Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/fJ5EpcZzVXbOHY8FM0P4xYzRCq4.roa
File: fJ5EpcZzVXbOHY8FM0P4xYzRCq4.roa (raw, json)
Hash identifier: nFs5R39ucxFSerb++rzDViEDA0IHEpYKy/VryB7rKFo=
Subject key identifier: 7C:9E:44:A5:C6:73:55:76:CE:1D:8F:05:33:43:F8:C5:8C:D1:0A:AE
Certificate issuer: /CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Certificate serial: 35440C06
Authority key identifier: E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/fJ5EpcZzVXbOHY8FM0P4xYzRCq4.roa
Signing time: Sat 01 Jan 2022 09:54:42 +0000
ROA not before: Sat 01 Jan 2022 09:54:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3261
IP address blocks: 5.153.128.0/18 maxlen: 24
92.242.96.0/19 maxlen: 32
195.184.192.0/19 maxlen: 24
2.57.112.0/22 maxlen: 22
2a02:300::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 893651974 (0x35440c06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Validity
Not Before: Jan 1 09:54:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c9e44a5c6735576ce1d8f053343f8c58cd10aae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a0:96:9f:ee:0c:46:4f:dc:d7:94:cd:59:31:
b9:46:e7:db:01:c4:7f:1e:95:3a:e6:df:9b:8e:bb:
bc:50:17:48:bd:4f:1c:91:8f:d4:73:5d:74:05:1b:
fd:0d:99:55:47:39:4b:1d:2a:b3:32:30:28:d8:a1:
27:6d:bd:be:3c:8e:04:7d:8b:f6:56:ed:44:9e:cf:
7f:1a:50:8b:6d:06:89:74:d2:e2:12:a6:00:be:87:
3a:d3:9c:4a:35:f5:fc:61:8e:6c:ff:31:37:94:65:
71:57:67:0a:22:50:7f:ee:60:95:a1:fe:11:c0:02:
ed:99:50:d2:da:f9:4e:7a:e7:42:77:b0:04:95:9e:
4c:ef:11:57:91:c2:d2:0c:15:50:af:9a:e7:41:2e:
7f:88:18:92:fe:41:d0:a3:89:d9:10:28:fe:45:40:
57:7e:ab:26:14:96:1b:18:c7:b5:71:4d:a5:8f:43:
0a:53:56:6e:66:4a:b2:25:42:6e:f4:c9:9f:f1:13:
30:e0:56:e6:a9:92:6c:3d:be:04:21:46:c4:94:44:
db:81:f0:e1:e8:10:86:38:04:f9:20:d3:9f:43:31:
e1:6e:28:cd:f6:e4:6d:6e:c0:13:76:5d:81:a7:34:
f1:d8:50:04:36:df:e4:9e:96:ab:e9:08:46:9c:9c:
4f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:9E:44:A5:C6:73:55:76:CE:1D:8F:05:33:43:F8:C5:8C:D1:0A:AE
X509v3 Authority Key Identifier:
keyid:E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/fJ5EpcZzVXbOHY8FM0P4xYzRCq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/59eZrg792Ybd53-zWtChCCPLly8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.112.0/22
5.153.128.0/18
92.242.96.0/19
195.184.192.0/19
IPv6:
2a02:300::/32
Signature Algorithm: sha256WithRSAEncryption
8c:71:3a:d5:4c:a4:d2:6c:64:30:2b:68:0a:16:73:d5:99:b8:
0e:94:d5:3c:6a:4f:e2:10:7f:48:cd:44:aa:1b:95:be:b1:e6:
58:56:12:75:f2:01:f4:3f:e2:4e:ca:b5:c5:25:80:3c:3e:df:
39:9d:1c:ec:af:e7:05:eb:38:b6:17:66:b2:5f:d3:df:fa:d8:
b7:93:fa:63:43:82:36:10:6b:0d:86:fe:ba:48:60:33:7d:52:
c9:be:83:25:17:94:78:00:d4:3c:89:50:a9:90:41:44:06:23:
f1:79:dd:e9:41:82:36:22:05:1e:89:5e:1b:b6:98:9a:e0:37:
d1:de:ca:fa:a6:15:b6:da:7a:df:7a:18:03:76:25:fa:1d:58:
31:d4:18:f0:bc:d6:fd:5a:0b:85:95:c2:38:54:4c:35:67:be:
6f:54:02:93:d6:84:15:bc:46:11:0a:96:84:18:38:20:cd:03:
e5:5f:f5:46:14:6b:a2:03:0e:1e:18:b3:88:88:c9:6a:94:94:
5c:34:88:0b:fe:27:d7:d2:2d:e2:29:ad:f8:cc:d9:c2:81:d4:
1b:98:6f:3c:1f:01:70:79:ef:5c:6a:c5:3e:8e:2e:ba:96:97:
55:d9:bd:76:1a:e8:95:1e:ee:0e:70:7e:0f:ad:6e:2c:13:a4:
8e:42:cc:6f
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIENUQMBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2Q3OTlhZTBlZmRkOTg2ZGRlNzdmYjM1YWQwYTEwODIzY2I5NzJmMB4XDTIyMDEw
MTA5NTQ0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2M5ZTQ0YTVjNjcz
NTU3NmNlMWQ4ZjA1MzM0M2Y4YzU4Y2QxMGFhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMyglp/uDEZP3NeUzVkxuUbn2wHEfx6VOubfm467vFAXSL1P
HJGP1HNddAUb/Q2ZVUc5Sx0qszIwKNihJ229vjyOBH2L9lbtRJ7PfxpQi20GiXTS
4hKmAL6HOtOcSjX1/GGObP8xN5RlcVdnCiJQf+5glaH+EcAC7ZlQ0tr5TnrnQnew
BJWeTO8RV5HC0gwVUK+a50Euf4gYkv5B0KOJ2RAo/kVAV36rJhSWGxjHtXFNpY9D
ClNWbmZKsiVCbvTJn/ETMOBW5qmSbD2+BCFGxJRE24Hw4egQhjgE+SDTn0Mx4W4o
zfbkbW7AE3Zdgac08dhQBDbf5J6Wq+kIRpycT5cCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBR8nkSlxnNVds4djwUzQ/jFjNEKrjAfBgNVHSMEGDAWgBTn15muDv3Zht3n
f7Na0KEII8uXLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU5ZVpyZzc5MlliZDUzLXpXdENoQ0NQTGx5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvMTEwODFiLTRlZjktNGUyZi04MTUzLTI4NzkzNzk0MGQ3Yi8x
L2ZKNUVwY1p6VlhiT0hZOEZNMFA0eFl6UkNxNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
MTEwODFiLTRlZjktNGUyZi04MTUzLTI4NzkzNzk0MGQ3Yi8xLzU5ZVpyZzc5Mlli
ZDUzLXpXdENoQ0NQTGx5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAgI5cAMEBgWZgAMEBVzyYAMEBcO4
wDANBAIAAjAHAwUAKgIDADANBgkqhkiG9w0BAQsFAAOCAQEAjHE61Uyk0mxkMCto
ChZz1Zm4DpTVPGpP4hB/SM1EqhuVvrHmWFYSdfIB9D/iTsq1xSWAPD7fOZ0c7K/n
Bes4thdmsl/T3/rYt5P6Y0OCNhBrDYb+ukhgM31Syb6DJReUeADUPIlQqZBBRAYj
8Xnd6UGCNiIFHoleG7aYmuA30d7K+qYVttp633oYA3Yl+h1YMdQY8LzW/VoLhZXC
OFRMNWe+b1QCk9aEFbxGEQqWhBg4IM0D5V/1RhRrogMOHhiziIjJapSUXDSIC/4n
19It4imt+MzZwoHUG5hvPB8BcHnvXGrFPo4uupaXVdm9dhrolR7uDnB+D61uLBOk
jkLMbw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:50 2023 by rpki-client on console-ams.rpki-client.org