Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/3cKb9Vb840u9lvLTundKpMpxGks.roa
File: 3cKb9Vb840u9lvLTundKpMpxGks.roa (raw, json)
Hash identifier: jwrwskWbS47G9+541P+Ibk0CJeP02aqFvLInb6caVz4=
Subject key identifier: DD:C2:9B:F5:56:FC:E3:4B:BD:96:F2:D3:BA:77:4A:A4:CA:71:1A:4B
Certificate issuer: /CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Certificate serial: 0183173AF548D7A77B678573B6BCB39DCB53
Authority key identifier: 0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/3cKb9Vb840u9lvLTundKpMpxGks.roa
Signing time: Wed 07 Sep 2022 09:14:43 +0000
ROA not before: Wed 07 Sep 2022 09:14:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204895
IP address blocks: 5.252.28.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:17:3a:f5:48:d7:a7:7b:67:85:73:b6:bc:b3:9d:cb:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Validity
Not Before: Sep 7 09:14:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddc29bf556fce34bbd96f2d3ba774aa4ca711a4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c3:25:07:61:ec:ee:ff:59:dc:3a:58:57:bd:
c2:c3:6c:d7:14:db:1b:f1:96:02:18:c4:38:1f:da:
6a:56:1c:f2:91:2c:5c:69:de:ff:55:1a:26:8b:5f:
12:12:a5:23:53:97:93:9f:42:dc:3f:bf:cf:44:2c:
93:c7:dc:e1:43:16:a2:d6:ac:60:b7:55:eb:cf:4f:
1f:0e:e6:bb:cc:b4:79:32:e5:7e:56:a5:a7:e6:2a:
00:d1:7e:46:92:be:15:0d:ed:3d:26:47:31:70:97:
6b:bf:3e:47:4e:c3:69:72:7f:2a:d1:73:f2:26:0b:
51:1e:0d:8b:4b:03:d3:f8:2f:7b:f7:31:54:fe:3f:
34:c1:e4:77:62:5a:2d:d1:24:78:6a:56:67:8f:80:
84:3b:d9:9c:83:f9:38:b9:6a:7b:81:12:a6:c1:2c:
51:da:98:68:87:03:eb:8e:41:b3:76:ed:ad:1e:b7:
42:03:26:74:67:4e:66:55:f5:8e:f7:1a:92:15:21:
cd:31:9e:11:29:dd:d3:d0:dd:78:de:80:01:14:12:
8e:b7:f6:fe:b5:02:aa:a2:9e:15:38:5a:b5:b1:ef:
c6:42:86:e9:be:21:1e:d1:4e:1c:82:52:5b:cd:b2:
5e:1e:ce:5a:92:42:6a:54:99:d4:45:41:11:b6:a6:
ea:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C2:9B:F5:56:FC:E3:4B:BD:96:F2:D3:BA:77:4A:A4:CA:71:1A:4B
X509v3 Authority Key Identifier:
keyid:0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/3cKb9Vb840u9lvLTundKpMpxGks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.28.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:e8:82:1c:ce:e5:e9:ed:df:ad:b7:14:f5:59:1e:05:f6:c1:
8e:47:60:f0:c2:fa:6b:dd:89:18:c2:10:65:d1:a4:b6:cb:25:
8f:6a:6c:1d:5b:3f:47:b5:79:e5:1a:9d:97:e2:e6:c9:0f:1d:
42:af:7f:74:e5:88:71:29:1c:42:ba:c5:12:f2:26:a3:3a:5a:
a6:b6:79:e1:95:31:71:de:68:4d:4b:70:d6:c6:d0:fb:77:8b:
af:cd:66:59:fc:a9:b8:ca:e1:5e:ae:90:35:18:1e:33:65:b5:
af:81:10:14:ff:24:26:c6:34:3f:33:be:44:da:fe:0d:13:7a:
71:42:06:f4:61:5c:dd:9e:fe:e6:0b:71:e0:98:37:4f:53:39:
ee:df:d2:23:c8:9d:01:8c:55:d7:c4:7b:d5:e1:b9:da:98:ed:
5f:f7:b2:e0:83:b6:3a:1e:87:6e:21:3f:87:86:d5:2a:b4:29:
27:08:01:19:13:8d:53:3a:da:f9:4b:24:24:85:c0:5d:67:34:
4f:fd:0f:f8:f1:20:e1:a1:82:d4:cc:d5:f7:48:e7:ed:b3:3c:
38:67:92:54:ef:b6:f2:72:19:48:e1:df:06:94:62:2b:fa:60:
83:11:bc:d4:e1:d9:96:a9:6e:be:b2:dc:f2:af:24:ad:2e:89:
f9:ac:a2:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMXOvVI16d7Z4VztryznctTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkM2ViYTY4NzNjNWI1MDc1YjNjNDM5ZjdmZWViNTRhZjFm
MTBkYTkwHhcNMjIwOTA3MDkxNDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGMyOWJmNTU2ZmNlMzRiYmQ5NmYyZDNiYTc3NGFhNGNhNzExYTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsMlB2Hs7v9Z3DpYV73Cw2zXFNsb
8ZYCGMQ4H9pqVhzykSxcad7/VRomi18SEqUjU5eTn0LcP7/PRCyTx9zhQxai1qxg
t1Xrz08fDua7zLR5MuV+VqWn5ioA0X5Gkr4VDe09JkcxcJdrvz5HTsNpcn8q0XPy
JgtRHg2LSwPT+C979zFU/j80weR3Ylot0SR4alZnj4CEO9mcg/k4uWp7gRKmwSxR
2phohwPrjkGzdu2tHrdCAyZ0Z05mVfWO9xqSFSHNMZ4RKd3T0N143oABFBKOt/b+
tQKqop4VOFq1se/GQobpviEe0U4cglJbzbJeHs5akkJqVJnURUERtqbqWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN3Cm/VW/ONLvZby07p3SqTKcRpLMB8GA1UdIwQY
MBaAFA0+umhzxbUHWzxDn3/utUrx8Q2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zMzgzZjEtMDQyOC00NjRiLWJkMWUt
Mjc5OThiZjE3NDY1LzEvM2NLYjlWYjg0MHU5bHZMVHVuZEtwTXB4R2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8zMzgzZjEtMDQyOC00NjRiLWJkMWUtMjc5OThiZjE3NDY1
LzEvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBfwcMA0G
CSqGSIb3DQEBCwUAA4IBAQCb6IIczuXp7d+ttxT1WR4F9sGOR2Dwwvpr3YkYwhBl
0aS2yyWPamwdWz9HtXnlGp2X4ubJDx1Cr3905YhxKRxCusUS8iajOlqmtnnhlTFx
3mhNS3DWxtD7d4uvzWZZ/Km4yuFerpA1GB4zZbWvgRAU/yQmxjQ/M75E2v4NE3px
Qgb0YVzdnv7mC3HgmDdPUznu39IjyJ0BjFXXxHvV4bnamO1f97Lgg7Y6HoduIT+H
htUqtCknCAEZE41TOtr5SyQkhcBdZzRP/Q/48SDhoYLUzNX3SOftszw4Z5JU77by
chlI4d8GlGIr+mCDEbzU4dmWqW6+stzyryStLon5rKKQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:42 2025 by rpki-client