Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/hQ1ekALNC5YAeQ0_xGMVFCKTcUQ.roa
File: hQ1ekALNC5YAeQ0_xGMVFCKTcUQ.roa (raw, json)
Hash identifier: mxLK2iw4aN4GE8mPydGukl6egxg+UEuJOGrmSOb2Cjs=
Subject key identifier: 85:0D:5E:90:02:CD:0B:96:00:79:0D:3F:C4:63:15:14:22:93:71:44
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 391675CE
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/hQ1ekALNC5YAeQ0_xGMVFCKTcUQ.roa
Signing time: Thu 21 Apr 2022 21:14:28 +0000
ROA not before: Thu 21 Apr 2022 21:14:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 87.251.29.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 957773262 (0x391675ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Apr 21 21:14:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=850d5e9002cd0b9600790d3fc463151422937144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:34:40:a7:7a:49:ab:6a:d7:27:19:2c:7a:a5:
da:f8:0a:e0:31:0d:5d:a4:93:1e:c9:3a:e6:45:65:
36:ba:68:d6:9e:c3:d9:06:06:bf:64:34:b6:bc:4b:
c5:55:43:6d:39:25:cf:a4:11:3b:6f:42:82:74:83:
62:c2:8b:ca:14:76:b4:9b:86:91:03:1f:f9:45:df:
d4:15:b0:06:5a:7e:1c:c6:a7:47:e8:19:4a:fe:83:
6f:f0:cd:d9:2e:56:c3:a4:93:59:7c:c8:92:80:5f:
af:f1:c9:5b:b2:ec:35:16:a5:9c:c1:34:7f:e0:7f:
bb:36:cc:81:21:98:21:1e:7e:3a:03:26:30:53:84:
87:55:04:74:1d:2f:64:77:a9:07:4f:f0:db:c7:87:
83:eb:10:00:f7:1c:5b:55:99:b3:ce:e8:79:01:8e:
b7:a1:a6:c7:0d:86:54:5a:09:c0:37:67:71:c9:d9:
da:06:bd:2d:84:0c:b4:f6:4c:ad:09:3f:7c:ad:31:
74:ea:4e:1e:93:94:5f:3f:8f:ac:98:a3:12:bf:d8:
52:bd:8c:1a:9a:e6:65:da:f1:90:7d:0c:0d:93:10:
6a:01:68:b3:db:89:b5:46:c3:30:56:0b:df:c4:93:
a6:1d:14:6b:a3:9f:b2:90:5f:7d:05:a0:6a:86:4c:
f9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:0D:5E:90:02:CD:0B:96:00:79:0D:3F:C4:63:15:14:22:93:71:44
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/hQ1ekALNC5YAeQ0_xGMVFCKTcUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.251.29.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:d0:56:10:3f:e7:a5:fb:ad:fe:e2:16:f7:ba:09:ad:55:a2:
a4:bc:8a:77:ca:5a:96:4a:f7:77:e7:64:85:5d:f2:6c:c6:23:
13:42:f3:71:56:d3:31:3f:d6:70:47:fa:ca:d9:47:a9:55:57:
6d:c3:7b:51:84:e8:51:44:4b:a0:45:2c:41:a8:e1:1d:9e:1c:
1f:a8:a5:46:9e:8d:4c:23:59:35:55:98:e3:05:05:26:ad:6d:
71:1b:5c:ca:dd:32:b6:c5:4c:0f:c8:d4:92:15:03:a3:c2:b8:
2e:d7:00:ed:9e:7e:93:26:db:7e:38:ca:27:6a:7b:20:88:86:
dd:da:92:b6:14:a4:6a:69:d7:74:b2:22:6c:e0:f2:90:68:59:
f4:94:5c:cd:ef:31:5f:50:42:e2:c5:ee:e4:00:42:b8:2c:f1:
b5:83:07:a6:47:ff:96:26:70:af:b8:eb:a9:ee:72:93:4e:8d:
68:d5:cb:aa:88:4e:b6:10:2f:aa:0b:94:c9:fd:a0:88:93:42:
42:5e:c9:91:b6:a5:9c:aa:a9:2b:b1:39:19:26:26:d1:2b:e9:
82:cf:db:e5:e6:37:e4:4e:31:a6:67:75:79:05:10:31:96:81:
00:c9:01:7e:42:97:f9:91:04:8c:cc:d8:1e:ca:94:05:d3:b6:
3f:e7:32:4f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEORZ1zjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTAxODE1YzZmOThmM2EyYjYxODRhZmViZjE4ZWEzNDFiZTg4MmVhMB4XDTIyMDQy
MTIxMTQyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODUwZDVlOTAwMmNk
MGI5NjAwNzkwZDNmYzQ2MzE1MTQyMjkzNzE0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALE0QKd6Satq1ycZLHql2vgK4DENXaSTHsk65kVlNrpo1p7D
2QYGv2Q0trxLxVVDbTklz6QRO29CgnSDYsKLyhR2tJuGkQMf+UXf1BWwBlp+HMan
R+gZSv6Db/DN2S5Ww6STWXzIkoBfr/HJW7LsNRalnME0f+B/uzbMgSGYIR5+OgMm
MFOEh1UEdB0vZHepB0/w28eHg+sQAPccW1WZs87oeQGOt6Gmxw2GVFoJwDdnccnZ
2ga9LYQMtPZMrQk/fK0xdOpOHpOUXz+PrJijEr/YUr2MGprmZdrxkH0MDZMQagFo
s9uJtUbDMFYL38STph0Ua6OfspBffQWgaoZM+WsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSFDV6QAs0LlgB5DT/EYxUUIpNxRDAfBgNVHSMEGDAWgBTlAYFcb5jzorYY
Sv6/GOo0G+iC6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVRR0JYRy1ZODZLMkdFci12eGpxTkJ2b2d1by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvNWIwMjIyLWVkNjQtNGY1NS1iNDViLTAwNTlmNzM3ZWYwNS8x
L2hRMWVrQUxOQzVZQWVRMF94R01WRkNLVGNVUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
NWIwMjIyLWVkNjQtNGY1NS1iNDViLTAwNTlmNzM3ZWYwNS8xLzVRR0JYRy1ZODZL
MkdFci12eGpxTkJ2b2d1by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFf7HTANBgkqhkiG9w0BAQsFAAOC
AQEArNBWED/npfut/uIW97oJrVWipLyKd8palkr3d+dkhV3ybMYjE0LzcVbTMT/W
cEf6ytlHqVVXbcN7UYToUURLoEUsQajhHZ4cH6ilRp6NTCNZNVWY4wUFJq1tcRtc
yt0ytsVMD8jUkhUDo8K4LtcA7Z5+kybbfjjKJ2p7IIiG3dqSthSkamnXdLIibODy
kGhZ9JRcze8xX1BC4sXu5ABCuCzxtYMHpkf/liZwr7jrqe5yk06NaNXLqohOthAv
qguUyf2giJNCQl7JkbalnKqpK7E5GSYm0Svpgs/b5eY35E4xpmd1eQUQMZaBAMkB
fkKX+ZEEjMzYHsqUBdO2P+cyTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:31 2024 by rpki-client on console-fra.rpki-client.org