Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/4pubTc7EiV6XvtfcmkULA2WYCnw.roa
File: 4pubTc7EiV6XvtfcmkULA2WYCnw.roa (raw, json)
Hash identifier: HWcGFFFxwlQNlAAgfvvgmca+K3nUSTfRDthyaGPbhrE=
Subject key identifier: E2:9B:9B:4D:CE:C4:89:5E:97:BE:D7:DC:9A:45:0B:03:65:98:0A:7C
Certificate issuer: /CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Certificate serial: 35449B02
Authority key identifier: E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/4pubTc7EiV6XvtfcmkULA2WYCnw.roa
Signing time: Sat 01 Jan 2022 09:54:44 +0000
ROA not before: Sat 01 Jan 2022 09:54:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41039
IP address blocks: 5.153.128.0/18 maxlen: 24
92.242.96.0/19 maxlen: 32
195.184.192.0/19 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 893688578 (0x35449b02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Validity
Not Before: Jan 1 09:54:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e29b9b4dcec4895e97bed7dc9a450b0365980a7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fd:9c:1a:c7:a6:f9:84:22:76:23:60:35:fd:
ac:94:2c:ae:0b:9b:a5:82:d8:e0:d3:d2:59:ed:ec:
31:b3:a3:6f:06:42:7d:3e:3d:5d:0b:02:e9:1f:84:
23:36:c7:7a:11:c4:2f:de:6b:82:2b:52:40:64:28:
f0:1b:bb:b6:7a:b9:90:f8:ae:aa:38:80:21:f9:ea:
bb:a1:39:db:4d:c4:f0:0c:c2:4b:56:bb:1c:37:ee:
81:f5:5a:8c:50:1d:54:a6:e1:91:19:08:0c:97:cc:
d1:2b:3b:71:14:11:42:9b:42:57:db:8b:83:36:d7:
84:81:5b:b2:50:88:51:4f:26:dc:f0:93:2c:f3:4a:
4d:14:49:8f:16:06:e0:22:5d:6f:5a:23:ce:4c:e4:
51:3f:81:a3:a4:24:8e:89:4c:62:af:26:a6:2d:e1:
6f:01:16:36:c0:42:72:d1:32:8b:1b:61:df:a2:f6:
89:b7:ef:e0:f5:fb:48:ce:3d:1a:94:a3:5e:cc:4f:
07:61:28:73:ea:e3:ad:53:03:29:64:d9:e6:8f:3b:
eb:23:7c:76:e9:b0:2c:55:78:84:da:fd:2b:57:1b:
d3:5b:25:cf:b0:49:45:3d:1e:16:e0:29:87:d5:88:
ef:0a:9c:4d:5d:7b:0f:98:4a:b3:89:1f:3c:fa:bb:
74:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:9B:9B:4D:CE:C4:89:5E:97:BE:D7:DC:9A:45:0B:03:65:98:0A:7C
X509v3 Authority Key Identifier:
keyid:E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/4pubTc7EiV6XvtfcmkULA2WYCnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/59eZrg792Ybd53-zWtChCCPLly8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.128.0/18
92.242.96.0/19
195.184.192.0/19
Signature Algorithm: sha256WithRSAEncryption
60:bd:f8:8a:8f:7e:ab:83:b3:56:76:73:f2:1e:c9:0f:0b:c6:
46:88:3a:f9:24:99:a1:7a:c2:b0:c4:15:f0:ad:34:94:95:3e:
70:1c:ff:bd:96:08:a8:f9:bc:8b:23:c5:54:2f:7d:33:4d:f7:
3b:90:7a:39:81:39:06:57:fc:1f:f6:0d:b2:c6:3b:fc:60:45:
9a:e1:39:58:b6:62:72:1e:1f:09:5f:73:d9:51:dd:61:2e:23:
92:11:a7:22:ae:1e:74:39:4b:21:4b:f6:95:f6:32:cc:8d:91:
ad:3b:66:e1:31:ed:d1:04:51:f2:d0:35:a0:98:4a:70:dc:13:
7c:0b:f7:38:c3:98:65:a1:a2:75:0a:6e:02:13:00:94:ef:d7:
42:c5:92:3c:85:80:53:61:41:8e:1b:10:db:a3:60:52:72:c0:
00:ba:1b:d5:78:3c:0d:d7:eb:1f:1b:56:00:f3:8b:d6:40:89:
14:c0:ad:66:43:18:49:aa:bf:e7:57:fa:ce:49:4c:27:64:73:
50:56:1d:ae:b6:13:2d:40:35:a4:0b:99:31:d8:f8:8b:18:ed:
db:19:21:1d:7b:1f:b2:40:29:8a:b6:28:9f:c5:3b:e4:37:6b:
65:d0:81:fa:2c:93:51:ce:b1:a2:c2:7e:33:7b:74:0d:19:66:
3e:86:ea:bf
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIENUSbAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2Q3OTlhZTBlZmRkOTg2ZGRlNzdmYjM1YWQwYTEwODIzY2I5NzJmMB4XDTIyMDEw
MTA5NTQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTI5YjliNGRjZWM0
ODk1ZTk3YmVkN2RjOWE0NTBiMDM2NTk4MGE3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKP9nBrHpvmEInYjYDX9rJQsrgubpYLY4NPSWe3sMbOjbwZC
fT49XQsC6R+EIzbHehHEL95rgitSQGQo8Bu7tnq5kPiuqjiAIfnqu6E5203E8AzC
S1a7HDfugfVajFAdVKbhkRkIDJfM0Ss7cRQRQptCV9uLgzbXhIFbslCIUU8m3PCT
LPNKTRRJjxYG4CJdb1ojzkzkUT+Bo6QkjolMYq8mpi3hbwEWNsBCctEyixth36L2
ibfv4PX7SM49GpSjXsxPB2Eoc+rjrVMDKWTZ5o876yN8dumwLFV4hNr9K1cb01sl
z7BJRT0eFuAph9WI7wqcTV17D5hKs4kfPPq7dNkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTim5tNzsSJXpe+19yaRQsDZZgKfDAfBgNVHSMEGDAWgBTn15muDv3Zht3n
f7Na0KEII8uXLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU5ZVpyZzc5MlliZDUzLXpXdENoQ0NQTGx5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvMTEwODFiLTRlZjktNGUyZi04MTUzLTI4NzkzNzk0MGQ3Yi8x
LzRwdWJUYzdFaVY2WHZ0ZmNta1VMQTJXWUNudy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
MTEwODFiLTRlZjktNGUyZi04MTUzLTI4NzkzNzk0MGQ3Yi8xLzU5ZVpyZzc5Mlli
ZDUzLXpXdENoQ0NQTGx5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBgWZgAMEBVzyYAMEBcO4wDANBgkq
hkiG9w0BAQsFAAOCAQEAYL34io9+q4OzVnZz8h7JDwvGRog6+SSZoXrCsMQV8K00
lJU+cBz/vZYIqPm8iyPFVC99M033O5B6OYE5Blf8H/YNssY7/GBFmuE5WLZich4f
CV9z2VHdYS4jkhGnIq4edDlLIUv2lfYyzI2RrTtm4THt0QRR8tA1oJhKcNwTfAv3
OMOYZaGidQpuAhMAlO/XQsWSPIWAU2FBjhsQ26NgUnLAALob1Xg8DdfrHxtWAPOL
1kCJFMCtZkMYSaq/51f6zklMJ2RzUFYdrrYTLUA1pAuZMdj4ixjt2xkhHXsfskAp
irYon8U75DdrZdCB+iyTUc6xosJ+M3t0DRlmPobqvw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:13 2023 by rpki-client on console-fra.rpki-client.org