Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/fS-xi3LIoNEDw1gJa0VCK7l_XAM.roa
File: fS-xi3LIoNEDw1gJa0VCK7l_XAM.roa (raw, json)
Hash identifier: /pn+ku+0B5S1x9AqlX3JsF5I4eZku4PaehwJYlAQ5Tc=
Subject key identifier: 7D:2F:B1:8B:72:C8:A0:D1:03:C3:58:09:6B:45:42:2B:B9:7F:5C:03
Certificate issuer: /CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Certificate serial: 35460D3B
Authority key identifier: E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/fS-xi3LIoNEDw1gJa0VCK7l_XAM.roa
Signing time: Sat 01 Jan 2022 09:54:44 +0000
ROA not before: Sat 01 Jan 2022 09:54:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41172
IP address blocks: 5.153.174.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 893783355 (0x35460d3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Validity
Not Before: Jan 1 09:54:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d2fb18b72c8a0d103c358096b45422bb97f5c03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:8f:16:8d:9a:67:5b:95:5e:8f:dc:5c:99:86:
3c:46:e6:23:08:54:aa:25:af:9d:d8:0b:f2:0b:8e:
b6:94:1f:d2:44:4c:b9:45:69:70:0f:bb:8a:ea:aa:
c6:c2:6e:f3:c0:51:5b:59:be:3c:b2:26:5b:63:89:
0f:70:a9:93:56:0c:be:8b:81:72:31:4c:d9:85:e2:
e5:8a:ac:99:04:1f:93:6e:b3:b5:8f:b5:a4:ab:9d:
00:79:6d:91:b7:90:52:01:bf:8f:d1:b5:37:5c:0f:
2f:e8:9e:dc:62:79:01:c1:10:fa:97:6d:27:16:71:
e6:cf:5e:e1:d7:d4:24:a4:11:fd:b6:90:a8:25:63:
e6:e8:71:17:55:6f:53:d5:3b:20:c2:b0:89:26:94:
51:f6:fd:14:ed:c0:2c:5f:0e:f7:bc:a3:43:2a:ad:
20:84:4c:2e:35:a7:e5:52:86:59:51:7b:65:90:25:
e5:22:82:84:a1:c6:ed:92:25:a1:71:99:89:55:ba:
e3:37:42:86:ca:9f:76:86:50:6d:ef:61:19:aa:95:
9e:bb:9e:de:af:4a:19:a7:1c:b0:e6:a0:2e:85:ca:
c2:46:8b:e2:6a:8e:5b:9e:1c:2a:bf:8f:9b:de:60:
a7:34:49:58:8e:76:a3:06:56:f4:e6:50:1d:1f:54:
d8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:2F:B1:8B:72:C8:A0:D1:03:C3:58:09:6B:45:42:2B:B9:7F:5C:03
X509v3 Authority Key Identifier:
keyid:E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/fS-xi3LIoNEDw1gJa0VCK7l_XAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/59eZrg792Ybd53-zWtChCCPLly8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.174.0/24
Signature Algorithm: sha256WithRSAEncryption
99:28:4c:ac:dd:1f:f0:45:7d:63:5d:f5:f0:34:ca:56:4e:fa:
7e:90:10:1b:19:9e:78:8e:47:ac:92:90:fa:fb:89:2b:bb:85:
d7:d1:78:45:d6:8f:f1:89:bf:7f:9b:bb:98:80:a6:19:be:eb:
98:83:75:35:0e:2a:b5:64:88:10:94:98:34:33:ad:4b:74:71:
f6:fe:aa:e6:86:1e:01:a4:69:28:b9:08:94:fa:23:a5:cc:8d:
21:4f:8f:58:f8:11:86:df:fa:f7:72:05:4c:e4:a1:f0:dd:f6:
1d:27:99:5b:a2:e0:d0:27:65:3d:fe:ce:dc:48:e7:67:42:92:
3b:d6:d3:5f:03:c4:ec:d4:8d:29:f6:bf:4e:60:a9:1f:75:a6:
e3:47:55:92:87:4e:7b:09:59:cc:eb:95:97:37:5e:b8:aa:ed:
39:a3:dc:f1:b0:9f:e3:66:90:e2:99:ef:8e:f7:37:4e:42:92:
2b:d0:88:2c:96:47:cc:1b:b6:16:bf:aa:ce:f5:98:a7:1d:b1:
d0:3e:a8:07:10:0d:d1:3b:ad:22:2f:26:e4:af:dd:a6:4e:ce:
13:5b:19:cf:29:2f:e5:65:3f:17:3f:5a:05:9e:bc:cd:ce:cd:
cb:d9:2b:91:23:75:1e:2b:de:af:8c:37:64:78:7d:69:85:1e:
a4:13:f9:7b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENUYNOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2Q3OTlhZTBlZmRkOTg2ZGRlNzdmYjM1YWQwYTEwODIzY2I5NzJmMB4XDTIyMDEw
MTA5NTQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2QyZmIxOGI3MmM4
YTBkMTAzYzM1ODA5NmI0NTQyMmJiOTdmNWMwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANKPFo2aZ1uVXo/cXJmGPEbmIwhUqiWvndgL8guOtpQf0kRM
uUVpcA+7iuqqxsJu88BRW1m+PLImW2OJD3Cpk1YMvouBcjFM2YXi5YqsmQQfk26z
tY+1pKudAHltkbeQUgG/j9G1N1wPL+ie3GJ5AcEQ+pdtJxZx5s9e4dfUJKQR/baQ
qCVj5uhxF1VvU9U7IMKwiSaUUfb9FO3ALF8O97yjQyqtIIRMLjWn5VKGWVF7ZZAl
5SKChKHG7ZIloXGZiVW64zdChsqfdoZQbe9hGaqVnrue3q9KGaccsOagLoXKwkaL
4mqOW54cKr+Pm95gpzRJWI52owZW9OZQHR9U2P0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR9L7GLcsig0QPDWAlrRUIruX9cAzAfBgNVHSMEGDAWgBTn15muDv3Zht3n
f7Na0KEII8uXLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU5ZVpyZzc5MlliZDUzLXpXdENoQ0NQTGx5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvMTEwODFiLTRlZjktNGUyZi04MTUzLTI4NzkzNzk0MGQ3Yi8x
L2ZTLXhpM0xJb05FRHcxZ0phMFZDSzdsX1hBTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
MTEwODFiLTRlZjktNGUyZi04MTUzLTI4NzkzNzk0MGQ3Yi8xLzU5ZVpyZzc5Mlli
ZDUzLXpXdENoQ0NQTGx5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAWZrjANBgkqhkiG9w0BAQsFAAOC
AQEAmShMrN0f8EV9Y1318DTKVk76fpAQGxmeeI5HrJKQ+vuJK7uF19F4RdaP8Ym/
f5u7mICmGb7rmIN1NQ4qtWSIEJSYNDOtS3Rx9v6q5oYeAaRpKLkIlPojpcyNIU+P
WPgRht/693IFTOSh8N32HSeZW6Lg0CdlPf7O3EjnZ0KSO9bTXwPE7NSNKfa/TmCp
H3Wm40dVkodOewlZzOuVlzdeuKrtOaPc8bCf42aQ4pnvjvc3TkKSK9CILJZHzBu2
Fr+qzvWYpx2x0D6oBxAN0TutIi8m5K/dpk7OE1sZzykv5WU/Fz9aBZ68zc7Ny9kr
kSN1Hiver4w3ZHh9aYUepBP5ew==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:13 2023 by rpki-client on console-fra.rpki-client.org