Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/WIDqbDEiPCoSt2zexCylTpSTy30.roa
File: WIDqbDEiPCoSt2zexCylTpSTy30.roa (raw, json)
Hash identifier: AXsJUyUMdtiaQdZCK7VY6RAFk6C3Rrqm+5tqcEaVP4U=
Subject key identifier: 58:80:EA:6C:31:22:3C:2A:12:B7:6C:DE:C4:2C:A5:4E:94:93:CB:7D
Certificate issuer: /CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Certificate serial: 018EC425C1346847D893094CDCB277ED1173
Authority key identifier: C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/WIDqbDEiPCoSt2zexCylTpSTy30.roa
Signing time: Tue 09 Apr 2024 18:36:32 +0000
ROA not before: Tue 09 Apr 2024 18:36:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 5.42.210.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c4:25:c1:34:68:47:d8:93:09:4c:dc:b2:77:ed:11:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Validity
Not Before: Apr 9 18:36:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5880ea6c31223c2a12b76cdec42ca54e9493cb7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:43:48:f2:86:0b:f6:75:d8:7e:0c:72:0c:44:
62:0b:f8:a7:94:0a:ed:38:56:b4:d6:14:c0:4d:4b:
70:63:1d:a4:75:2e:11:83:46:8b:7a:1e:a4:fc:6a:
93:32:22:10:96:82:57:5f:14:e3:e4:02:61:39:6a:
38:09:fe:2e:67:48:9b:3d:5c:14:70:1b:ad:4d:f5:
96:4e:fa:05:16:c4:57:0a:43:db:e4:ea:95:cc:34:
95:a7:85:51:04:94:bb:d4:4a:9f:bf:d9:43:fc:fa:
d3:b8:48:94:7f:b0:64:4b:ce:40:5f:ec:0b:39:0d:
6c:66:a0:45:c7:6a:29:42:fa:cc:ad:77:f7:73:33:
47:69:d2:80:a9:9f:6a:d1:38:17:7d:ad:43:eb:1c:
54:14:ae:45:7d:ef:8d:f4:ab:e1:85:af:1e:6f:37:
65:94:d6:49:54:b4:69:1e:8e:95:2b:0f:6b:84:b3:
f0:a8:e6:c5:15:c4:e3:d6:f6:65:56:bf:de:2e:d3:
58:94:2f:be:01:85:8f:d2:e4:a0:d6:31:14:39:6d:
ef:92:f6:e2:a1:56:31:27:f3:d5:31:87:b5:85:cd:
81:5a:c1:cf:dc:e2:2f:06:cb:70:d7:89:9f:87:b2:
8f:fd:3e:d6:e4:f5:ed:a2:fa:e0:de:90:37:54:4c:
13:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:80:EA:6C:31:22:3C:2A:12:B7:6C:DE:C4:2C:A5:4E:94:93:CB:7D
X509v3 Authority Key Identifier:
keyid:C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/WIDqbDEiPCoSt2zexCylTpSTy30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/w6vcxJ99kDO1KQRnnzybeD2ME1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.210.0/24
Signature Algorithm: sha256WithRSAEncryption
81:00:b9:00:97:1e:68:23:8a:98:8d:cd:06:95:91:bc:5e:6e:
41:5f:09:5f:59:82:70:21:90:c7:4f:d1:b2:4d:7d:de:1b:31:
38:64:b2:fc:60:59:a7:df:ab:e6:c7:d1:c9:a6:0f:8b:e5:bd:
8e:e3:c5:5b:c7:e5:c9:23:e8:a5:fd:21:4d:22:6b:8d:43:34:
4a:43:20:b6:50:97:05:53:37:9d:8f:5a:d2:5f:5c:43:a1:14:
62:d5:ba:25:51:e3:6a:53:11:b1:66:82:dd:e1:b1:cb:2f:48:
63:15:86:10:5d:5f:d0:da:b0:a3:d0:34:00:15:e0:92:57:0d:
8e:8a:2f:c5:ed:da:29:9d:92:7f:eb:3f:9a:98:15:2a:4c:d4:
8e:67:4f:04:5f:e1:b4:5b:1e:33:87:19:0f:e7:73:26:4d:5f:
08:c2:58:63:5d:3f:3a:c5:25:5f:72:59:5c:82:09:be:b3:e0:
b4:dc:5b:31:ed:0b:ee:dd:97:d2:e4:c3:2e:97:45:d8:6f:9b:
4b:fb:2a:f2:32:f9:b7:e0:c2:d6:21:c0:90:63:78:55:7a:d7:
71:de:91:bd:e7:c2:2e:c9:3f:c0:eb:4c:e1:9c:30:41:a3:2c:
38:10:6c:72:53:4c:8b:32:a5:c7:2b:8f:73:cf:4c:b2:0b:a7:
fe:75:ae:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7EJcE0aEfYkwlM3LJ37RFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYWJkY2M0OWY3ZDkwMzNiNTI5MDQ2NzlmM2M5Yjc4M2Q4
YzEzNTgwHhcNMjQwNDA5MTgzNjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODgwZWE2YzMxMjIzYzJhMTJiNzZjZGVjNDJjYTU0ZTk0OTNjYjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkNI8oYL9nXYfgxyDERiC/inlArt
OFa01hTATUtwYx2kdS4Rg0aLeh6k/GqTMiIQloJXXxTj5AJhOWo4Cf4uZ0ibPVwU
cButTfWWTvoFFsRXCkPb5OqVzDSVp4VRBJS71Eqfv9lD/PrTuEiUf7BkS85AX+wL
OQ1sZqBFx2opQvrMrXf3czNHadKAqZ9q0TgXfa1D6xxUFK5Ffe+N9Kvhha8ebzdl
lNZJVLRpHo6VKw9rhLPwqObFFcTj1vZlVr/eLtNYlC++AYWP0uSg1jEUOW3vkvbi
oVYxJ/PVMYe1hc2BWsHP3OIvBstw14mfh7KP/T7W5PXtovrg3pA3VEwT7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFiA6mwxIjwqErds3sQspU6Uk8t9MB8GA1UdIwQY
MBaAFMOr3MSffZAztSkEZ588m3g9jBNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAt
NGQ5MTI3ZmJhM2FkLzEvV0lEcWJERWlQQ29TdDJ6ZXhDeWxUcFNUeTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAtNGQ5MTI3ZmJhM2Fk
LzEvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSrSMA0G
CSqGSIb3DQEBCwUAA4IBAQCBALkAlx5oI4qYjc0GlZG8Xm5BXwlfWYJwIZDHT9Gy
TX3eGzE4ZLL8YFmn36vmx9HJpg+L5b2O48Vbx+XJI+il/SFNImuNQzRKQyC2UJcF
Uzedj1rSX1xDoRRi1bolUeNqUxGxZoLd4bHLL0hjFYYQXV/Q2rCj0DQAFeCSVw2O
ii/F7dopnZJ/6z+amBUqTNSOZ08EX+G0Wx4zhxkP53MmTV8IwlhjXT86xSVfcllc
ggm+s+C03Fsx7Qvu3ZfS5MMul0XYb5tL+yryMvm34MLWIcCQY3hVetdx3pG958Iu
yT/A60zhnDBBoyw4EGxyU0yLMqXHK49zz0yyC6f+da6f
-----END CERTIFICATE-----
Generated at Tue Aug 6 18:22:43 2024 by rpki-client on console-ams.rpki-client.org