Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/j5AkoMG9EIoGFJM_O8kfk1pmqmI.roa
File: j5AkoMG9EIoGFJM_O8kfk1pmqmI.roa (raw, json)
Hash identifier: onI5ofjiVrr5Z5NeJmS1Uwo5sKDq+wsXmNlUp5oP0nc=
Subject key identifier: 8F:90:24:A0:C1:BD:10:8A:06:14:93:3F:3B:C9:1F:93:5A:66:AA:62
Certificate issuer: /CN=e49d44d881275fca2c0b6b3f7ecee2d222146fd2
Certificate serial: 03CAEBFA
Authority key identifier: E4:9D:44:D8:81:27:5F:CA:2C:0B:6B:3F:7E:CE:E2:D2:22:14:6F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5J1E2IEnX8osC2s_fs7i0iIUb9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/j5AkoMG9EIoGFJM_O8kfk1pmqmI.roa
Signing time: Sat 01 Jan 2022 15:05:03 +0000
ROA not before: Sat 01 Jan 2022 15:05:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3257
IP address blocks: 31.42.180.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63630330 (0x3caebfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e49d44d881275fca2c0b6b3f7ecee2d222146fd2
Validity
Not Before: Jan 1 15:05:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f9024a0c1bd108a0614933f3bc91f935a66aa62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:97:ac:e2:98:4c:b5:98:d4:29:83:f0:68:67:
f4:ad:80:81:6f:cc:41:0d:d8:ea:b9:c2:70:05:95:
f3:11:17:4d:01:69:67:d6:66:ea:ce:54:71:84:72:
a2:40:b9:5c:9c:b4:c1:48:30:5b:1a:6e:d8:9b:cc:
72:00:45:12:39:cb:1b:d4:00:9f:6c:42:07:33:94:
ab:78:26:e9:6b:c3:3e:0b:21:ad:65:25:bf:46:bc:
11:1b:19:87:e3:bc:2c:11:04:53:4e:56:e1:92:38:
11:d4:7c:83:7c:d8:e3:a5:63:e0:6b:15:97:c4:e6:
36:48:83:45:3d:7b:3e:2e:d0:36:6f:13:b3:7c:e1:
d1:7c:ec:78:b4:b0:3a:0f:be:79:e1:98:e0:5c:b8:
2c:a9:bc:04:37:22:1a:9d:5a:77:23:22:c5:95:41:
0f:69:2d:a2:06:10:8c:07:66:c8:a0:9b:9c:07:33:
73:cb:a6:01:4f:a7:cf:ed:2e:e2:ca:67:4a:87:11:
6a:d4:6f:ec:f5:d6:b2:96:c9:fc:ba:12:bc:2f:9c:
10:22:ae:dd:a3:f5:d9:56:95:22:99:55:b5:47:0b:
20:71:5c:5c:f5:54:d9:58:88:ae:26:66:b0:2c:ff:
3d:ec:05:cf:5f:b6:01:bb:6b:3a:55:5b:8b:6c:8a:
7b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:90:24:A0:C1:BD:10:8A:06:14:93:3F:3B:C9:1F:93:5A:66:AA:62
X509v3 Authority Key Identifier:
keyid:E4:9D:44:D8:81:27:5F:CA:2C:0B:6B:3F:7E:CE:E2:D2:22:14:6F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5J1E2IEnX8osC2s_fs7i0iIUb9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/j5AkoMG9EIoGFJM_O8kfk1pmqmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/050d7f-8455-465f-b239-c32d10c7ea1f/1/5J1E2IEnX8osC2s_fs7i0iIUb9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.180.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:ab:fb:a7:e2:d2:b0:14:b2:de:7b:59:8b:fb:5f:9c:03:6b:
93:b9:55:bc:42:15:8f:f8:15:ec:5f:13:fc:13:7d:dc:45:a4:
7e:b4:e7:42:ac:ef:1a:08:5c:b9:02:77:86:8e:57:27:e6:cc:
9c:17:c4:cf:b5:91:5b:9a:1a:25:b9:de:6a:1c:20:34:ff:91:
95:4f:ba:84:97:62:60:1e:95:e4:b4:89:57:73:18:a8:f0:da:
c5:f5:48:e9:71:62:3c:09:14:ba:0c:5f:20:48:09:a7:2a:85:
b9:8e:34:3f:6f:8e:76:6e:1b:6a:62:a6:3f:66:a9:2e:c1:d8:
7d:fb:ca:26:e8:89:4c:b7:7a:77:f4:e3:93:cc:c6:c1:00:cc:
9b:bd:de:4d:2c:8a:f8:2c:73:7b:78:28:25:78:8f:00:57:8f:
a4:4b:86:be:32:88:01:bb:94:da:8e:e5:f2:92:1a:40:99:f5:
11:e3:60:ac:22:53:fc:0c:3c:5b:c6:33:3f:eb:64:75:ea:f5:
72:3f:50:9d:f0:78:4b:17:05:b0:a3:44:b0:da:21:f0:8c:8c:
fe:7c:8d:db:2c:df:21:61:24:01:79:7c:a2:4c:7c:26:53:aa:
dc:49:4a:d5:f5:98:6b:05:21:20:11:11:f5:db:85:da:6d:18:
a0:98:5a:f0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA8rr+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NDlkNDRkODgxMjc1ZmNhMmMwYjZiM2Y3ZWNlZTJkMjIyMTQ2ZmQyMB4XDTIyMDEw
MTE1MDUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGY5MDI0YTBjMWJk
MTA4YTA2MTQ5MzNmM2JjOTFmOTM1YTY2YWE2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO2XrOKYTLWY1CmD8Ghn9K2AgW/MQQ3Y6rnCcAWV8xEXTQFp
Z9Zm6s5UcYRyokC5XJy0wUgwWxpu2JvMcgBFEjnLG9QAn2xCBzOUq3gm6WvDPgsh
rWUlv0a8ERsZh+O8LBEEU05W4ZI4EdR8g3zY46Vj4GsVl8TmNkiDRT17Pi7QNm8T
s3zh0XzseLSwOg++eeGY4Fy4LKm8BDciGp1adyMixZVBD2ktogYQjAdmyKCbnAcz
c8umAU+nz+0u4spnSocRatRv7PXWspbJ/LoSvC+cECKu3aP12VaVIplVtUcLIHFc
XPVU2ViIriZmsCz/PewFz1+2AbtrOlVbi2yKe2kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSPkCSgwb0QigYUkz87yR+TWmaqYjAfBgNVHSMEGDAWgBTknUTYgSdfyiwL
az9+zuLSIhRv0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVKMUUySUVuWDhvc0Myc19mczdpMGlJVWI5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvMDUwZDdmLTg0NTUtNDY1Zi1iMjM5LWMzMmQxMGM3ZWExZi8x
L2o1QWtvTUc5RUlvR0ZKTV9POGtmazFwbXFtSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
MDUwZDdmLTg0NTUtNDY1Zi1iMjM5LWMzMmQxMGM3ZWExZi8xLzVKMUUySUVuWDhv
c0Myc19mczdpMGlJVWI5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAh8qtDANBgkqhkiG9w0BAQsFAAOC
AQEAXqv7p+LSsBSy3ntZi/tfnANrk7lVvEIVj/gV7F8T/BN93EWkfrTnQqzvGghc
uQJ3ho5XJ+bMnBfEz7WRW5oaJbneahwgNP+RlU+6hJdiYB6V5LSJV3MYqPDaxfVI
6XFiPAkUugxfIEgJpyqFuY40P2+Odm4bamKmP2apLsHYffvKJuiJTLd6d/Tjk8zG
wQDMm73eTSyK+Cxze3goJXiPAFePpEuGvjKIAbuU2o7l8pIaQJn1EeNgrCJT/Aw8
W8YzP+tkder1cj9QnfB4SxcFsKNEsNoh8IyM/nyN2yzfIWEkAXl8okx8JlOq3ElK
1fWYawUhIBER9duF2m0YoJha8A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:03 2024 by rpki-client on console-fra.rpki-client.org