maxlen: 21
5.22.200.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36956708 (0x233ea24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279159ef22f82b936731664ee67c3b6ea96ef443
Validity
Not Before: Jan 1 14:01:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e3068e1fe03851ff5947576e53eab88d07b9aaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7b:90:53:33:90:35:05:a0:d5:8a:9d:a0:51:
c7:ae:8b:c3:99:60:51:f4:00:0a:a6:1b:62:4a:b6:
20:f3:40:a6:c3:56:9a:51:7d:a4:a2:dd:6f:35:a4:
84:db:b4:1a:da:be:18:23:1f:b0:5e:6a:ed:dd:9c:
38:9a:68:3c:7d:dd:2c:e7:39:18:7f:68:86:e8:3e:
37:4b:15:6e:d6:84:02:f2:bf:66:94:20:84:e5:18:
fc:f1:64:dc:29:1d:24:12:0f:93:88:21:8c:b3:a2:
80:18:5f:1a:0e:6d:57:d5:b3:f5:1a:ef:64:e4:bc:
18:10:2f:a8:d9:21:2c:27:be:37:c7:b5:99:b9:b0:
ca:0c:d3:b4:b8:17:01:4c:32:6a:a1:db:fc:42:30:
e3:c5:3f:78:7c:7f:1b:47:79:35:45:d3:cb:4b:73:
e0:7f:03:3b:db:e7:a1:5d:33:75:fd:bf:4e:9e:78:
32:8a:e2:94:da:a9:20:64:d5:2b:f6:5a:86:e8:dd:
49:3d:e7:97:a3:c1:d2:1f:26:19:61:7f:e4:3c:49:
94:04:d9:c4:f5:87:f5:10:54:aa:02:e1:a4:ff:46:
5b:fc:a9:cd:c3:c7:f3:df:55:8e:9f:1f:d0:03:d0:
82:7c:31:3e:cf:75:12:cc:84:87:59:93:21:bf:d9:
14:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:30:68:E1:FE:03:85:1F:F5:94:75:76:E5:3E:AB:88:D0:7B:9A:AF
X509v3 Authority Key Identifier:
keyid:27:91:59:EF:22:F8:2B:93:67:31:66:4E:E6:7C:3B:6E:A9:6E:F4:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J5FZ7yL4K5NnMWZO5nw7bqlu9EM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/5c15be-aef2-4c31-bfb4-31baf6eede8a/1/fjBo4f4DhR_1lHV25T6riNB7mq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/5c15be-aef2-4c31-bfb4-31baf6eede8a/1/J5FZ7yL4K5NnMWZO5nw7bqlu9EM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.192.0-5.22.203.255
Signature Algorithm: sha256WithRSAEncryption
7e:d2:e3:42:0a:ef:77:b1:9e:81:64:b1:03:b4:62:d7:fe:1f:
6d:aa:09:c5:6d:92:4f:7e:9a:30:cb:4b:0d:c8:a2:f2:29:c0:
46:c9:ff:df:df:52:13:7f:2e:4e:cf:85:9b:8a:98:9c:76:d6:
25:08:23:4a:ed:96:c3:02:e0:06:53:44:e4:43:08:4b:94:50:
ef:68:d7:01:58:c3:87:b2:72:42:60:87:13:8b:13:75:6d:c3:
d5:81:e6:a9:80:ba:d9:df:d0:83:45:34:79:99:47:36:ed:f5:
bb:3e:aa:fc:da:98:2b:d6:f8:86:b1:40:6d:81:13:56:c0:5f:
32:ad:e7:a7:94:2c:d0:a9:a6:1a:e4:b8:02:20:29:41:ca:18:
9f:3f:a5:03:ad:b2:09:e3:da:5a:2a:87:05:bb:ef:90:d0:6f:
94:db:2d:b8:6a:c3:2a:44:8f:15:0c:e5:5f:03:85:43:e2:eb:
90:f3:b6:41:b9:80:ff:95:db:8e:05:c8:6e:1e:16:8d:47:32:
1d:1e:4c:9f:df:95:ea:e4:ce:6a:fb:c2:33:ba:bc:e5:4a:b7:
df:63:9a:3e:34:e4:02:4b:32:66:36:c1:f3:03:ce:f1:3f:c2:
79:81:32:eb:ce:5a:95:88:17:4f:80:d0:bb:53:f9:5b:8d:ac:
35:84:76:b4
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAjPqJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NzkxNTllZjIyZjgyYjkzNjczMTY2NGVlNjdjM2I2ZWE5NmVmNDQzMB4XDTIyMDEw
MTE0MDEzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2UzMDY4ZTFmZTAz
ODUxZmY1OTQ3NTc2ZTUzZWFiODhkMDdiOWFhZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJ7kFMzkDUFoNWKnaBRx66Lw5lgUfQACqYbYkq2IPNApsNW
mlF9pKLdbzWkhNu0Gtq+GCMfsF5q7d2cOJpoPH3dLOc5GH9ohug+N0sVbtaEAvK/
ZpQghOUY/PFk3CkdJBIPk4ghjLOigBhfGg5tV9Wz9RrvZOS8GBAvqNkhLCe+N8e1
mbmwygzTtLgXAUwyaqHb/EIw48U/eHx/G0d5NUXTy0tz4H8DO9vnoV0zdf2/Tp54
MorilNqpIGTVK/ZahujdST3nl6PB0h8mGWF/5DxJlATZxPWH9RBUqgLhpP9GW/yp
zcPH899Vjp8f0APQgnwxPs91EsyEh1mTIb/ZFNUCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBR+MGjh/gOFH/WUdXblPquI0HuarzAfBgNVHSMEGDAWgBQnkVnvIvgrk2cx
Zk7mfDtuqW70QzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0o1Rlo3eUw0SzVObk1XWk81bnc3YnFsdTlFTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvNWMxNWJlLWFlZjItNGMzMS1iZmI0LTMxYmFmNmVlZGU4YS8x
L2ZqQm80ZjREaFJfMWxIVjI1VDZyaU5CN21xOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
NWMxNWJlLWFlZjItNGMzMS1iZmI0LTMxYmFmNmVlZGU4YS8xL0o1Rlo3eUw0SzVO
bk1XWk81bnc3YnFsdTlFTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQGBRbAAwQCBRbIMA0GCSqGSIb3
DQEBCwUAA4IBAQB+0uNCCu93sZ6BZLEDtGLX/h9tqgnFbZJPfpowy0sNyKLyKcBG
yf/f31ITfy5Oz4WbipicdtYlCCNK7ZbDAuAGU0TkQwhLlFDvaNcBWMOHsnJCYIcT
ixN1bcPVgeapgLrZ39CDRTR5mUc27fW7Pqr82pgr1viGsUBtgRNWwF8yreenlCzQ
qaYa5LgCIClByhifP6UDrbIJ49paKocFu++Q0G+U2y24asMqRI8VDOVfA4VD4uuQ
87ZBuYD/lduOBchuHhaNRzIdHkyf35Xq5M5q+8IzurzlSrffY5o+NOQCSzJmNsHz
A87xP8J5gTLrzlqViBdPgNC7U/lbjaw1hHa0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:16 2024 by rpki-client on console-fra.rpki-client.org