Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/aSouAFpobtv7M0V6zHzQvNf6OvQ.roa
File: aSouAFpobtv7M0V6zHzQvNf6OvQ.roa (raw, json)
Hash identifier: ej8PkkDHAaFpXF/p+qZLfol3iZA3apeg7JeJ7IrGPJ8=
Subject key identifier: 69:2A:2E:00:5A:68:6E:DB:FB:33:45:7A:CC:7C:D0:BC:D7:FA:3A:F4
Certificate issuer: /CN=97ebf14a8e54f12dd8b245353df683e182a096c5
Certificate serial: 018EC78085464F0A76C2880434071C188091
Authority key identifier: 97:EB:F1:4A:8E:54:F1:2D:D8:B2:45:35:3D:F6:83:E1:82:A0:96:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l-vxSo5U8S3YskU1PfaD4YKglsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/aSouAFpobtv7M0V6zHzQvNf6OvQ.roa
Signing time: Wed 10 Apr 2024 10:14:32 +0000
ROA not before: Wed 10 Apr 2024 10:14:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201631
IP address blocks: 5.42.219.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c7:80:85:46:4f:0a:76:c2:88:04:34:07:1c:18:80:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97ebf14a8e54f12dd8b245353df683e182a096c5
Validity
Not Before: Apr 10 10:14:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=692a2e005a686edbfb33457acc7cd0bcd7fa3af4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:10:fb:cf:87:ef:ce:e7:86:65:25:21:ac:cd:
4f:67:22:6b:d8:39:b9:cf:66:34:bd:80:f9:76:94:
7f:e7:96:67:f3:0d:31:69:45:5c:67:92:37:bb:74:
7a:df:96:5e:2f:24:bb:35:41:2e:a0:2a:e3:8d:ed:
11:55:32:7f:be:dd:32:8d:10:e2:f7:1d:1f:9f:56:
e5:0a:a9:7c:44:9d:12:45:36:cf:92:03:7e:4f:43:
c0:6d:f1:e6:cb:bc:c8:c4:11:63:ca:3e:75:c4:2a:
17:3a:1f:26:aa:4a:e4:16:49:6a:44:c5:0c:45:bd:
e6:ea:89:42:09:34:a8:5d:5f:6b:24:67:3f:e2:06:
74:d9:79:53:e5:f9:83:8b:f0:3d:de:8a:8e:ed:46:
ea:b0:f2:ee:84:23:40:05:32:2d:6c:b4:69:0f:58:
0b:0a:f6:af:7f:48:73:30:9f:cb:96:21:2d:80:01:
42:ff:a1:d0:35:81:de:3d:e1:51:15:2c:06:09:52:
74:30:d9:a7:aa:5a:ac:ec:2d:f1:fe:76:6a:9a:03:
2c:02:a8:0b:ef:b6:d2:84:63:fd:1f:c7:ba:d2:4b:
b9:3c:71:e4:91:49:6c:6d:82:8f:f1:f7:98:47:f7:
24:58:bb:68:be:d1:08:48:9e:9c:09:8f:5f:21:bc:
f0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:2A:2E:00:5A:68:6E:DB:FB:33:45:7A:CC:7C:D0:BC:D7:FA:3A:F4
X509v3 Authority Key Identifier:
keyid:97:EB:F1:4A:8E:54:F1:2D:D8:B2:45:35:3D:F6:83:E1:82:A0:96:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l-vxSo5U8S3YskU1PfaD4YKglsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/aSouAFpobtv7M0V6zHzQvNf6OvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/l-vxSo5U8S3YskU1PfaD4YKglsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.219.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:95:0f:d2:1d:f5:af:6d:f5:cf:e2:98:8c:c6:b9:e1:8a:e9:
fd:05:d9:50:14:a6:af:30:0b:25:42:db:b5:80:c9:3c:b7:08:
cd:55:5c:47:4a:d0:64:82:b2:5b:01:6d:6f:73:fe:fa:17:99:
a0:7b:a1:5f:ce:78:0f:28:d0:38:79:67:20:0e:79:ec:0b:bf:
57:ef:af:9f:9e:dc:52:e4:e4:1f:f9:54:7a:44:ef:ab:3f:13:
1b:bd:8c:48:31:09:5c:75:7d:49:de:d1:79:92:1e:55:a1:09:
36:9e:23:a9:83:01:c1:58:e9:5e:68:48:b9:f5:ca:80:43:98:
15:67:da:81:d8:b1:15:f7:b2:5f:b1:9f:8a:49:f7:5a:d9:cd:
6e:00:4b:dc:e7:f4:fb:a2:63:cd:5e:19:ba:bc:a9:dd:df:e0:
20:b9:75:6f:e9:b0:52:9f:1d:05:e1:3c:c0:fc:53:ec:a5:c0:
93:ee:1b:b7:4e:03:50:bd:21:2b:1f:dd:dd:f9:7d:0b:98:56:
dc:2b:72:9c:44:fb:e9:3b:bf:d8:74:a3:66:5f:86:14:ce:6d:
6a:e9:07:be:33:46:95:d7:45:a4:ff:cb:b1:b5:25:c7:ec:d5:
a4:bd:49:18:a1:10:ce:cf:0a:a7:e3:3e:84:19:eb:d1:05:28:
0f:de:95:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7HgIVGTwp2wogENAccGICRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZWJmMTRhOGU1NGYxMmRkOGIyNDUzNTNkZjY4M2UxODJh
MDk2YzUwHhcNMjQwNDEwMTAxNDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTJhMmUwMDVhNjg2ZWRiZmIzMzQ1N2FjYzdjZDBiY2Q3ZmEzYWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBD7z4fvzueGZSUhrM1PZyJr2Dm5
z2Y0vYD5dpR/55Zn8w0xaUVcZ5I3u3R635ZeLyS7NUEuoCrjje0RVTJ/vt0yjRDi
9x0fn1blCql8RJ0SRTbPkgN+T0PAbfHmy7zIxBFjyj51xCoXOh8mqkrkFklqRMUM
Rb3m6olCCTSoXV9rJGc/4gZ02XlT5fmDi/A93oqO7UbqsPLuhCNABTItbLRpD1gL
Cvavf0hzMJ/LliEtgAFC/6HQNYHePeFRFSwGCVJ0MNmnqlqs7C3x/nZqmgMsAqgL
77bShGP9H8e60ku5PHHkkUlsbYKP8feYR/ckWLtovtEISJ6cCY9fIbzwCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGkqLgBaaG7b+zNFesx80LzX+jr0MB8GA1UdIwQY
MBaAFJfr8UqOVPEt2LJFNT32g+GCoJbFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbC12eFNvNVU4UzNZc2tVMVBmYUQ0WUtnbHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wOTJiMTEtMTYyMi00NTU2LThlNjUt
MjQwOWFhZDA4MWQyLzEvYVNvdUFGcG9idHY3TTBWNnpIelF2TmY2T3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wOTJiMTEtMTYyMi00NTU2LThlNjUtMjQwOWFhZDA4MWQy
LzEvbC12eFNvNVU4UzNZc2tVMVBmYUQ0WUtnbHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSrbMA0G
CSqGSIb3DQEBCwUAA4IBAQBPlQ/SHfWvbfXP4piMxrnhiun9BdlQFKavMAslQtu1
gMk8twjNVVxHStBkgrJbAW1vc/76F5mge6FfzngPKNA4eWcgDnnsC79X76+fntxS
5OQf+VR6RO+rPxMbvYxIMQlcdX1J3tF5kh5VoQk2niOpgwHBWOleaEi59cqAQ5gV
Z9qB2LEV97JfsZ+KSfda2c1uAEvc5/T7omPNXhm6vKnd3+AguXVv6bBSnx0F4TzA
/FPspcCT7hu3TgNQvSErH93d+X0LmFbcK3KcRPvpO7/YdKNmX4YUzm1q6Qe+M0aV
10Wk/8uxtSXH7NWkvUkYoRDOzwqn4z6EGevRBSgP3pWl
-----END CERTIFICATE-----
Generated at Mon Aug 5 13:06:54 2024 by rpki-client on console-fra.rpki-client.org