Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/lGFkmEm5hag0q4HWNyihE2WS4V8.roa
File: lGFkmEm5hag0q4HWNyihE2WS4V8.roa (raw, json)
Hash identifier: JAO9Po7b5RffVslyA21KFU5YZjYHYUmWXqVzrGcqdr4=
Subject key identifier: 94:61:64:98:49:B9:85:A8:34:AB:81:D6:37:28:A1:13:65:92:E1:5F
Certificate issuer: /CN=7803558ea6e5165b3876097af75bf1e92a142cf2
Certificate serial: 018D1CAA2F135CD26A9FF8058D63F9B56878
Authority key identifier: 78:03:55:8E:A6:E5:16:5B:38:76:09:7A:F7:5B:F1:E9:2A:14:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eANVjqblFls4dgl691vx6SoULPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/lGFkmEm5hag0q4HWNyihE2WS4V8.roa
Signing time: Thu 18 Jan 2024 13:02:11 +0000
ROA not before: Thu 18 Jan 2024 13:02:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 5.172.179.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:aa:2f:13:5c:d2:6a:9f:f8:05:8d:63:f9:b5:68:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7803558ea6e5165b3876097af75bf1e92a142cf2
Validity
Not Before: Jan 18 13:02:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9461649849b985a834ab81d63728a1136592e15f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f3:40:72:a4:27:3b:63:c2:ae:0d:c9:0e:de:
62:dc:8c:79:97:80:b2:ca:0d:9b:3b:9c:f5:c4:08:
f8:89:ef:4e:7f:70:1a:b5:0d:59:dc:5c:81:32:5d:
2a:af:af:f1:b6:54:d4:69:76:73:31:49:29:64:17:
5f:0a:ee:96:f0:16:3a:6e:79:cb:73:18:df:f6:ba:
4e:10:7e:da:a7:b1:06:52:94:0d:5b:ae:7e:18:5b:
ad:d1:36:74:f8:80:c2:3c:c4:35:86:7e:a9:91:b1:
9e:cb:14:f3:1f:b1:9b:ef:17:22:7b:a6:c8:45:37:
40:e1:c1:ae:57:01:17:d8:39:27:7d:73:f7:e0:e6:
43:a3:cc:6f:d9:6a:1e:84:6e:ff:e3:93:67:4a:12:
f9:1c:00:c7:ef:c1:d6:1b:68:be:41:7f:cf:0f:6c:
42:9f:ca:b7:96:f1:24:aa:16:69:51:14:3d:5f:29:
9c:1a:97:fb:b7:98:34:2a:4f:6c:b9:4a:b2:f2:66:
ed:31:c9:d3:11:6e:d9:e5:2e:10:55:33:4f:59:3e:
e7:39:35:4e:d0:80:42:9b:cc:a4:20:a5:8c:ae:fe:
33:d3:d8:b0:b1:d1:54:fd:ed:a6:be:c9:9a:2d:78:
7f:f0:3d:02:c8:48:e8:a0:c5:64:83:27:ec:8e:c8:
a5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:61:64:98:49:B9:85:A8:34:AB:81:D6:37:28:A1:13:65:92:E1:5F
X509v3 Authority Key Identifier:
keyid:78:03:55:8E:A6:E5:16:5B:38:76:09:7A:F7:5B:F1:E9:2A:14:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eANVjqblFls4dgl691vx6SoULPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/lGFkmEm5hag0q4HWNyihE2WS4V8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/59a3aa-4eae-44e7-acc1-6f16834bc847/1/eANVjqblFls4dgl691vx6SoULPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.179.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:4a:3e:65:e5:7a:f3:f2:7d:5a:a0:6b:e5:9a:58:c5:91:91:
f6:79:e4:47:e9:91:ed:19:b3:92:da:9f:54:f4:04:2d:52:5a:
c8:59:90:f2:79:4d:01:82:7f:a2:e5:11:bf:fb:d5:17:f1:72:
f7:2d:16:6d:a5:3e:50:30:2f:2b:2d:10:9d:e7:b3:01:6a:26:
32:07:a9:6d:4b:dd:88:61:bf:57:3f:7e:ef:15:d7:e7:24:67:
63:71:bb:a8:e4:d3:72:54:e0:e2:f1:1d:a0:b1:f1:8b:e8:f4:
37:ee:7e:1e:c2:be:91:82:e9:cb:94:55:88:59:08:14:70:b6:
15:94:70:58:4c:6f:43:88:0e:a4:dc:12:3e:1d:86:da:af:8f:
6e:11:24:44:31:fc:09:7a:e8:6e:d4:8a:e3:5e:28:e1:7f:6d:
4d:7a:72:67:97:8b:75:50:3b:aa:82:8d:4b:cf:64:07:46:bf:
c1:64:a3:29:20:e9:47:f8:76:60:23:29:b2:47:2d:55:36:0f:
5a:42:cf:0f:e7:5a:2e:ea:ef:68:fe:f6:9e:aa:8c:59:c7:f9:
ea:98:38:55:28:66:fd:ec:bd:b6:32:21:39:66:ac:4d:2a:3e:
82:71:52:f8:1c:6f:bc:ad:38:60:ab:35:47:cf:08:cd:6d:b2:
36:85:04:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0cqi8TXNJqn/gFjWP5tWh4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MDM1NThlYTZlNTE2NWIzODc2MDk3YWY3NWJmMWU5MmEx
NDJjZjIwHhcNMjQwMTE4MTMwMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDYxNjQ5ODQ5Yjk4NWE4MzRhYjgxZDYzNzI4YTExMzY1OTJlMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/NAcqQnO2PCrg3JDt5i3Ix5l4Cy
yg2bO5z1xAj4ie9Of3AatQ1Z3FyBMl0qr6/xtlTUaXZzMUkpZBdfCu6W8BY6bnnL
cxjf9rpOEH7ap7EGUpQNW65+GFut0TZ0+IDCPMQ1hn6pkbGeyxTzH7Gb7xcie6bI
RTdA4cGuVwEX2DknfXP34OZDo8xv2WoehG7/45NnShL5HADH78HWG2i+QX/PD2xC
n8q3lvEkqhZpURQ9XymcGpf7t5g0Kk9suUqy8mbtMcnTEW7Z5S4QVTNPWT7nOTVO
0IBCm8ykIKWMrv4z09iwsdFU/e2mvsmaLXh/8D0CyEjooMVkgyfsjsilKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJRhZJhJuYWoNKuB1jcooRNlkuFfMB8GA1UdIwQY
MBaAFHgDVY6m5RZbOHYJevdb8ekqFCzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUFOVmpxYmxGbHM0ZGdsNjkxdng2U29VTFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81OWEzYWEtNGVhZS00NGU3LWFjYzEt
NmYxNjgzNGJjODQ3LzEvbEdGa21FbTVoYWcwcTRIV055aWhFMldTNFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS81OWEzYWEtNGVhZS00NGU3LWFjYzEtNmYxNjgzNGJjODQ3
LzEvZUFOVmpxYmxGbHM0ZGdsNjkxdng2U29VTFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABayzMA0G
CSqGSIb3DQEBCwUAA4IBAQC9Sj5l5Xrz8n1aoGvlmljFkZH2eeRH6ZHtGbOS2p9U
9AQtUlrIWZDyeU0Bgn+i5RG/+9UX8XL3LRZtpT5QMC8rLRCd57MBaiYyB6ltS92I
Yb9XP37vFdfnJGdjcbuo5NNyVODi8R2gsfGL6PQ37n4ewr6RgunLlFWIWQgUcLYV
lHBYTG9DiA6k3BI+HYbar49uESREMfwJeuhu1IrjXijhf21NenJnl4t1UDuqgo1L
z2QHRr/BZKMpIOlH+HZgIymyRy1VNg9aQs8P51ou6u9o/vaeqoxZx/nqmDhVKGb9
7L22MiE5ZqxNKj6CcVL4HG+8rThgqzVHzwjNbbI2hQSP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:56 2024 by rpki-client on console-fra.rpki-client.org