Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/10yB8gEUaMv6qhH9IlsStgLIXGc.roa
File: 10yB8gEUaMv6qhH9IlsStgLIXGc.roa (raw, json)
Hash identifier: wInXH29sirE4x2fL3D8/BKdbeNHBVZhwDFq3kyrUzH0=
Subject key identifier: D7:4C:81:F2:01:14:68:CB:FA:AA:11:FD:22:5B:12:B6:02:C8:5C:67
Certificate issuer: /CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Certificate serial: 01836A0EA691F2810DA8D16CD65CBD085EFF
Authority key identifier: 2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/10yB8gEUaMv6qhH9IlsStgLIXGc.roa
Signing time: Fri 23 Sep 2022 11:14:48 +0000
ROA not before: Fri 23 Sep 2022 11:14:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 5.133.123.0/24 maxlen: 24
5.133.122.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6a:0e:a6:91:f2:81:0d:a8:d1:6c:d6:5c:bd:08:5e:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Validity
Not Before: Sep 23 11:14:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d74c81f2011468cbfaaa11fd225b12b602c85c67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:28:18:63:45:0e:aa:17:e6:0b:06:e7:88:65:
5b:56:4f:9a:fd:42:d2:28:d7:a4:64:86:66:c7:9e:
99:d5:34:d1:7b:1c:e8:47:71:a0:33:e1:ee:25:61:
79:39:6a:dd:8a:58:05:38:57:48:50:bd:f0:d7:92:
89:fd:8f:8b:d5:70:4e:9a:7b:7d:f0:1b:87:3f:fe:
00:1b:02:ea:ea:ce:c7:a7:57:03:54:63:16:11:49:
4f:c9:57:33:89:05:ab:18:89:a8:6a:3c:bf:67:e4:
b8:29:6d:4a:dd:4e:ef:ad:0f:a1:a6:45:29:65:fe:
b0:d1:46:34:2e:28:fa:80:31:ef:9a:73:22:27:a1:
92:44:50:33:26:bd:cf:15:f8:c6:08:0b:9d:b5:12:
2d:66:2f:97:42:17:2a:de:a5:a2:82:27:ca:96:12:
7e:e8:15:e9:fa:86:07:9c:a4:89:2f:f2:70:9c:5c:
f4:55:ff:c5:74:0a:86:96:a1:ff:3e:bf:cb:a4:67:
c6:17:a9:cc:7f:1e:80:24:0d:f9:ec:9e:fb:ab:85:
77:a3:25:44:37:57:6a:3f:44:b0:f5:23:63:30:9a:
ae:9a:0c:40:4e:9b:68:a7:02:c2:f1:cb:84:ae:cc:
e3:ed:f7:78:7f:f7:fc:93:38:16:07:79:99:c1:4e:
c7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:4C:81:F2:01:14:68:CB:FA:AA:11:FD:22:5B:12:B6:02:C8:5C:67
X509v3 Authority Key Identifier:
keyid:2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/10yB8gEUaMv6qhH9IlsStgLIXGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/L1yrigmp_eI8ljX44WSu8J4XlIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.122.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:13:ac:92:09:8b:45:a8:c7:c9:a5:d7:f4:b2:a8:3e:a4:2d:
39:93:40:49:c8:3c:22:7e:56:c7:48:2d:a7:7e:26:99:49:1a:
76:17:0b:2d:ed:ff:d6:dc:76:61:7c:4a:b1:68:09:ff:71:f1:
59:a4:f3:e0:a5:2a:5a:7c:12:04:23:30:e8:13:33:7f:52:cc:
29:7b:38:0d:0e:29:66:47:ad:0c:26:a5:60:bd:83:81:b8:2c:
9d:cb:6b:5f:f8:5f:7c:a7:7c:9c:54:0d:f1:2d:ec:b4:61:b5:
e3:44:3d:da:8e:f3:51:d8:17:79:20:99:80:2e:37:b4:69:48:
0e:f8:61:ae:eb:0d:95:f4:d8:40:f7:ea:25:39:fe:ed:74:b2:
1f:fc:72:e9:d2:09:46:20:2e:5c:95:7c:38:a8:b2:05:7a:a5:
7e:dc:8c:3f:91:75:8d:a6:68:98:7b:d3:28:2b:9d:b1:79:fd:
a7:5b:de:8f:19:60:96:04:b2:5d:df:f1:c7:6c:7f:0f:e9:33:
80:39:6d:b9:d4:3a:4c:17:bf:59:0f:94:95:ea:4b:6a:d5:17:
85:09:85:51:77:01:37:81:1a:27:ff:43:b6:d9:37:39:36:01:
71:60:24:68:69:ca:18:cc:83:8b:17:bd:ee:2e:9e:9c:e2:f0:
f6:a2:a2:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNqDqaR8oENqNFs1ly9CF7/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNWNhYjhhMDlhOWZkZTIzYzk2MzVmOGUxNjRhZWYwOWUx
Nzk0OGMwHhcNMjIwOTIzMTExNDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzRjODFmMjAxMTQ2OGNiZmFhYTExZmQyMjViMTJiNjAyYzg1YzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCgYY0UOqhfmCwbniGVbVk+a/ULS
KNekZIZmx56Z1TTRexzoR3GgM+HuJWF5OWrdilgFOFdIUL3w15KJ/Y+L1XBOmnt9
8BuHP/4AGwLq6s7Hp1cDVGMWEUlPyVcziQWrGImoajy/Z+S4KW1K3U7vrQ+hpkUp
Zf6w0UY0Lij6gDHvmnMiJ6GSRFAzJr3PFfjGCAudtRItZi+XQhcq3qWigifKlhJ+
6BXp+oYHnKSJL/JwnFz0Vf/FdAqGlqH/Pr/LpGfGF6nMfx6AJA357J77q4V3oyVE
N1dqP0Sw9SNjMJqumgxATptopwLC8cuErszj7fd4f/f8kzgWB3mZwU7H+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNdMgfIBFGjL+qoR/SJbErYCyFxnMB8GA1UdIwQY
MBaAFC9cq4oJqf3iPJY1+OFkrvCeF5SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUt
MDAyZjI2ZTNiODk4LzEvMTB5QjhnRVVhTXY2cWhIOUlsc1N0Z0xJWEdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUtMDAyZjI2ZTNiODk4
LzEvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBYV6MA0G
CSqGSIb3DQEBCwUAA4IBAQAbE6ySCYtFqMfJpdf0sqg+pC05k0BJyDwiflbHSC2n
fiaZSRp2Fwst7f/W3HZhfEqxaAn/cfFZpPPgpSpafBIEIzDoEzN/UswpezgNDilm
R60MJqVgvYOBuCydy2tf+F98p3ycVA3xLey0YbXjRD3ajvNR2Bd5IJmALje0aUgO
+GGu6w2V9NhA9+olOf7tdLIf/HLp0glGIC5clXw4qLIFeqV+3Iw/kXWNpmiYe9Mo
K52xef2nW96PGWCWBLJd3/HHbH8P6TOAOW251DpMF79ZD5SV6ktq1ReFCYVRdwE3
gRon/0O22Tc5NgFxYCRoacoYzIOLF73uLp6c4vD2oqLm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:54 2023 by rpki-client on console-fra.rpki-client.org