Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/w44qZpjoNVBHKDNqZxUrQ9zZkm4.roa
File: w44qZpjoNVBHKDNqZxUrQ9zZkm4.roa (raw, json)
Hash identifier: RPFlnH1N4rq4PjO3oR13IQY9mu+BICiwvoUBjcKzgzc=
Subject key identifier: C3:8E:2A:66:98:E8:35:50:47:28:33:6A:67:15:2B:43:DC:D9:92:6E
Certificate issuer: /CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Certificate serial: 01856DC1D179D292DEAD665A2A024C0A608F
Authority key identifier: 0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/w44qZpjoNVBHKDNqZxUrQ9zZkm4.roa
Signing time: Sun 01 Jan 2023 14:34:56 +0000
ROA not before: Sun 01 Jan 2023 14:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204895
IP address blocks: 5.252.28.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:d1:79:d2:92:de:ad:66:5a:2a:02:4c:0a:60:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Validity
Not Before: Jan 1 14:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c38e2a6698e835504728336a67152b43dcd9926e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:61:f6:2e:2c:e0:67:ac:66:6b:da:9f:9b:40:
30:de:56:0e:61:81:4d:47:01:3e:c0:5f:50:3a:fe:
25:fa:45:0d:b9:b5:8b:d4:61:ba:7a:51:cb:d2:ba:
9b:a4:94:8b:f0:b3:72:e1:46:55:4f:e6:5f:eb:ff:
99:d6:5d:3e:5b:fd:c5:77:c5:2c:ae:fb:3f:83:8b:
fd:8b:66:16:37:09:24:e8:29:ed:43:69:66:a5:a3:
5c:f3:27:17:3d:51:7f:d4:c9:4d:94:1f:cb:ff:93:
eb:4c:45:c6:54:e4:c0:c6:91:78:6c:29:ae:9a:d4:
a7:ea:20:8a:0a:75:cd:fa:90:47:32:b2:72:ae:51:
96:21:93:c9:83:bb:e3:8f:ed:4b:18:d9:70:49:e0:
a7:6a:a2:34:67:3e:2f:af:1a:16:81:9a:4a:03:71:
ed:d0:b2:dd:32:e3:88:72:1a:9f:91:c5:34:a7:49:
52:e2:4a:9a:b7:6f:4c:b2:be:7f:e6:22:37:2b:a2:
fa:e3:dc:7e:2d:47:1b:fb:a6:b6:c9:d9:1c:8a:d3:
65:e8:05:47:31:fa:f8:9c:57:fb:ce:07:15:22:15:
c4:8c:0a:0a:85:67:84:4a:cc:2a:63:20:5c:04:62:
f5:83:8a:ba:0a:f2:9f:b5:42:78:a9:b8:7a:be:4a:
59:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:8E:2A:66:98:E8:35:50:47:28:33:6A:67:15:2B:43:DC:D9:92:6E
X509v3 Authority Key Identifier:
keyid:0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/w44qZpjoNVBHKDNqZxUrQ9zZkm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.28.0/22
Signature Algorithm: sha256WithRSAEncryption
10:75:08:bd:cb:43:07:cc:74:7d:e2:1d:15:9a:a9:54:59:35:
90:36:0f:8a:25:ad:f5:50:b1:f9:a6:ff:93:85:5d:79:17:f9:
92:74:7f:ee:a0:ae:5b:b0:94:99:3e:3d:08:4b:16:b2:31:4f:
0b:5b:12:30:d4:ef:a7:92:5b:8e:8a:5e:ff:59:e7:3c:ab:a8:
24:43:57:a1:4b:3e:ac:72:58:6d:bd:d8:f2:6b:61:22:2f:5b:
80:56:6e:14:7d:20:38:b4:11:53:b6:49:25:ff:13:a4:c5:8f:
00:90:86:29:72:29:9a:2a:b8:05:80:f9:9f:ea:ab:78:d5:c6:
b9:42:7f:47:5b:87:a6:96:90:6d:fb:f1:2b:fd:66:c9:6d:3b:
7f:c3:7e:8a:ab:b1:aa:2e:95:f5:2a:6f:bb:c0:51:46:81:d5:
c9:53:58:31:eb:b8:7b:32:33:34:69:61:16:4f:16:cc:f0:9d:
fa:5e:9c:5b:2b:36:a3:1d:b7:67:a1:f0:81:58:a0:fe:eb:03:
f8:8e:15:88:e4:92:a7:02:f5:44:b2:6e:0f:aa:86:b5:b5:bf:
fa:70:45:4a:74:b1:65:6e:23:bc:f5:3a:59:97:04:65:34:22:
ee:d2:20:9e:1d:4c:14:cc:84:7b:cc:a5:b1:6f:06:a1:54:09:
02:b1:f0:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwdF50pLerWZaKgJMCmCPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkM2ViYTY4NzNjNWI1MDc1YjNjNDM5ZjdmZWViNTRhZjFm
MTBkYTkwHhcNMjMwMTAxMTQzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzhlMmE2Njk4ZTgzNTUwNDcyODMzNmE2NzE1MmI0M2RjZDk5MjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2H2LizgZ6xma9qfm0Aw3lYOYYFN
RwE+wF9QOv4l+kUNubWL1GG6elHL0rqbpJSL8LNy4UZVT+Zf6/+Z1l0+W/3Fd8Us
rvs/g4v9i2YWNwkk6CntQ2lmpaNc8ycXPVF/1MlNlB/L/5PrTEXGVOTAxpF4bCmu
mtSn6iCKCnXN+pBHMrJyrlGWIZPJg7vjj+1LGNlwSeCnaqI0Zz4vrxoWgZpKA3Ht
0LLdMuOIchqfkcU0p0lS4kqat29Msr5/5iI3K6L649x+LUcb+6a2ydkcitNl6AVH
Mfr4nFf7zgcVIhXEjAoKhWeESswqYyBcBGL1g4q6CvKftUJ4qbh6vkpZoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMOOKmaY6DVQRygzamcVK0Pc2ZJuMB8GA1UdIwQY
MBaAFA0+umhzxbUHWzxDn3/utUrx8Q2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zMzgzZjEtMDQyOC00NjRiLWJkMWUt
Mjc5OThiZjE3NDY1LzEvdzQ0cVpwam9OVkJIS0ROcVp4VXJROXpaa200LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8zMzgzZjEtMDQyOC00NjRiLWJkMWUtMjc5OThiZjE3NDY1
LzEvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBfwcMA0G
CSqGSIb3DQEBCwUAA4IBAQAQdQi9y0MHzHR94h0VmqlUWTWQNg+KJa31ULH5pv+T
hV15F/mSdH/uoK5bsJSZPj0ISxayMU8LWxIw1O+nkluOil7/Wec8q6gkQ1ehSz6s
clhtvdjya2EiL1uAVm4UfSA4tBFTtkkl/xOkxY8AkIYpcimaKrgFgPmf6qt41ca5
Qn9HW4emlpBt+/Er/WbJbTt/w36Kq7GqLpX1Km+7wFFGgdXJU1gx67h7MjM0aWEW
TxbM8J36XpxbKzajHbdnofCBWKD+6wP4jhWI5JKnAvVEsm4Pqoa1tb/6cEVKdLFl
biO89TpZlwRlNCLu0iCeHUwUzIR7zKWxbwahVAkCsfDX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:10 2024 by rpki-client on console-fra.rpki-client.org