Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/aGcuVum0VAEk4YTS_q4GrdCyWUc.roa
File: aGcuVum0VAEk4YTS_q4GrdCyWUc.roa (raw, json)
Hash identifier: KuZe3vhsc1tYuwSe70w65vh6fabTQfDFkS7a3fSc6kc=
Subject key identifier: 68:67:2E:56:E9:B4:54:01:24:E1:84:D2:FE:AE:06:AD:D0:B2:59:47
Certificate issuer: /CN=7803558ea6e5165b3876097af75bf1e92a142cf2
Certificate serial: 018D303B0895111F8E0601E44DA870B070E2
Authority key identifier: 78:03:55:8E:A6:E5:16:5B:38:76:09:7A:F7:5B:F1:E9:2A:14:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eANVjqblFls4dgl691vx6SoULPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/aGcuVum0VAEk4YTS_q4GrdCyWUc.roa
Signing time: Mon 22 Jan 2024 08:13:11 +0000
ROA not before: Mon 22 Jan 2024 08:13:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 5.182.116.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:3b:08:95:11:1f:8e:06:01:e4:4d:a8:70:b0:70:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7803558ea6e5165b3876097af75bf1e92a142cf2
Validity
Not Before: Jan 22 08:13:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68672e56e9b4540124e184d2feae06add0b25947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:86:ec:e4:19:05:b4:cb:51:70:0e:76:76:09:
d0:93:51:80:94:7d:b7:e1:52:2d:81:cd:f5:53:ff:
86:ea:c1:93:d3:4b:33:c9:64:13:33:51:7a:27:4d:
a5:56:a6:0c:e6:88:0a:df:20:2a:f7:a6:a3:3d:6b:
ec:38:ae:00:c9:41:df:0f:65:d3:f0:e2:47:f4:24:
6b:bb:78:8d:84:01:17:1d:4c:c8:3a:58:ec:a0:42:
b2:2b:07:86:7e:e1:5b:49:a2:3c:d3:58:13:b8:81:
17:2e:51:0e:da:9b:22:a3:e0:3c:11:51:6c:e1:91:
12:f7:cc:97:21:f4:2f:aa:20:4c:49:5b:cc:d0:44:
ea:8d:d9:0c:2b:c3:29:78:b8:87:06:21:65:6f:84:
cc:be:f0:db:9e:c3:98:69:68:d3:56:9a:82:33:04:
73:5a:7e:ea:c2:a8:a6:09:46:0d:4e:11:e4:2d:be:
97:5e:b0:7f:54:d0:38:60:0e:ef:f0:f0:8a:f8:96:
cf:9d:e3:81:c5:46:78:90:e0:72:cb:b0:53:09:07:
a9:55:38:5a:b0:22:57:75:5a:b9:a6:f8:9f:99:0d:
96:f9:6e:4c:69:dc:45:68:e7:07:0c:95:71:0a:bb:
f4:47:84:d5:a4:98:b6:51:cc:5f:e3:95:e8:4a:4c:
bf:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:67:2E:56:E9:B4:54:01:24:E1:84:D2:FE:AE:06:AD:D0:B2:59:47
X509v3 Authority Key Identifier:
keyid:78:03:55:8E:A6:E5:16:5B:38:76:09:7A:F7:5B:F1:E9:2A:14:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eANVjqblFls4dgl691vx6SoULPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/aGcuVum0VAEk4YTS_q4GrdCyWUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/eANVjqblFls4dgl691vx6SoULPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.116.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:74:bb:e4:1b:d4:db:20:06:99:ea:8c:5c:04:ab:c8:8b:e2:
b9:f3:05:68:ca:39:df:82:5f:fc:60:9a:35:e4:3d:21:0d:01:
53:0d:18:66:13:aa:a1:29:c4:4b:9b:f8:c4:4f:1c:38:bb:52:
35:20:5c:ae:a5:bb:8d:b1:a4:f1:77:00:16:fe:7c:3b:a6:3e:
1d:25:c5:83:81:94:ac:d5:9b:31:88:28:48:95:77:cf:27:5b:
63:4b:0a:90:19:ed:ea:3b:bc:e1:7f:d8:10:9e:fb:ef:d4:c0:
73:7b:dd:2c:f7:fb:62:ea:0f:f7:ac:dd:40:d9:69:37:97:8b:
37:6f:df:19:e1:3c:a2:1c:58:55:fe:e3:e6:5b:7e:59:10:82:
5f:92:e5:6d:78:6d:0b:3e:d5:6f:14:42:bf:03:ff:c9:ab:8b:
5d:0e:ef:0a:cf:52:f0:db:fd:da:15:b1:73:8b:b2:96:b8:cd:
24:04:1e:1c:30:67:d0:44:c9:21:bf:66:eb:b1:07:8d:79:08:
bd:84:0b:cf:9c:47:d3:86:7d:e0:e1:b3:79:74:90:00:03:92:
10:e7:a6:e8:c7:cb:64:ee:8e:a6:a5:da:ce:82:a9:d9:d3:06:
4f:f3:e0:c5:13:50:8d:f3:0a:0e:a1:21:00:11:b6:59:31:48:
0e:63:3d:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0wOwiVER+OBgHkTahwsHDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MDM1NThlYTZlNTE2NWIzODc2MDk3YWY3NWJmMWU5MmEx
NDJjZjIwHhcNMjQwMTIyMDgxMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODY3MmU1NmU5YjQ1NDAxMjRlMTg0ZDJmZWFlMDZhZGQwYjI1OTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIbs5BkFtMtRcA52dgnQk1GAlH23
4VItgc31U/+G6sGT00szyWQTM1F6J02lVqYM5ogK3yAq96ajPWvsOK4AyUHfD2XT
8OJH9CRru3iNhAEXHUzIOljsoEKyKweGfuFbSaI801gTuIEXLlEO2psio+A8EVFs
4ZES98yXIfQvqiBMSVvM0ETqjdkMK8MpeLiHBiFlb4TMvvDbnsOYaWjTVpqCMwRz
Wn7qwqimCUYNThHkLb6XXrB/VNA4YA7v8PCK+JbPneOBxUZ4kOByy7BTCQepVTha
sCJXdVq5pvifmQ2W+W5MadxFaOcHDJVxCrv0R4TVpJi2Ucxf45XoSky/twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhnLlbptFQBJOGE0v6uBq3QsllHMB8GA1UdIwQY
MBaAFHgDVY6m5RZbOHYJevdb8ekqFCzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUFOVmpxYmxGbHM0ZGdsNjkxdng2U29VTFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81OWEzYWEtNGVhZS00NGU3LWFjYzEt
NmYxNjgzNGJjODQ3LzEvYUdjdVZ1bTBWQUVrNFlUU19xNEdyZEN5V1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS81OWEzYWEtNGVhZS00NGU3LWFjYzEtNmYxNjgzNGJjODQ3
LzEvZUFOVmpxYmxGbHM0ZGdsNjkxdng2U29VTFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbZ0MA0G
CSqGSIb3DQEBCwUAA4IBAQCbdLvkG9TbIAaZ6oxcBKvIi+K58wVoyjnfgl/8YJo1
5D0hDQFTDRhmE6qhKcRLm/jETxw4u1I1IFyupbuNsaTxdwAW/nw7pj4dJcWDgZSs
1ZsxiChIlXfPJ1tjSwqQGe3qO7zhf9gQnvvv1MBze90s9/ti6g/3rN1A2Wk3l4s3
b98Z4TyiHFhV/uPmW35ZEIJfkuVteG0LPtVvFEK/A//Jq4tdDu8Kz1Lw2/3aFbFz
i7KWuM0kBB4cMGfQRMkhv2brsQeNeQi9hAvPnEfThn3g4bN5dJAAA5IQ56box8tk
7o6mpdrOgqnZ0wZP8+DFE1CN8woOoSEAEbZZMUgOYz1w
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:13 2024 by rpki-client on console-ams.rpki-client.org