Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/7i5F4g7FESsMk0DTUxHBylADqNY.roa
File: 7i5F4g7FESsMk0DTUxHBylADqNY.roa (raw, json)
Hash identifier: Q4pGI13UyyBlT0zrgdqU1N7LSbGwbCtgl7C+o0kFuGA=
Subject key identifier: EE:2E:45:E2:0E:C5:11:2B:0C:93:40:D3:53:11:C1:CA:50:03:A8:D6
Certificate issuer: /CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Certificate serial: 35440CD9
Authority key identifier: E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/7i5F4g7FESsMk0DTUxHBylADqNY.roa
Signing time: Sat 01 Jan 2022 09:54:43 +0000
ROA not before: Sat 01 Jan 2022 09:54:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8274
IP address blocks: 5.153.180.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 893652185 (0x35440cd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Validity
Not Before: Jan 1 09:54:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ee2e45e20ec5112b0c9340d35311c1ca5003a8d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:72:eb:5a:c9:39:1d:01:e9:4e:d6:c5:57:4c:
e1:3e:bb:dc:94:05:61:2a:68:b7:a7:64:05:aa:96:
05:68:3a:ca:06:c0:37:d7:1d:43:46:9a:5b:a9:ab:
4e:fe:c0:5b:04:88:6f:0a:85:6a:42:38:42:a5:d4:
68:4d:2e:ca:67:40:45:c5:b1:0e:c1:9d:55:1c:2c:
d2:b5:d2:7c:fa:61:7e:6f:dc:2e:fb:7c:75:50:d8:
57:f6:9c:2e:3b:ec:4c:6c:81:2c:f1:9f:61:14:84:
17:a6:52:ca:18:8c:e5:24:d9:64:eb:aa:7b:0b:cd:
d0:b3:c5:50:25:e1:97:a4:83:be:72:8a:83:0d:54:
64:37:41:f9:b0:e7:30:90:46:a5:b9:07:58:b3:92:
44:ab:42:ab:e5:67:28:b5:5d:f3:27:0e:3e:98:1e:
a5:e0:a9:f2:ef:63:cd:49:46:e3:8f:92:a1:c6:48:
e8:43:93:3e:83:40:9a:63:aa:ad:6f:5e:ad:ba:0a:
b5:5c:ce:cb:55:9a:b9:ba:20:b8:32:c6:af:83:c2:
d6:d0:ef:48:94:e8:15:01:44:07:fe:57:34:0e:ff:
32:62:ae:fe:f3:c2:62:58:40:fc:0e:30:99:40:19:
bd:48:96:84:33:29:7e:d6:1e:19:b6:0e:c5:86:a5:
33:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:2E:45:E2:0E:C5:11:2B:0C:93:40:D3:53:11:C1:CA:50:03:A8:D6
X509v3 Authority Key Identifier:
keyid:E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/7i5F4g7FESsMk0DTUxHBylADqNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/59eZrg792Ybd53-zWtChCCPLly8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.180.0/24
Signature Algorithm: sha256WithRSAEncryption
99:92:9f:fc:2e:79:0f:6a:75:c8:c3:2c:ce:a5:fc:2a:de:62:
3d:ac:7c:87:c9:5a:95:57:89:63:e7:ae:3e:3f:39:3f:22:fa:
ba:4c:74:61:c7:40:64:c8:a3:6b:4f:08:ca:bc:a0:4b:df:52:
8d:5a:ad:e1:b5:01:28:6f:e9:7a:a8:b6:fb:53:ab:1d:41:e8:
e8:20:6f:6c:47:cb:7c:61:85:82:fa:0a:76:82:6f:67:c0:44:
24:1c:bb:64:e4:80:4f:76:9d:84:39:37:05:d4:1b:10:49:e8:
3b:6a:81:2b:97:4f:55:a9:63:41:12:59:5a:5d:97:b8:f4:3d:
43:4d:f7:b1:18:bc:f2:5c:78:1b:3c:fb:01:97:93:34:ef:1b:
c4:4e:85:74:2f:fe:9b:a4:1c:af:85:86:b9:d1:a7:68:47:44:
b7:60:d1:32:ae:7d:68:fa:b5:ae:bc:ac:14:65:9c:41:38:c6:
e2:90:c3:7f:6d:e7:74:10:60:69:77:08:5f:c7:3a:f1:c9:55:
c8:47:6a:7c:c2:6d:7c:68:22:cb:64:bf:68:91:5a:64:ab:64:
d5:b2:8f:a6:df:a0:73:ee:0d:f4:16:32:fd:11:b2:f8:43:b7:
ce:6c:b0:8b:a9:8f:e4:92:03:75:b4:c8:cc:4b:58:80:cd:9b:
78:51:8e:e2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENUQM2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2Q3OTlhZTBlZmRkOTg2ZGRlNzdmYjM1YWQwYTEwODIzY2I5NzJmMB4XDTIyMDEw
MTA5NTQ0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWUyZTQ1ZTIwZWM1
MTEyYjBjOTM0MGQzNTMxMWMxY2E1MDAzYThkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVy61rJOR0B6U7WxVdM4T673JQFYSpot6dkBaqWBWg6ygbA
N9cdQ0aaW6mrTv7AWwSIbwqFakI4QqXUaE0uymdARcWxDsGdVRws0rXSfPphfm/c
Lvt8dVDYV/acLjvsTGyBLPGfYRSEF6ZSyhiM5STZZOuqewvN0LPFUCXhl6SDvnKK
gw1UZDdB+bDnMJBGpbkHWLOSRKtCq+VnKLVd8ycOPpgepeCp8u9jzUlG44+SocZI
6EOTPoNAmmOqrW9erboKtVzOy1WauboguDLGr4PC1tDvSJToFQFEB/5XNA7/MmKu
/vPCYlhA/A4wmUAZvUiWhDMpftYeGbYOxYalMwECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTuLkXiDsURKwyTQNNTEcHKUAOo1jAfBgNVHSMEGDAWgBTn15muDv3Zht3n
f7Na0KEII8uXLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU5ZVpyZzc5MlliZDUzLXpXdENoQ0NQTGx5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvMTEwODFiLTRlZjktNGUyZi04MTUzLTI4NzkzNzk0MGQ3Yi8x
LzdpNUY0ZzdGRVNzTWswRFRVeEhCeWxBRHFOWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
MTEwODFiLTRlZjktNGUyZi04MTUzLTI4NzkzNzk0MGQ3Yi8xLzU5ZVpyZzc5Mlli
ZDUzLXpXdENoQ0NQTGx5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAWZtDANBgkqhkiG9w0BAQsFAAOC
AQEAmZKf/C55D2p1yMMszqX8Kt5iPax8h8lalVeJY+euPj85PyL6ukx0YcdAZMij
a08IyrygS99SjVqt4bUBKG/peqi2+1OrHUHo6CBvbEfLfGGFgvoKdoJvZ8BEJBy7
ZOSAT3adhDk3BdQbEEnoO2qBK5dPValjQRJZWl2XuPQ9Q033sRi88lx4Gzz7AZeT
NO8bxE6FdC/+m6Qcr4WGudGnaEdEt2DRMq59aPq1rrysFGWcQTjG4pDDf23ndBBg
aXcIX8c68clVyEdqfMJtfGgiy2S/aJFaZKtk1bKPpt+gc+4N9BYy/RGy+EO3zmyw
i6mP5JIDdbTIzEtYgM2beFGO4g==
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:37:28 2025 by rpki-client