Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/jfKPPXiqWUw3FomYoCwRS6Htiqw.roa
File: jfKPPXiqWUw3FomYoCwRS6Htiqw.roa (raw, json)
Hash identifier: UdDrVlGNR1pCSnki/QubbZjBzZgV+Z5LGLEu4t4EMI8=
Subject key identifier: 8D:F2:8F:3D:78:AA:59:4C:37:16:89:98:A0:2C:11:4B:A1:ED:8A:AC
Certificate issuer: /CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Certificate serial: 3547C60F
Authority key identifier: E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/jfKPPXiqWUw3FomYoCwRS6Htiqw.roa
Signing time: Sat 01 Jan 2022 09:54:45 +0000
ROA not before: Sat 01 Jan 2022 09:54:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196977
IP address blocks: 5.153.184.0/21 maxlen: 21
5.153.190.0/24 maxlen: 24
5.153.191.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 893896207 (0x3547c60f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Validity
Not Before: Jan 1 09:54:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8df28f3d78aa594c37168998a02c114ba1ed8aac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:91:55:1e:5a:f2:12:11:30:81:89:33:bd:09:
28:3f:93:dc:b1:c7:32:c3:d4:e1:e3:01:88:dc:cf:
48:1f:3a:7f:3a:d3:58:37:4c:a1:e1:26:58:ba:03:
df:f8:b9:5b:5f:5e:0e:f6:c5:b3:77:7d:a4:87:91:
7e:1c:a1:b5:0d:0d:1f:72:0e:f3:22:6e:47:2a:ec:
b3:bf:3b:b4:cd:e1:26:65:25:86:7f:b7:0a:ee:75:
b2:27:2b:1a:65:6e:e6:6f:df:08:51:9e:d0:88:93:
25:a7:0b:9f:8e:eb:41:6e:59:ec:58:3c:51:15:78:
f9:16:b1:8a:19:cf:3d:34:10:65:0c:6f:be:9b:cd:
9f:2a:14:ff:7a:48:66:ab:05:3d:c4:29:b0:21:90:
8e:35:e4:bb:29:74:89:7c:c2:5c:d8:3b:82:e5:fc:
d8:60:6e:f7:00:5b:9c:21:7e:f4:98:71:0d:b1:c0:
bf:56:ac:d4:a3:e6:3f:5b:f9:8d:3a:c5:6c:49:18:
7a:e0:40:a9:a4:aa:10:d2:7b:54:e7:53:ac:83:08:
58:72:ac:dd:10:2c:58:b7:8a:f9:d2:f4:f5:d5:48:
09:f1:71:f6:ec:33:7a:a4:3b:7a:e6:e8:f1:2a:7f:
fa:c9:ad:9d:63:b2:2e:ee:96:b7:31:4a:bf:ba:ff:
f3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F2:8F:3D:78:AA:59:4C:37:16:89:98:A0:2C:11:4B:A1:ED:8A:AC
X509v3 Authority Key Identifier:
keyid:E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/jfKPPXiqWUw3FomYoCwRS6Htiqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/59eZrg792Ybd53-zWtChCCPLly8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.184.0/21
Signature Algorithm: sha256WithRSAEncryption
7f:f6:ba:1f:a9:7d:a1:e6:b1:f0:0c:4d:a0:44:77:16:17:7c:
56:a4:e8:fb:36:60:da:c4:b9:6f:5f:3b:88:1e:05:99:73:e6:
36:86:dc:7d:d6:59:d4:8a:b0:fc:5b:4b:b9:de:8f:5b:a9:be:
30:ce:6d:53:da:45:1e:53:9f:c3:3b:30:34:76:5d:4d:96:a0:
7f:72:f2:85:3e:5a:12:0d:17:c4:33:c1:43:56:cb:41:1e:d7:
2f:c3:14:3f:f2:86:51:72:09:db:b4:95:91:1f:7d:76:cf:6f:
8d:ae:b5:ea:67:bf:72:c7:b2:53:9f:13:71:a3:a7:d1:9d:ce:
47:06:40:64:62:b4:3b:60:6e:a8:02:21:12:99:2d:88:35:92:
86:eb:c0:dd:f1:a8:b4:30:16:bb:5a:38:53:e7:0f:e6:52:fd:
cc:d7:0c:25:46:bd:92:33:7e:d6:e1:20:67:b9:3f:92:88:31:
f8:8c:9d:14:fb:04:61:3f:83:35:8e:bb:a4:2e:bb:02:cf:38:
bc:ed:41:21:30:27:ad:92:7b:9a:9b:07:58:77:9d:f4:7d:ac:
78:fe:fd:04:20:f2:c5:bd:1b:90:15:a9:ea:c1:8d:09:b8:c6:
78:26:38:57:97:37:f9:66:e7:8f:2e:b3:9d:00:36:b1:d3:60:
9d:cf:ef:19
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENUfGDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2Q3OTlhZTBlZmRkOTg2ZGRlNzdmYjM1YWQwYTEwODIzY2I5NzJmMB4XDTIyMDEw
MTA5NTQ0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGRmMjhmM2Q3OGFh
NTk0YzM3MTY4OTk4YTAyYzExNGJhMWVkOGFhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMuRVR5a8hIRMIGJM70JKD+T3LHHMsPU4eMBiNzPSB86fzrT
WDdMoeEmWLoD3/i5W19eDvbFs3d9pIeRfhyhtQ0NH3IO8yJuRyrss787tM3hJmUl
hn+3Cu51sicrGmVu5m/fCFGe0IiTJacLn47rQW5Z7Fg8URV4+RaxihnPPTQQZQxv
vpvNnyoU/3pIZqsFPcQpsCGQjjXkuyl0iXzCXNg7guX82GBu9wBbnCF+9JhxDbHA
v1as1KPmP1v5jTrFbEkYeuBAqaSqENJ7VOdTrIMIWHKs3RAsWLeK+dL09dVICfFx
9uwzeqQ7eubo8Sp/+smtnWOyLu6WtzFKv7r/88ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSN8o89eKpZTDcWiZigLBFLoe2KrDAfBgNVHSMEGDAWgBTn15muDv3Zht3n
f7Na0KEII8uXLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU5ZVpyZzc5MlliZDUzLXpXdENoQ0NQTGx5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvMTEwODFiLTRlZjktNGUyZi04MTUzLTI4NzkzNzk0MGQ3Yi8x
L2pmS1BQWGlxV1V3M0ZvbVlvQ3dSUzZIdGlxdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
MTEwODFiLTRlZjktNGUyZi04MTUzLTI4NzkzNzk0MGQ3Yi8xLzU5ZVpyZzc5Mlli
ZDUzLXpXdENoQ0NQTGx5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAwWZuDANBgkqhkiG9w0BAQsFAAOC
AQEAf/a6H6l9oeax8AxNoER3Fhd8VqTo+zZg2sS5b187iB4FmXPmNobcfdZZ1Iqw
/FtLud6PW6m+MM5tU9pFHlOfwzswNHZdTZagf3LyhT5aEg0XxDPBQ1bLQR7XL8MU
P/KGUXIJ27SVkR99ds9vja616me/cseyU58TcaOn0Z3ORwZAZGK0O2BuqAIhEpkt
iDWShuvA3fGotDAWu1o4U+cP5lL9zNcMJUa9kjN+1uEgZ7k/kogx+IydFPsEYT+D
NY67pC67As84vO1BITAnrZJ7mpsHWHed9H2seP79BCDyxb0bkBWp6sGNCbjGeCY4
V5c3+Wbnjy6znQA2sdNgnc/vGQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:13 2023 by rpki-client on console-fra.rpki-client.org