Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/UvQiw235JqSd9mSZEODGAQiBw0U.roa
File: UvQiw235JqSd9mSZEODGAQiBw0U.roa (raw, json)
Hash identifier: Cg39vUY+a/KBCXRlf8wpoHDli5yAsQZrblDsG91Wlew=
Subject key identifier: 52:F4:22:C3:6D:F9:26:A4:9D:F6:64:99:10:E0:C6:01:08:81:C3:45
Certificate issuer: /CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Certificate serial: 0183805662030C0E2B785478AA5B9A34BB72
Authority key identifier: 2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/UvQiw235JqSd9mSZEODGAQiBw0U.roa
Signing time: Tue 27 Sep 2022 19:04:48 +0000
ROA not before: Tue 27 Sep 2022 19:04:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52000
IP address blocks: 5.133.122.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:80:56:62:03:0c:0e:2b:78:54:78:aa:5b:9a:34:bb:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Validity
Not Before: Sep 27 19:04:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52f422c36df926a49df6649910e0c6010881c345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3b:81:f5:0e:80:b7:e5:7a:27:6a:ac:07:08:
16:28:3b:77:7d:cc:10:1d:cb:f6:27:72:d6:03:07:
c8:1d:e3:56:e6:f3:26:11:ce:5e:91:09:b6:8d:77:
c6:bd:35:63:98:2c:20:9f:af:70:53:29:af:fb:5c:
1e:bc:c7:b7:1f:2c:47:1b:47:e7:31:51:89:48:3d:
15:6e:a2:66:99:0f:ae:d2:02:0b:6f:6c:bd:c8:9a:
76:1b:1c:6e:ba:a1:6c:04:74:75:42:cb:f1:66:e6:
bb:a4:dd:55:bd:5c:86:58:29:40:e4:aa:03:35:7a:
78:71:73:f6:c2:54:03:17:ed:88:c5:69:a6:7d:30:
cd:1b:ea:81:83:4c:77:fc:a8:f6:cb:9f:e5:16:50:
61:a1:03:b3:28:be:9a:b9:c1:77:a5:28:56:4d:67:
6d:6f:98:76:47:db:2c:d4:54:46:49:4f:36:14:b1:
d5:9c:bd:52:67:b2:78:20:91:e8:e8:c3:9f:f2:78:
9d:35:e0:df:87:d3:18:58:3c:fc:4e:c8:77:1d:b0:
9d:65:91:c4:3d:5e:bd:ea:af:28:ec:91:d2:47:c8:
81:4a:8f:47:c4:d2:79:c2:40:13:5d:69:b2:08:34:
5d:35:ab:45:5f:6c:97:cc:db:08:6f:1e:de:6f:16:
be:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:F4:22:C3:6D:F9:26:A4:9D:F6:64:99:10:E0:C6:01:08:81:C3:45
X509v3 Authority Key Identifier:
keyid:2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/UvQiw235JqSd9mSZEODGAQiBw0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/L1yrigmp_eI8ljX44WSu8J4XlIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.122.0/23
Signature Algorithm: sha256WithRSAEncryption
36:d9:eb:85:94:11:62:14:0d:cc:37:3f:96:54:ac:e4:23:7d:
70:de:9a:ed:1c:99:39:4c:c0:f5:2d:16:39:74:fd:c7:b1:09:
a7:69:07:55:df:41:ba:92:b7:4f:32:d0:19:7e:54:59:50:99:
db:8d:f6:82:5b:27:64:6b:a0:08:3c:1a:41:e0:18:88:1d:e7:
27:d0:be:70:d1:31:43:db:09:b7:f9:d3:57:22:bc:f5:ce:64:
ac:22:1c:31:32:a3:96:0b:bf:3b:ee:ab:bf:81:6a:c3:9d:de:
b8:0a:47:d5:ad:81:18:dc:ed:ec:7e:c3:c9:1c:df:b1:f7:c2:
3e:6e:78:10:d7:88:c0:8a:a2:72:3d:11:ae:5a:89:57:02:fa:
e2:22:a7:9b:02:9c:b1:e8:21:ca:af:85:df:69:a2:37:b2:27:
01:d8:00:a7:bb:b6:ff:6a:66:1b:0f:d0:64:75:ff:af:54:cb:
6e:66:bd:8f:83:06:9c:0c:65:5f:14:83:0f:7a:02:70:2d:71:
5e:60:73:3d:b9:59:1f:f6:15:4f:89:9d:c2:bf:ec:26:9d:e3:
dc:37:2a:8a:0f:28:fb:05:aa:91:4f:9a:d9:fa:9a:e9:eb:0a:
c8:9d:08:e4:d5:d5:fe:7b:a6:aa:56:73:7e:1b:ef:67:0f:9c:
30:ae:d2:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOAVmIDDA4reFR4qluaNLtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNWNhYjhhMDlhOWZkZTIzYzk2MzVmOGUxNjRhZWYwOWUx
Nzk0OGMwHhcNMjIwOTI3MTkwNDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmY0MjJjMzZkZjkyNmE0OWRmNjY0OTkxMGUwYzYwMTA4ODFjMzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzuB9Q6At+V6J2qsBwgWKDt3fcwQ
Hcv2J3LWAwfIHeNW5vMmEc5ekQm2jXfGvTVjmCwgn69wUymv+1wevMe3HyxHG0fn
MVGJSD0VbqJmmQ+u0gILb2y9yJp2GxxuuqFsBHR1QsvxZua7pN1VvVyGWClA5KoD
NXp4cXP2wlQDF+2IxWmmfTDNG+qBg0x3/Kj2y5/lFlBhoQOzKL6aucF3pShWTWdt
b5h2R9ss1FRGSU82FLHVnL1SZ7J4IJHo6MOf8nidNeDfh9MYWDz8Tsh3HbCdZZHE
PV696q8o7JHSR8iBSo9HxNJ5wkATXWmyCDRdNatFX2yXzNsIbx7ebxa+gwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFL0IsNt+SaknfZkmRDgxgEIgcNFMB8GA1UdIwQY
MBaAFC9cq4oJqf3iPJY1+OFkrvCeF5SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUt
MDAyZjI2ZTNiODk4LzEvVXZRaXcyMzVKcVNkOW1TWkVPREdBUWlCdzBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUtMDAyZjI2ZTNiODk4
LzEvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBYV6MA0G
CSqGSIb3DQEBCwUAA4IBAQA22euFlBFiFA3MNz+WVKzkI31w3prtHJk5TMD1LRY5
dP3HsQmnaQdV30G6krdPMtAZflRZUJnbjfaCWydka6AIPBpB4BiIHecn0L5w0TFD
2wm3+dNXIrz1zmSsIhwxMqOWC7877qu/gWrDnd64CkfVrYEY3O3sfsPJHN+x98I+
bngQ14jAiqJyPRGuWolXAvriIqebApyx6CHKr4XfaaI3sicB2ACnu7b/amYbD9Bk
df+vVMtuZr2PgwacDGVfFIMPegJwLXFeYHM9uVkf9hVPiZ3Cv+wmnePcNyqKDyj7
BaqRT5rZ+prp6wrInQjk1dX+e6aqVnN+G+9nD5wwrtJa
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:32 2023 by rpki-client on console-ams.rpki-client.org