Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/rEhSbjTvVpx7ugxQrnPrrxh_nxQ.roa
File: rEhSbjTvVpx7ugxQrnPrrxh_nxQ.roa (raw, json)
Hash identifier: nfQAa0AUJKKlmrNu4oyAMYUxcX/hvG54xnepFT5Af6M=
Subject key identifier: AC:48:52:6E:34:EF:56:9C:7B:BA:0C:50:AE:73:EB:AF:18:7F:9F:14
Certificate issuer: /CN=7bab6c11d41162db0306858f83e5e65121132a6b
Certificate serial: 018CC2DB61E008E7DB2AD67EBD2BE12D8726
Authority key identifier: 7B:AB:6C:11:D4:11:62:DB:03:06:85:8F:83:E5:E6:51:21:13:2A:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/rEhSbjTvVpx7ugxQrnPrrxh_nxQ.roa
Signing time: Mon 01 Jan 2024 02:30:06 +0000
ROA not before: Mon 01 Jan 2024 02:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 5.183.79.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:61:e0:08:e7:db:2a:d6:7e:bd:2b:e1:2d:87:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bab6c11d41162db0306858f83e5e65121132a6b
Validity
Not Before: Jan 1 02:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac48526e34ef569c7bba0c50ae73ebaf187f9f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:83:26:39:f1:46:47:19:73:57:6a:8c:25:0e:
fe:62:e4:49:fe:84:1f:b3:c0:c4:b9:f2:58:7b:48:
c8:7f:53:42:c7:9a:e4:94:d8:c2:af:09:39:4c:ee:
d6:64:36:45:e8:5e:18:01:e3:63:55:e4:6f:95:53:
8e:b6:6c:17:50:28:80:bb:70:64:d0:03:94:55:ac:
e1:8e:a2:59:0a:99:ec:1f:90:81:46:be:44:db:5c:
92:4f:39:b9:3f:5b:2f:08:af:be:5e:7c:fa:2a:ea:
c5:b4:56:05:42:27:f2:0b:1b:dc:9b:1f:9a:e3:37:
c3:4e:7c:ae:f9:9f:51:c2:ee:3f:62:8e:76:18:bc:
56:bc:95:12:56:1c:3c:b2:93:89:6f:e4:24:aa:23:
f6:92:90:1f:9e:15:9d:3a:62:0c:77:4b:58:4a:df:
a0:35:93:01:3c:86:6c:8e:14:65:32:63:11:b0:92:
3f:fa:ab:7b:0b:c4:b8:b6:ba:3e:69:fb:97:83:06:
83:bf:fb:55:07:66:b6:06:39:31:4d:04:3f:f3:75:
cc:0c:d6:aa:fc:dd:2f:61:09:e1:49:4d:a6:55:91:
7d:3f:0c:77:e1:78:3e:99:eb:dd:dd:90:83:a1:f8:
f3:51:56:81:c2:92:08:3f:3c:57:27:e4:66:19:d7:
61:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:48:52:6E:34:EF:56:9C:7B:BA:0C:50:AE:73:EB:AF:18:7F:9F:14
X509v3 Authority Key Identifier:
keyid:7B:AB:6C:11:D4:11:62:DB:03:06:85:8F:83:E5:E6:51:21:13:2A:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/rEhSbjTvVpx7ugxQrnPrrxh_nxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/e6tsEdQRYtsDBoWPg-XmUSETKms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.79.0/24
Signature Algorithm: sha256WithRSAEncryption
26:0f:9e:91:89:e5:c3:54:53:76:44:86:63:d6:7f:83:d6:73:
bf:61:ca:50:97:df:8c:1a:8d:94:10:85:ee:58:bb:24:c0:62:
fe:10:c6:8c:d3:31:10:dc:e6:cc:1e:72:2b:1c:fd:47:da:74:
97:ee:9c:49:6b:77:c9:09:23:10:5e:f0:d9:73:3a:73:bc:58:
1a:fe:9d:7b:ea:57:7a:14:ba:e3:ac:46:10:06:06:46:df:f6:
07:89:6a:82:a8:7e:21:06:fa:4b:a3:05:53:fc:8b:96:27:d3:
cc:36:2a:e2:2c:2f:a7:74:5d:1d:af:ab:7d:10:85:da:c3:31:
41:56:0b:da:cc:40:14:d4:92:73:19:43:f4:d6:77:ba:be:34:
88:5d:98:64:08:9d:10:a1:b5:ca:6e:d1:e2:e4:c5:67:9e:d2:
44:d3:32:fb:01:1e:bf:b8:3b:77:71:04:f9:48:bd:d0:54:97:
55:57:dd:8c:3c:0a:d9:69:8c:25:47:62:1d:7e:f7:c4:1e:ac:
27:5d:76:d5:c4:5e:6f:ce:3c:c4:64:69:09:51:84:a4:6c:bf:
4a:23:25:9a:85:17:64:be:aa:e5:23:ff:72:c0:64:5b:b8:94:
97:18:93:a4:b0:86:b4:65:d3:67:35:93:98:37:5b:2f:45:a6:
1e:a4:a4:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC22HgCOfbKtZ+vSvhLYcmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYWI2YzExZDQxMTYyZGIwMzA2ODU4ZjgzZTVlNjUxMjEx
MzJhNmIwHhcNMjQwMTAxMDIzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzQ4NTI2ZTM0ZWY1NjljN2JiYTBjNTBhZTczZWJhZjE4N2Y5ZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYMmOfFGRxlzV2qMJQ7+YuRJ/oQf
s8DEufJYe0jIf1NCx5rklNjCrwk5TO7WZDZF6F4YAeNjVeRvlVOOtmwXUCiAu3Bk
0AOUVazhjqJZCpnsH5CBRr5E21ySTzm5P1svCK++Xnz6KurFtFYFQifyCxvcmx+a
4zfDTnyu+Z9Rwu4/Yo52GLxWvJUSVhw8spOJb+QkqiP2kpAfnhWdOmIMd0tYSt+g
NZMBPIZsjhRlMmMRsJI/+qt7C8S4tro+afuXgwaDv/tVB2a2BjkxTQQ/83XMDNaq
/N0vYQnhSU2mVZF9Pwx34Xg+mevd3ZCDofjzUVaBwpIIPzxXJ+RmGddhsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKxIUm4071ace7oMUK5z668Yf58UMB8GA1UdIwQY
MBaAFHurbBHUEWLbAwaFj4Pl5lEhEyprMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZ0c0VkUVJZdHNEQm9XUGctWG1VU0VUS21zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9kMzM0YWQtNTI0MC00ZGFhLWEwNTAt
OWY1YmY3MzY3MjBlLzEvckVoU2JqVHZWcHg3dWd4UXJuUHJyeGhfbnhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9kMzM0YWQtNTI0MC00ZGFhLWEwNTAtOWY1YmY3MzY3MjBl
LzEvZTZ0c0VkUVJZdHNEQm9XUGctWG1VU0VUS21zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbdPMA0G
CSqGSIb3DQEBCwUAA4IBAQAmD56RieXDVFN2RIZj1n+D1nO/YcpQl9+MGo2UEIXu
WLskwGL+EMaM0zEQ3ObMHnIrHP1H2nSX7pxJa3fJCSMQXvDZczpzvFga/p176ld6
FLrjrEYQBgZG3/YHiWqCqH4hBvpLowVT/IuWJ9PMNiriLC+ndF0dr6t9EIXawzFB
VgvazEAU1JJzGUP01ne6vjSIXZhkCJ0QobXKbtHi5MVnntJE0zL7AR6/uDt3cQT5
SL3QVJdVV92MPArZaYwlR2IdfvfEHqwnXXbVxF5vzjzEZGkJUYSkbL9KIyWahRdk
vqrlI/9ywGRbuJSXGJOksIa0ZdNnNZOYN1svRaYepKT6
-----END CERTIFICATE-----
Generated at Tue Jul 9 13:50:31 2024 by rpki-client on console-ams.rpki-client.org