Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/wFvcpTjpVQDcxfIDDv3nYpss1HI.roa
File: wFvcpTjpVQDcxfIDDv3nYpss1HI.roa (raw, json)
Hash identifier: gmm37nRtuMOYdCuw5NXxbwCK0vV/0eJv88ei0ZQ3REA=
Subject key identifier: C0:5B:DC:A5:38:E9:55:00:DC:C5:F2:03:0E:FD:E7:62:9B:2C:D4:72
Certificate issuer: /CN=4705d3c6a5b0512682cdfdf363b19a9c567f1f6c
Certificate serial: 018CC348FE0FF9ADA6DB3F447F250FEB950B
Authority key identifier: 47:05:D3:C6:A5:B0:51:26:82:CD:FD:F3:63:B1:9A:9C:56:7F:1F:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RwXTxqWwUSaCzf3zY7GanFZ_H2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/wFvcpTjpVQDcxfIDDv3nYpss1HI.roa
Signing time: Mon 01 Jan 2024 04:29:49 +0000
ROA not before: Mon 01 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8796
IP address blocks: 5.183.80.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fe:0f:f9:ad:a6:db:3f:44:7f:25:0f:eb:95:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4705d3c6a5b0512682cdfdf363b19a9c567f1f6c
Validity
Not Before: Jan 1 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c05bdca538e95500dcc5f2030efde7629b2cd472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:42:29:0b:12:ea:87:ea:0e:16:1f:11:9b:b6:
24:b0:0d:78:84:74:7e:f3:51:1f:0f:c3:5b:52:0a:
97:a7:02:b4:6d:f2:e7:d1:17:4f:bc:57:38:92:4a:
89:48:55:3b:1d:d5:72:11:f5:29:97:35:b8:bb:a0:
97:2a:28:fc:82:20:cf:1b:5d:ec:57:89:bb:ce:5d:
4b:5d:6e:4d:f8:fd:a0:7b:57:72:43:96:fd:c3:5d:
b5:6a:c0:86:7a:13:ff:7d:f1:c7:53:19:e6:4d:e4:
b5:ed:b5:f5:4f:e2:ed:61:77:f1:25:cd:7c:63:85:
da:fc:9d:d9:ce:33:7e:79:d7:ff:7a:5b:18:37:ac:
dc:02:90:5d:98:ee:fc:e4:6f:22:7e:9b:a9:eb:8c:
ed:49:df:2e:e9:51:25:4c:06:cb:85:3b:9a:fc:0d:
24:dd:0d:b7:b1:f4:cc:a3:ac:4b:13:c5:40:29:ff:
e1:bb:23:a9:43:9a:a0:aa:e1:3c:69:a4:47:9d:c3:
95:9e:b1:9b:c0:c9:3e:7c:0b:2f:07:a9:17:d6:46:
09:0c:38:14:37:fd:70:ee:74:07:b6:de:8d:e1:da:
b3:16:da:7e:9b:f0:74:78:1f:c1:52:d0:c8:f8:12:
68:e5:eb:b5:84:2c:51:90:bd:59:7b:1a:aa:86:07:
08:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:5B:DC:A5:38:E9:55:00:DC:C5:F2:03:0E:FD:E7:62:9B:2C:D4:72
X509v3 Authority Key Identifier:
keyid:47:05:D3:C6:A5:B0:51:26:82:CD:FD:F3:63:B1:9A:9C:56:7F:1F:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RwXTxqWwUSaCzf3zY7GanFZ_H2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/wFvcpTjpVQDcxfIDDv3nYpss1HI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/RwXTxqWwUSaCzf3zY7GanFZ_H2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.80.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:01:3e:98:86:df:05:dd:9a:1b:34:cd:01:33:7a:8b:e7:51:
de:35:45:d0:b5:1e:15:f9:6e:2b:87:fe:e8:37:6d:05:cb:15:
d9:fc:2b:6f:23:37:e6:c1:3c:87:cc:0e:0b:ad:ec:fc:ba:17:
97:9b:88:1c:87:f8:f6:5b:02:7e:40:62:34:fe:1b:7d:67:08:
93:25:46:a5:ac:f5:6f:26:48:64:70:25:f0:f8:16:c5:32:bc:
b3:6a:4a:f2:47:1e:76:be:d8:3e:5e:ef:e1:e0:8d:88:81:c1:
c2:ad:5e:d1:94:78:8a:7d:87:7d:12:5f:dd:d4:8f:9a:2d:63:
af:a1:9e:57:3c:03:8a:60:94:c5:87:f2:78:06:79:f1:f0:e9:
72:f9:53:cd:10:ec:dc:13:28:5e:4d:be:17:f6:12:ec:99:4e:
58:75:9a:e1:80:91:fc:d6:d9:10:f9:30:36:0a:dd:bb:c8:25:
cf:5c:17:50:8d:33:2b:b4:8a:fd:98:f1:8b:a1:d7:65:c1:05:
f4:32:68:7e:e9:7b:82:e0:35:0b:8c:76:55:0b:d5:4e:f4:ce:
45:fa:6b:4d:4b:7c:79:ec:26:32:d7:b8:fc:0d:f8:a1:fe:fa:
be:38:b6:e4:61:ef:61:6e:6c:f6:5a:bc:0e:2b:9c:0d:e5:d6:
a9:c1:d4:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSP4P+a2m2z9EfyUP65ULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MDVkM2M2YTViMDUxMjY4MmNkZmRmMzYzYjE5YTljNTY3
ZjFmNmMwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDViZGNhNTM4ZTk1NTAwZGNjNWYyMDMwZWZkZTc2MjliMmNkNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUIpCxLqh+oOFh8Rm7YksA14hHR+
81EfD8NbUgqXpwK0bfLn0RdPvFc4kkqJSFU7HdVyEfUplzW4u6CXKij8giDPG13s
V4m7zl1LXW5N+P2ge1dyQ5b9w121asCGehP/ffHHUxnmTeS17bX1T+LtYXfxJc18
Y4Xa/J3ZzjN+edf/elsYN6zcApBdmO785G8ifpup64ztSd8u6VElTAbLhTua/A0k
3Q23sfTMo6xLE8VAKf/huyOpQ5qgquE8aaRHncOVnrGbwMk+fAsvB6kX1kYJDDgU
N/1w7nQHtt6N4dqzFtp+m/B0eB/BUtDI+BJo5eu1hCxRkL1ZexqqhgcIcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMBb3KU46VUA3MXyAw7952KbLNRyMB8GA1UdIwQY
MBaAFEcF08alsFEmgs3982OxmpxWfx9sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUndYVHhxV3dVU2FDemYzelk3R2FuRlpfSDJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi81NmFlZTktOTk2Yy00MzhmLWJiMDAt
MGRmYTZiMjJlZmYyLzEvd0Z2Y3BUanBWUURjeGZJRER2M25ZcHNzMUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi81NmFlZTktOTk2Yy00MzhmLWJiMDAtMGRmYTZiMjJlZmYy
LzEvUndYVHhxV3dVU2FDemYzelk3R2FuRlpfSDJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbdQMA0G
CSqGSIb3DQEBCwUAA4IBAQA8AT6Yht8F3ZobNM0BM3qL51HeNUXQtR4V+W4rh/7o
N20FyxXZ/CtvIzfmwTyHzA4Lrez8uheXm4gch/j2WwJ+QGI0/ht9ZwiTJUalrPVv
JkhkcCXw+BbFMryzakryRx52vtg+Xu/h4I2IgcHCrV7RlHiKfYd9El/d1I+aLWOv
oZ5XPAOKYJTFh/J4Bnnx8Oly+VPNEOzcEyheTb4X9hLsmU5YdZrhgJH81tkQ+TA2
Ct27yCXPXBdQjTMrtIr9mPGLoddlwQX0Mmh+6XuC4DULjHZVC9VO9M5F+mtNS3x5
7CYy17j8Dfih/vq+OLbkYe9hbmz2WrwOK5wN5dapwdSj
-----END CERTIFICATE-----
Generated at Thu Jul 11 16:31:05 2024 by rpki-client on console-ams.rpki-client.org