Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/G--lmrvxPGJENDzUXiqaedTimcw.roa
File: G--lmrvxPGJENDzUXiqaedTimcw.roa (raw, json)
Hash identifier: TjTLqQskb3x/h8lmoep+DxEsmtvNTqZt6xMBDEf1o10=
Subject key identifier: 1B:EF:A5:9A:BB:F1:3C:62:44:34:3C:D4:5E:2A:9A:79:D4:E2:99:CC
Certificate issuer: /CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Certificate serial: 01833201E66EFA5A0BFD92C6DFE4DDBD2455
Authority key identifier: E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/G--lmrvxPGJENDzUXiqaedTimcw.roa
Signing time: Mon 12 Sep 2022 14:02:08 +0000
ROA not before: Mon 12 Sep 2022 14:02:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41039
IP address blocks: 5.153.128.0/18 maxlen: 24
92.242.96.0/19 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:32:01:e6:6e:fa:5a:0b:fd:92:c6:df:e4:dd:bd:24:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Validity
Not Before: Sep 12 14:02:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1befa59abbf13c6244343cd45e2a9a79d4e299cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:da:15:e9:d2:b1:61:53:51:36:d1:d2:4d:51:
33:43:0a:fc:76:c6:da:12:d1:c0:7a:e7:46:6f:0f:
a2:00:c6:1c:dd:81:bb:ec:4a:37:58:18:9e:45:18:
59:4a:ff:d2:66:45:1e:96:28:1a:7d:d4:57:3e:8e:
5e:40:50:5d:f1:35:95:92:c3:81:bc:d4:e8:de:20:
69:bf:c9:6d:a3:e9:bd:3c:11:17:b1:99:6f:46:d2:
5e:34:5a:0f:81:76:9b:8b:01:b0:15:e4:28:cf:f7:
27:ea:35:c9:db:0a:4a:0c:d1:78:29:23:36:2f:11:
15:32:cc:a6:3b:b4:8d:e0:fe:6b:0c:3a:e3:10:e7:
8f:65:6b:92:47:5c:52:8f:c1:0e:51:d3:59:6c:3c:
a4:44:52:8d:40:6e:e5:c8:3c:44:a8:61:24:9f:dc:
9a:44:d8:b0:25:c5:34:70:1e:87:66:7e:5d:02:59:
a2:8b:91:60:1a:7e:81:c7:60:1a:b0:dc:1c:e5:e1:
73:97:3c:06:bd:6a:73:45:31:97:0f:c9:f2:f3:f9:
d5:93:55:6e:ac:b5:f1:fc:7c:48:9b:bd:61:05:dd:
17:2c:cf:2b:a2:84:20:f4:4d:5f:79:d8:52:6d:22:
2c:9d:f5:0a:d8:01:44:36:7c:e9:82:1a:54:0e:cc:
a8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:EF:A5:9A:BB:F1:3C:62:44:34:3C:D4:5E:2A:9A:79:D4:E2:99:CC
X509v3 Authority Key Identifier:
keyid:E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/G--lmrvxPGJENDzUXiqaedTimcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/59eZrg792Ybd53-zWtChCCPLly8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.128.0/18
92.242.96.0/19
Signature Algorithm: sha256WithRSAEncryption
93:6f:90:cd:54:81:56:5c:4d:ed:3a:9d:fe:27:25:c5:16:9a:
93:50:fd:fa:cc:83:da:34:2f:d1:37:b4:2c:63:e0:dd:3c:13:
d7:8b:02:d7:34:db:78:d5:17:27:c8:18:7d:6c:a7:10:d4:83:
6a:1b:92:04:ba:bd:44:6a:73:40:8c:cd:57:41:a1:6b:78:42:
40:52:0f:0b:0a:df:a1:fe:7b:b0:71:65:0c:c0:a8:48:dc:97:
54:94:3a:04:c9:1e:97:76:59:6a:50:8d:ce:d1:03:25:ef:ba:
ba:3f:a6:9c:c2:b9:9b:d6:92:05:78:7e:ee:2c:ff:82:c7:b2:
dc:78:e7:f3:06:a9:4e:41:5b:fd:04:5f:65:09:9c:e7:85:7e:
9c:bb:8c:84:96:eb:d6:fc:37:56:d1:04:6c:17:a2:d9:df:a9:
b0:1e:a6:92:01:9b:2d:7b:fa:17:c2:5b:e7:c0:80:3f:4b:11:
36:92:58:32:4d:15:5f:0c:20:ae:9c:0d:34:2c:f9:76:1d:d9:
d5:7d:b7:88:65:83:44:f8:83:b7:96:e1:27:5c:f2:e3:65:7a:
4e:a2:27:05:75:2a:e2:68:f6:50:7c:b0:51:3d:4c:fe:d4:e1:
6d:db:22:80:59:78:0e:9e:f9:f9:28:12:7b:d7:c6:f1:34:9c:
b1:75:6e:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYMyAeZu+loL/ZLG3+TdvSRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZDc5OWFlMGVmZGQ5ODZkZGU3N2ZiMzVhZDBhMTA4MjNj
Yjk3MmYwHhcNMjIwOTEyMTQwMjA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmVmYTU5YWJiZjEzYzYyNDQzNDNjZDQ1ZTJhOWE3OWQ0ZTI5OWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2toV6dKxYVNRNtHSTVEzQwr8dsba
EtHAeudGbw+iAMYc3YG77Eo3WBieRRhZSv/SZkUeligafdRXPo5eQFBd8TWVksOB
vNTo3iBpv8lto+m9PBEXsZlvRtJeNFoPgXabiwGwFeQoz/cn6jXJ2wpKDNF4KSM2
LxEVMsymO7SN4P5rDDrjEOePZWuSR1xSj8EOUdNZbDykRFKNQG7lyDxEqGEkn9ya
RNiwJcU0cB6HZn5dAlmii5FgGn6Bx2AasNwc5eFzlzwGvWpzRTGXD8ny8/nVk1Vu
rLXx/HxIm71hBd0XLM8rooQg9E1fedhSbSIsnfUK2AFENnzpghpUDsyoXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBvvpZq78TxiRDQ81F4qmnnU4pnMMB8GA1UdIwQY
MBaAFOfXma4O/dmG3ed/s1rQoQgjy5cvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTllWnJnNzkyWWJkNTMteld0Q2hDQ1BMbHk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xMTA4MWItNGVmOS00ZTJmLTgxNTMt
Mjg3OTM3OTQwZDdiLzEvRy0tbG1ydnhQR0pFTkR6VVhpcWFlZFRpbWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xMTA4MWItNGVmOS00ZTJmLTgxNTMtMjg3OTM3OTQwZDdi
LzEvNTllWnJnNzkyWWJkNTMteld0Q2hDQ1BMbHk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGBZmAAwQF
XPJgMA0GCSqGSIb3DQEBCwUAA4IBAQCTb5DNVIFWXE3tOp3+JyXFFpqTUP36zIPa
NC/RN7QsY+DdPBPXiwLXNNt41RcnyBh9bKcQ1INqG5IEur1EanNAjM1XQaFreEJA
Ug8LCt+h/nuwcWUMwKhI3JdUlDoEyR6XdllqUI3O0QMl77q6P6acwrmb1pIFeH7u
LP+Cx7LceOfzBqlOQVv9BF9lCZznhX6cu4yEluvW/DdW0QRsF6LZ36mwHqaSAZst
e/oXwlvnwIA/SxE2klgyTRVfDCCunA00LPl2HdnVfbeIZYNE+IO3luEnXPLjZXpO
oicFdSriaPZQfLBRPUz+1OFt2yKAWXgOnvn5KBJ718bxNJyxdW6S
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:17:30 2025 by rpki-client