Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/b97693-1d02-40dc-9af7-a015168c3323/1/5-7L-ktme3yh5fdlZM-G4hukSDA.roa
File: 5-7L-ktme3yh5fdlZM-G4hukSDA.roa (raw, json)
Hash identifier: 15BMx6hHZFqh2v4/ERP/JcXt7oOgXvtmAYcv0g8aRLU=
Subject key identifier: E7:EE:CB:FA:4B:66:7B:7C:A1:E5:F7:65:64:CF:86:E2:1B:A4:48:30
Certificate issuer: /CN=74eba0122f643adca0cbc6f6a4681b6d77e93620
Certificate serial: 05630721
Authority key identifier: 74:EB:A0:12:2F:64:3A:DC:A0:CB:C6:F6:A4:68:1B:6D:77:E9:36:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOugEi9kOtygy8b2pGgbbXfpNiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/b97693-1d02-40dc-9af7-a015168c3323/1/5-7L-ktme3yh5fdlZM-G4hukSDA.roa
Signing time: Sat 01 Jan 2022 11:59:12 +0000
ROA not before: Sat 01 Jan 2022 11:59:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51011
IP address blocks: 178.217.24.0/21 maxlen: 21
194.60.244.0/23 maxlen: 23
176.101.56.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90375969 (0x5630721)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74eba0122f643adca0cbc6f6a4681b6d77e93620
Validity
Not Before: Jan 1 11:59:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7eecbfa4b667b7ca1e5f76564cf86e21ba44830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8d:56:06:05:e3:f9:15:eb:a6:f4:98:34:4a:
c0:b3:fa:29:9e:53:5b:4a:9a:f8:d4:69:07:00:a6:
2e:88:d8:a7:4a:88:c4:e6:93:5d:37:2b:d3:2a:23:
3a:c5:e6:ec:20:44:3e:4d:94:2e:68:55:5f:01:bb:
ab:60:6a:36:69:48:67:34:62:cf:3b:31:53:93:8e:
b1:ea:05:80:0f:17:52:04:d3:75:23:d9:b5:da:12:
cc:07:05:98:40:fd:39:bf:2f:e4:64:19:df:3f:b9:
4c:15:bc:81:ec:7e:3c:58:5f:f5:fc:e2:18:03:0f:
96:94:c8:3d:2b:28:ee:57:77:b7:91:f7:0d:66:6d:
96:1f:53:47:dd:80:02:43:c7:37:4d:61:7f:5d:3d:
27:be:a5:70:3d:a8:fe:c4:a9:63:7d:02:b8:fd:3f:
5e:b4:55:79:1c:fa:90:d7:30:04:8d:25:21:b3:7a:
7e:a3:e9:31:e1:c7:be:5d:0f:91:32:5d:94:ca:80:
ce:11:2c:98:da:b3:12:db:96:23:8e:c8:a4:a6:df:
7b:c3:7f:24:18:41:f2:52:48:dd:61:91:64:34:8e:
a7:6a:4c:8d:4f:8e:b4:42:ac:c8:07:01:f5:70:44:
d6:f3:25:2b:b7:b0:cb:f6:8c:80:be:1b:0a:66:85:
85:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:EE:CB:FA:4B:66:7B:7C:A1:E5:F7:65:64:CF:86:E2:1B:A4:48:30
X509v3 Authority Key Identifier:
keyid:74:EB:A0:12:2F:64:3A:DC:A0:CB:C6:F6:A4:68:1B:6D:77:E9:36:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOugEi9kOtygy8b2pGgbbXfpNiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b97693-1d02-40dc-9af7-a015168c3323/1/5-7L-ktme3yh5fdlZM-G4hukSDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b97693-1d02-40dc-9af7-a015168c3323/1/dOugEi9kOtygy8b2pGgbbXfpNiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.101.56.0/21
178.217.24.0/21
194.60.244.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:38:8e:ed:f1:b5:e2:9d:da:a7:25:bd:99:2e:7f:6b:a0:4d:
27:df:e2:12:87:eb:9c:d3:c2:b5:37:c2:98:b6:db:c8:90:fb:
8d:f3:fe:2a:17:5c:a7:44:2c:df:e2:af:52:e5:1e:55:21:14:
e0:ff:31:66:ac:0c:68:88:db:1f:c2:53:9d:f2:3e:a3:72:b7:
c7:c7:ea:e2:90:51:67:5d:2e:16:87:ba:d9:14:6f:b0:fd:74:
52:e6:74:82:a3:c7:d7:7f:f9:b6:05:88:00:99:35:de:a5:f6:
db:89:6e:41:5d:ab:66:6d:1f:48:0d:9d:89:36:07:5f:27:38:
bc:47:b6:1e:24:00:80:75:2c:72:4e:c3:ce:e8:d1:aa:85:f8:
ac:58:87:60:66:21:50:66:82:f8:c3:57:91:ef:c5:ed:c9:9a:
37:c4:0f:32:df:9e:97:1d:4d:3c:7a:cb:33:59:60:2a:d6:dd:
bc:c6:e1:7c:ce:58:73:2a:f7:70:15:3a:a6:cf:f9:d1:8c:68:
ea:d5:e6:ff:aa:47:3f:73:f9:6d:4d:a6:af:94:3d:d3:5c:51:
ab:7a:b5:0f:56:e5:53:c3:0a:26:4e:bf:6a:7b:f7:de:3e:12:
f6:41:48:38:03:75:b5:40:41:94:fe:5c:36:57:2d:54:27:15:
4a:c2:3c:5b
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBWMHITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NGViYTAxMjJmNjQzYWRjYTBjYmM2ZjZhNDY4MWI2ZDc3ZTkzNjIwMB4XDTIyMDEw
MTExNTkxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTdlZWNiZmE0YjY2
N2I3Y2ExZTVmNzY1NjRjZjg2ZTIxYmE0NDgzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMuNVgYF4/kV66b0mDRKwLP6KZ5TW0qa+NRpBwCmLojYp0qI
xOaTXTcr0yojOsXm7CBEPk2ULmhVXwG7q2BqNmlIZzRizzsxU5OOseoFgA8XUgTT
dSPZtdoSzAcFmED9Ob8v5GQZ3z+5TBW8gex+PFhf9fziGAMPlpTIPSso7ld3t5H3
DWZtlh9TR92AAkPHN01hf109J76lcD2o/sSpY30CuP0/XrRVeRz6kNcwBI0lIbN6
fqPpMeHHvl0PkTJdlMqAzhEsmNqzEtuWI47IpKbfe8N/JBhB8lJI3WGRZDSOp2pM
jU+OtEKsyAcB9XBE1vMlK7ewy/aMgL4bCmaFhS0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTn7sv6S2Z7fKHl92Vkz4biG6RIMDAfBgNVHSMEGDAWgBR066ASL2Q63KDL
xvakaBttd+k2IDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RPdWdFaTlrT3R5Z3k4YjJwR2diYlhmcE5pQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvYjk3NjkzLTFkMDItNDBkYy05YWY3LWEwMTUxNjhjMzMyMy8x
LzUtN0wta3RtZTN5aDVmZGxaTS1HNGh1a1NEQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
Yjk3NjkzLTFkMDItNDBkYy05YWY3LWEwMTUxNjhjMzMyMy8xL2RPdWdFaTlrT3R5
Z3k4YjJwR2diYlhmcE5pQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA7BlOAMEA7LZGAMEAcI89DANBgkq
hkiG9w0BAQsFAAOCAQEAWjiO7fG14p3apyW9mS5/a6BNJ9/iEofrnNPCtTfCmLbb
yJD7jfP+Khdcp0Qs3+KvUuUeVSEU4P8xZqwMaIjbH8JTnfI+o3K3x8fq4pBRZ10u
Foe62RRvsP10UuZ0gqPH13/5tgWIAJk13qX224luQV2rZm0fSA2diTYHXyc4vEe2
HiQAgHUsck7DzujRqoX4rFiHYGYhUGaC+MNXke/F7cmaN8QPMt+elx1NPHrLM1lg
KtbdvMbhfM5Ycyr3cBU6ps/50Yxo6tXm/6pHP3P5bU2mr5Q901xRq3q1D1blU8MK
Jk6/anv33j4S9kFIOAN1tUBBlP5cNlctVCcVSsI8Ww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:49 2024 by rpki-client on console-ams.rpki-client.org