Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/SITzX32mI4GygFgXPoCbg55sN6w.roa
File: SITzX32mI4GygFgXPoCbg55sN6w.roa (raw, json)
Hash identifier: ladRnU9MGqsTEPhSzfq6z+X6kNlhx08ENkAYwuANptE=
Subject key identifier: 48:84:F3:5F:7D:A6:23:81:B2:80:58:17:3E:80:9B:83:9E:6C:37:AC
Certificate issuer: /CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Certificate serial: 35490BBA
Authority key identifier: E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/SITzX32mI4GygFgXPoCbg55sN6w.roa
Signing time: Sat 01 Jan 2022 09:54:46 +0000
ROA not before: Sat 01 Jan 2022 09:54:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209595
IP address blocks: 5.153.178.0/24 maxlen: 24
5.153.175.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 893979578 (0x35490bba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Validity
Not Before: Jan 1 09:54:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4884f35f7da62381b28058173e809b839e6c37ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c2:f5:11:30:e1:ed:ea:e5:a0:49:c6:83:0d:
e5:ab:2c:31:48:c0:05:57:ad:af:bb:7d:fa:c3:92:
f4:70:66:66:f7:7d:a3:81:97:c4:75:a5:65:6a:b1:
b7:bc:99:00:54:29:b8:92:f3:c1:25:b8:68:97:86:
93:05:42:3b:58:32:5a:29:e0:73:e4:5d:25:80:0b:
e3:44:31:31:80:89:37:d4:72:99:e6:50:37:03:c0:
f2:6f:a3:29:69:78:f9:95:6a:90:ea:ed:a0:b8:e0:
3f:1a:00:d5:ff:dc:f7:04:14:3f:0f:00:18:16:c3:
a3:f6:ee:1f:88:fd:76:18:41:d8:d0:61:ab:0a:22:
2f:47:3e:68:1d:8d:56:4f:01:00:a3:9f:5e:e6:60:
2c:a7:10:cf:e6:ad:ea:e6:d2:a7:8e:5c:15:dd:db:
2d:7f:6a:f7:a8:a2:86:cd:a7:11:07:b6:21:44:f3:
cd:84:13:d9:63:78:d4:58:fb:e4:59:e2:d0:92:be:
9b:aa:ed:c2:e6:8b:a1:01:e2:e3:e2:4b:33:4a:34:
9c:ad:48:19:01:20:2b:f1:ef:47:63:1c:c5:25:0e:
e1:8e:dc:a0:9b:cd:4c:42:f5:96:98:4d:2b:45:5c:
65:97:a5:2f:8a:4f:09:21:b4:0c:b1:45:1b:99:b5:
96:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:84:F3:5F:7D:A6:23:81:B2:80:58:17:3E:80:9B:83:9E:6C:37:AC
X509v3 Authority Key Identifier:
keyid:E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/SITzX32mI4GygFgXPoCbg55sN6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/59eZrg792Ybd53-zWtChCCPLly8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.175.0/24
5.153.178.0/24
Signature Algorithm: sha256WithRSAEncryption
28:1a:40:aa:05:57:73:bd:5d:db:c6:c6:24:29:3e:ce:eb:13:
a7:76:4c:0a:29:c1:99:ac:08:11:8a:c9:7b:bd:55:f0:92:54:
8f:d4:89:8a:ff:00:e7:ad:a4:87:22:3e:76:c6:54:b7:5d:5b:
66:7c:37:95:b8:94:c4:58:f8:81:d5:0f:34:19:1b:e9:79:30:
df:c9:ee:94:49:fa:72:af:0c:24:cc:5a:b4:89:12:85:52:bb:
77:cd:6f:95:e1:d2:71:2c:bc:a9:01:5a:e1:5d:43:e0:df:d2:
98:0c:0e:1f:8f:94:c2:29:27:02:6a:1f:09:8d:c6:b5:85:ef:
b5:34:09:d4:ce:a4:aa:75:4b:b3:36:72:ad:e2:2e:83:73:13:
2c:35:a3:fc:1b:6b:2d:01:16:c2:ca:ba:56:ff:b3:cc:68:f4:
61:aa:86:7f:2f:a8:58:b8:df:7b:6b:8e:48:06:ce:56:d1:18:
6d:cf:40:41:bc:77:81:4f:be:e1:94:e9:15:22:4c:02:87:a4:
52:6f:cb:11:26:76:0d:25:f9:e6:bc:98:df:1d:38:67:9a:13:
fa:0c:61:fd:f7:fc:46:4e:90:ec:36:3a:8c:4d:2c:7b:bd:5b:
5b:d4:2a:5c:e5:98:d5:6b:83:26:3a:ac:44:59:60:4b:7c:33:
f8:8d:26:ac
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIENUkLujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2Q3OTlhZTBlZmRkOTg2ZGRlNzdmYjM1YWQwYTEwODIzY2I5NzJmMB4XDTIyMDEw
MTA5NTQ0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDg4NGYzNWY3ZGE2
MjM4MWIyODA1ODE3M2U4MDliODM5ZTZjMzdhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM3C9REw4e3q5aBJxoMN5assMUjABVetr7t9+sOS9HBmZvd9
o4GXxHWlZWqxt7yZAFQpuJLzwSW4aJeGkwVCO1gyWingc+RdJYAL40QxMYCJN9Ry
meZQNwPA8m+jKWl4+ZVqkOrtoLjgPxoA1f/c9wQUPw8AGBbDo/buH4j9dhhB2NBh
qwoiL0c+aB2NVk8BAKOfXuZgLKcQz+at6ubSp45cFd3bLX9q96iihs2nEQe2IUTz
zYQT2WN41Fj75Fni0JK+m6rtwuaLoQHi4+JLM0o0nK1IGQEgK/HvR2McxSUO4Y7c
oJvNTEL1lphNK0VcZZelL4pPCSG0DLFFG5m1lusCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRIhPNffaYjgbKAWBc+gJuDnmw3rDAfBgNVHSMEGDAWgBTn15muDv3Zht3n
f7Na0KEII8uXLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU5ZVpyZzc5MlliZDUzLXpXdENoQ0NQTGx5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvMTEwODFiLTRlZjktNGUyZi04MTUzLTI4NzkzNzk0MGQ3Yi8x
L1NJVHpYMzJtSTRHeWdGZ1hQb0NiZzU1c042dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
MTEwODFiLTRlZjktNGUyZi04MTUzLTI4NzkzNzk0MGQ3Yi8xLzU5ZVpyZzc5Mlli
ZDUzLXpXdENoQ0NQTGx5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAAWZrwMEAAWZsjANBgkqhkiG9w0B
AQsFAAOCAQEAKBpAqgVXc71d28bGJCk+zusTp3ZMCinBmawIEYrJe71V8JJUj9SJ
iv8A562khyI+dsZUt11bZnw3lbiUxFj4gdUPNBkb6Xkw38nulEn6cq8MJMxatIkS
hVK7d81vleHScSy8qQFa4V1D4N/SmAwOH4+UwiknAmofCY3GtYXvtTQJ1M6kqnVL
szZyreIug3MTLDWj/BtrLQEWwsq6Vv+zzGj0YaqGfy+oWLjfe2uOSAbOVtEYbc9A
Qbx3gU++4ZTpFSJMAoekUm/LESZ2DSX55ryY3x04Z5oT+gxh/ff8Rk6Q7DY6jE0s
e71bW9QqXOWY1WuDJjqsRFlgS3wz+I0mrA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:50 2023 by rpki-client on console-ams.rpki-client.org