Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/8vUiPsCCBQhm56zw9y8J4-lrmg4.roa
File: 8vUiPsCCBQhm56zw9y8J4-lrmg4.roa (raw, json)
Hash identifier: s52IRM8umsb7TiC04ERp60mRVeAdBRtaYtlOiAiCj7w=
Subject key identifier: F2:F5:22:3E:C0:82:05:08:66:E7:AC:F0:F7:2F:09:E3:E9:6B:9A:0E
Certificate issuer: /CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Certificate serial: 35470F05
Authority key identifier: E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/8vUiPsCCBQhm56zw9y8J4-lrmg4.roa
Signing time: Sat 01 Jan 2022 09:54:45 +0000
ROA not before: Sat 01 Jan 2022 09:54:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50459
IP address blocks: 5.153.173.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 893849349 (0x35470f05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Validity
Not Before: Jan 1 09:54:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2f5223ec082050866e7acf0f72f09e3e96b9a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7b:fb:e5:57:40:e7:cb:7b:7d:1c:47:96:f4:
f4:ad:f9:74:00:bb:23:07:db:36:60:8d:14:32:ad:
af:25:76:ae:a3:a4:c3:6e:fb:b4:d1:f7:a8:50:27:
37:b4:e0:60:e3:7e:7c:9f:7a:09:c7:1f:69:47:94:
b2:18:41:c7:ff:47:97:0b:a6:f1:ff:12:31:a8:ed:
c1:d8:81:45:ec:81:c9:f5:a5:20:1f:f7:d2:1b:21:
29:e4:87:7f:91:ae:66:f1:20:86:fb:41:68:d3:df:
22:9d:3b:a3:fb:42:80:a9:d1:64:67:36:09:b1:d0:
d3:3d:9e:16:0c:5f:5a:1b:36:88:9b:5b:39:6d:90:
43:de:65:4b:39:f8:80:e9:ed:21:af:ac:00:20:10:
19:82:18:b9:5a:7d:20:e0:3e:0d:2c:0a:6b:c8:b7:
89:b5:fb:2a:e0:f4:85:3f:87:bc:e4:2c:31:60:45:
4d:8b:91:c2:75:a1:3f:aa:e8:4a:6d:2c:62:e8:bd:
28:e4:da:80:ed:95:b7:00:58:5b:7d:d6:15:52:e8:
e9:8b:17:d7:a4:e2:c7:35:48:ed:f2:eb:51:0e:b7:
85:31:78:69:ec:52:2e:af:75:5c:35:dd:01:6b:f3:
c9:64:ae:78:62:20:bc:4f:b4:ff:59:fc:58:f8:2b:
c8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:F5:22:3E:C0:82:05:08:66:E7:AC:F0:F7:2F:09:E3:E9:6B:9A:0E
X509v3 Authority Key Identifier:
keyid:E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/8vUiPsCCBQhm56zw9y8J4-lrmg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/59eZrg792Ybd53-zWtChCCPLly8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.173.0/24
Signature Algorithm: sha256WithRSAEncryption
39:f3:5c:e0:b2:c6:47:5b:93:20:2b:90:05:9b:77:4c:55:61:
d5:27:62:68:3e:a6:e6:95:3f:66:18:c8:9b:3a:1f:29:51:fe:
1b:01:fb:2c:cc:7a:4f:4f:f1:a0:7c:bb:6c:1b:7a:84:36:fa:
1e:6a:78:e6:6e:64:9f:89:10:e3:5a:6d:ed:20:7c:87:05:65:
8b:33:e0:b0:95:3e:eb:b9:3e:4b:6e:9d:6f:9b:dd:26:c8:07:
73:d5:c9:36:24:43:9f:ef:a1:6b:bd:3b:f1:d8:d0:21:79:4d:
fe:79:b9:79:46:6a:50:27:31:b3:3f:d1:39:21:28:0c:4e:b5:
fd:f2:15:8e:65:52:1b:7c:c3:12:6e:0d:e2:71:3b:f6:38:d0:
1e:c0:63:1b:45:fb:68:a2:15:0b:35:90:cb:1e:16:1b:58:9e:
07:2d:b0:51:51:1c:e1:93:38:0b:d0:87:ec:49:88:01:4b:d8:
42:b2:1d:a3:07:c9:a4:22:a1:59:5e:5d:6d:f6:a2:f2:19:c9:
61:c2:c9:ef:55:7e:19:b1:fe:86:8c:9d:e9:cf:62:b3:94:4e:
ac:14:a1:8f:56:2c:73:c0:4b:0f:f9:d8:41:0c:80:02:d4:16:
ba:68:dd:cf:28:a5:86:bf:26:0d:0d:2c:9d:7d:5c:73:94:24:
67:31:f0:42
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENUcPBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2Q3OTlhZTBlZmRkOTg2ZGRlNzdmYjM1YWQwYTEwODIzY2I5NzJmMB4XDTIyMDEw
MTA5NTQ0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjJmNTIyM2VjMDgy
MDUwODY2ZTdhY2YwZjcyZjA5ZTNlOTZiOWEwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKd7++VXQOfLe30cR5b09K35dAC7IwfbNmCNFDKtryV2rqOk
w277tNH3qFAnN7TgYON+fJ96CccfaUeUshhBx/9Hlwum8f8SMajtwdiBReyByfWl
IB/30hshKeSHf5GuZvEghvtBaNPfIp07o/tCgKnRZGc2CbHQ0z2eFgxfWhs2iJtb
OW2QQ95lSzn4gOntIa+sACAQGYIYuVp9IOA+DSwKa8i3ibX7KuD0hT+HvOQsMWBF
TYuRwnWhP6roSm0sYui9KOTagO2VtwBYW33WFVLo6YsX16TixzVI7fLrUQ63hTF4
aexSLq91XDXdAWvzyWSueGIgvE+0/1n8WPgryG8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTy9SI+wIIFCGbnrPD3Lwnj6WuaDjAfBgNVHSMEGDAWgBTn15muDv3Zht3n
f7Na0KEII8uXLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU5ZVpyZzc5MlliZDUzLXpXdENoQ0NQTGx5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvMTEwODFiLTRlZjktNGUyZi04MTUzLTI4NzkzNzk0MGQ3Yi8x
Lzh2VWlQc0NDQlFobTU2enc5eThKNC1scm1nNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
MTEwODFiLTRlZjktNGUyZi04MTUzLTI4NzkzNzk0MGQ3Yi8xLzU5ZVpyZzc5Mlli
ZDUzLXpXdENoQ0NQTGx5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAWZrTANBgkqhkiG9w0BAQsFAAOC
AQEAOfNc4LLGR1uTICuQBZt3TFVh1SdiaD6m5pU/ZhjImzofKVH+GwH7LMx6T0/x
oHy7bBt6hDb6Hmp45m5kn4kQ41pt7SB8hwVlizPgsJU+67k+S26db5vdJsgHc9XJ
NiRDn++ha7078djQIXlN/nm5eUZqUCcxsz/ROSEoDE61/fIVjmVSG3zDEm4N4nE7
9jjQHsBjG0X7aKIVCzWQyx4WG1ieBy2wUVEc4ZM4C9CH7EmIAUvYQrIdowfJpCKh
WV5dbfai8hnJYcLJ71V+GbH+hoyd6c9is5ROrBShj1Ysc8BLD/nYQQyAAtQWumjd
zyilhr8mDQ0snX1cc5QkZzHwQg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:13 2023 by rpki-client on console-fra.rpki-client.org