Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/5Rg50tjwutJ1sybO2pMuclPZYzA.roa
File: 5Rg50tjwutJ1sybO2pMuclPZYzA.roa (raw, json)
Hash identifier: Atnwjd8rVHnqF7ekXTq2zZKEpcEbD603h+mw6ukTlYg=
Subject key identifier: E5:18:39:D2:D8:F0:BA:D2:75:B3:26:CE:DA:93:2E:72:53:D9:63:30
Certificate issuer: /CN=0c4579a4028829d37acac65f66c056063251e57e
Certificate serial: 01856E38D26D531632A0AF0395FD1A7C3C92
Authority key identifier: 0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/5Rg50tjwutJ1sybO2pMuclPZYzA.roa
Signing time: Sun 01 Jan 2023 16:44:55 +0000
ROA not before: Sun 01 Jan 2023 16:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47943
IP address blocks: 2001:b18:1017::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:d2:6d:53:16:32:a0:af:03:95:fd:1a:7c:3c:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c4579a4028829d37acac65f66c056063251e57e
Validity
Not Before: Jan 1 16:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e51839d2d8f0bad275b326ceda932e7253d96330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:8b:a1:be:da:cd:d7:31:51:63:42:48:ee:fb:
91:29:23:d9:ac:92:08:e9:9d:fe:a0:12:7a:c3:4b:
6f:e0:12:38:60:98:ce:fe:c6:f0:86:75:25:26:15:
bb:e7:11:29:e2:b0:00:b3:b9:67:72:70:22:04:26:
7b:b8:81:97:67:63:6f:80:90:c2:f2:9d:c5:dc:ef:
b8:af:fa:8a:f7:88:16:62:e1:c6:8e:43:ce:e7:bf:
0d:38:db:66:69:7f:2e:97:f6:f4:dc:49:62:df:52:
e2:58:ff:46:c4:e0:9f:21:36:7c:59:59:1e:15:d1:
36:f5:f7:61:78:94:96:3b:9a:32:3f:38:39:c3:4e:
b3:13:22:30:e8:de:77:8e:11:5f:7b:1c:38:52:b6:
24:d8:1d:a5:25:ba:7d:8c:ac:12:e0:59:d7:74:5e:
c3:31:20:f7:ab:87:86:86:c6:9e:b6:30:45:82:4f:
cf:8e:e2:4f:20:5a:59:5f:81:d3:eb:a7:91:48:0f:
10:45:f1:1c:c1:ba:cb:3c:1f:37:81:09:20:48:16:
21:5e:1d:57:80:df:81:a5:25:47:4a:98:c2:42:97:
c7:aa:92:73:c2:50:b3:83:1a:b8:ce:ab:e9:49:f2:
f3:cf:c7:af:f5:be:ba:ed:0d:36:f0:2b:89:70:39:
37:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:18:39:D2:D8:F0:BA:D2:75:B3:26:CE:DA:93:2E:72:53:D9:63:30
X509v3 Authority Key Identifier:
keyid:0C:45:79:A4:02:88:29:D3:7A:CA:C6:5F:66:C0:56:06:32:51:E5:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DEV5pAKIKdN6ysZfZsBWBjJR5X4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/5Rg50tjwutJ1sybO2pMuclPZYzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/edaeb5-5e6e-411b-99cb-3c50180780b0/1/DEV5pAKIKdN6ysZfZsBWBjJR5X4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:b18:1017::/48
Signature Algorithm: sha256WithRSAEncryption
0c:ad:6f:e1:23:cc:0c:f9:d8:98:a7:9d:03:77:65:a9:bc:05:
c7:20:e3:eb:53:f5:0b:5b:d3:f8:3a:a5:95:59:06:b1:95:d3:
eb:c3:b9:1c:51:4c:6b:df:db:d3:af:16:9d:53:fc:f0:07:d9:
4d:f6:af:91:28:be:94:83:b3:eb:92:44:e1:ee:e7:7f:4e:ca:
c4:44:af:c1:c2:da:fb:c7:18:b8:98:ab:72:3a:f3:b6:38:1c:
e6:ca:55:11:55:12:de:76:90:aa:41:8d:02:5c:64:eb:cc:9d:
66:05:e3:ea:8d:2c:d4:60:94:fc:53:30:dc:e0:24:77:1c:28:
07:c9:e0:03:f2:03:18:96:56:b7:66:bf:da:74:ed:51:75:86:
9d:99:24:69:ea:58:f1:9c:1b:54:18:59:c2:27:d2:89:76:dc:
22:12:0f:a5:71:f2:29:45:52:23:1b:49:72:bc:1b:ee:1e:0c:
1c:40:81:c7:e2:89:60:cc:3a:ee:13:be:b6:8b:92:b2:1a:27:
3d:4b:5e:2d:f8:92:dc:24:ca:c9:2a:86:f5:fc:94:8c:e5:85:
48:16:3a:62:13:b0:7c:66:3b:60:b2:e5:ef:0b:24:e7:cc:09:
d3:4d:1e:aa:c5:93:fc:5d:09:0d:18:bf:42:9c:9f:59:3d:83:
6a:13:f6:56
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuONJtUxYyoK8Dlf0afDySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNDU3OWE0MDI4ODI5ZDM3YWNhYzY1ZjY2YzA1NjA2MzI1
MWU1N2UwHhcNMjMwMTAxMTY0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTE4MzlkMmQ4ZjBiYWQyNzViMzI2Y2VkYTkzMmU3MjUzZDk2MzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ouhvtrN1zFRY0JI7vuRKSPZrJII
6Z3+oBJ6w0tv4BI4YJjO/sbwhnUlJhW75xEp4rAAs7lncnAiBCZ7uIGXZ2NvgJDC
8p3F3O+4r/qK94gWYuHGjkPO578NONtmaX8ul/b03Eli31LiWP9GxOCfITZ8WVke
FdE29fdheJSWO5oyPzg5w06zEyIw6N53jhFfexw4UrYk2B2lJbp9jKwS4FnXdF7D
MSD3q4eGhsaetjBFgk/PjuJPIFpZX4HT66eRSA8QRfEcwbrLPB83gQkgSBYhXh1X
gN+BpSVHSpjCQpfHqpJzwlCzgxq4zqvpSfLzz8ev9b667Q028CuJcDk3BQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOUYOdLY8LrSdbMmztqTLnJT2WMwMB8GA1UdIwQY
MBaAFAxFeaQCiCnTesrGX2bAVgYyUeV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREVWNXBBS0lLZE42eXNaZlpzQldCakpSNVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9lZGFlYjUtNWU2ZS00MTFiLTk5Y2It
M2M1MDE4MDc4MGIwLzEvNVJnNTB0and1dEoxc3liTzJwTXVjbFBaWXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9lZGFlYjUtNWU2ZS00MTFiLTk5Y2ItM2M1MDE4MDc4MGIw
LzEvREVWNXBBS0lLZE42eXNaZlpzQldCakpSNVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAELGBAX
MA0GCSqGSIb3DQEBCwUAA4IBAQAMrW/hI8wM+diYp50Dd2WpvAXHIOPrU/ULW9P4
OqWVWQaxldPrw7kcUUxr39vTrxadU/zwB9lN9q+RKL6Ug7PrkkTh7ud/TsrERK/B
wtr7xxi4mKtyOvO2OBzmylURVRLedpCqQY0CXGTrzJ1mBePqjSzUYJT8UzDc4CR3
HCgHyeAD8gMYlla3Zr/adO1RdYadmSRp6ljxnBtUGFnCJ9KJdtwiEg+lcfIpRVIj
G0lyvBvuHgwcQIHH4olgzDruE762i5KyGic9S14t+JLcJMrJKob1/JSM5YVIFjpi
E7B8ZjtgsuXvCyTnzAnTTR6qxZP8XQkNGL9CnJ9ZPYNqE/ZW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:07 2024 by rpki-client on console-fra.rpki-client.org