Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/o_kfU12UNCVTsXewIZ3COG05dqY.roa
File: o_kfU12UNCVTsXewIZ3COG05dqY.roa (raw, json)
Hash identifier: 9X9qYST78NcDgVqDix96HzkBa4UB6Fqeb0JZZLN2mAE=
Subject key identifier: A3:F9:1F:53:5D:94:34:25:53:B1:77:B0:21:9D:C2:38:6D:39:76:A6
Certificate issuer: /CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Certificate serial: 35460020
Authority key identifier: E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/o_kfU12UNCVTsXewIZ3COG05dqY.roa
Signing time: Sat 01 Jan 2022 09:54:44 +0000
ROA not before: Sat 01 Jan 2022 09:54:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41081
IP address blocks: 5.153.182.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 893780000 (0x35460020)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Validity
Not Before: Jan 1 09:54:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3f91f535d94342553b177b0219dc2386d3976a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:15:0a:4b:05:ba:5b:7a:8b:8d:49:7d:ba:6e:
5b:76:9b:d3:a4:27:5d:04:b3:98:92:38:23:e5:c2:
ae:d0:2d:bd:e9:21:49:34:6d:a7:80:45:76:e2:49:
86:0e:27:41:01:f5:e5:37:31:c8:46:30:3c:4c:7d:
5e:c7:0c:46:5f:97:63:11:ad:30:83:04:e1:70:e8:
31:21:e2:32:5d:8d:7d:7b:ba:58:a1:5c:c5:b0:c8:
08:66:ac:65:80:14:04:7d:70:84:eb:ce:7f:21:fe:
93:d1:f1:d7:05:b1:2f:86:32:46:53:94:95:1d:54:
0c:a4:5a:d2:7a:f4:83:17:d1:a1:7d:0d:7e:18:2b:
d5:76:31:d6:67:eb:61:bf:26:40:1a:f8:b1:78:b0:
08:d8:a2:47:df:73:fb:fa:a2:10:23:c4:a1:7e:a5:
2f:8a:e0:34:85:67:bf:c0:eb:98:71:0e:2c:b2:b5:
08:cb:e5:8a:8a:0b:fa:ad:f3:0d:52:d4:46:a0:3c:
ce:48:5a:fd:32:71:69:f1:1e:53:cd:11:e5:23:86:
af:90:50:65:59:57:e7:31:1f:f9:6e:37:f6:9a:2c:
fb:1d:66:be:40:4a:2e:fa:4e:31:bb:bd:cc:2f:68:
f7:6c:23:11:eb:b3:9c:75:f9:51:f1:e5:0f:a9:fc:
7c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F9:1F:53:5D:94:34:25:53:B1:77:B0:21:9D:C2:38:6D:39:76:A6
X509v3 Authority Key Identifier:
keyid:E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/o_kfU12UNCVTsXewIZ3COG05dqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/59eZrg792Ybd53-zWtChCCPLly8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.182.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:de:27:4f:f2:ad:5f:b8:a0:1e:d9:f0:2c:79:a4:2a:68:d3:
dd:75:2b:22:b6:dc:0a:48:f8:eb:2a:b3:ba:01:b9:c6:b0:6a:
ee:3e:bc:8a:ef:fc:fc:47:2e:29:3c:f3:6f:86:4c:d4:c7:a7:
1b:9a:95:00:a3:5e:e7:41:e5:72:73:92:fc:5c:2e:c5:7b:58:
33:af:ea:07:8c:59:b3:4f:84:cb:11:55:12:0c:3f:fa:77:b6:
25:b5:58:c8:8f:da:c6:fd:d3:4d:0c:e4:40:36:f4:5b:26:4d:
54:a8:30:7e:99:d9:1e:eb:29:ac:63:3c:ec:da:0c:25:68:6f:
d1:58:13:ab:84:90:b9:bb:42:6e:9e:d6:92:0b:d2:1d:7d:36:
bf:94:35:80:74:bc:47:f6:71:d2:9c:22:9f:ee:77:2f:c0:25:
cb:e5:ff:8b:a1:44:3d:0e:2d:ce:43:7f:91:1d:16:df:38:ba:
b6:9c:f4:20:24:91:5f:0a:29:7b:2f:24:90:8e:17:cf:ec:53:
be:6b:76:89:cb:51:6e:89:d4:e1:7b:1d:09:d1:c3:51:6b:d8:
97:4a:92:2f:69:6f:a4:40:51:67:ba:57:44:ad:9b:c9:41:8c:
78:f1:c6:bd:d6:a2:f9:94:5a:b1:7f:f1:24:5a:7a:e5:f6:cc:
8d:3e:22:6f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENUYAIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2Q3OTlhZTBlZmRkOTg2ZGRlNzdmYjM1YWQwYTEwODIzY2I5NzJmMB4XDTIyMDEw
MTA5NTQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTNmOTFmNTM1ZDk0
MzQyNTUzYjE3N2IwMjE5ZGMyMzg2ZDM5NzZhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4VCksFult6i41JfbpuW3ab06QnXQSzmJI4I+XCrtAtvekh
STRtp4BFduJJhg4nQQH15TcxyEYwPEx9XscMRl+XYxGtMIME4XDoMSHiMl2NfXu6
WKFcxbDICGasZYAUBH1whOvOfyH+k9Hx1wWxL4YyRlOUlR1UDKRa0nr0gxfRoX0N
fhgr1XYx1mfrYb8mQBr4sXiwCNiiR99z+/qiECPEoX6lL4rgNIVnv8DrmHEOLLK1
CMvliooL+q3zDVLURqA8zkha/TJxafEeU80R5SOGr5BQZVlX5zEf+W439pos+x1m
vkBKLvpOMbu9zC9o92wjEeuznHX5UfHlD6n8fI0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSj+R9TXZQ0JVOxd7AhncI4bTl2pjAfBgNVHSMEGDAWgBTn15muDv3Zht3n
f7Na0KEII8uXLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU5ZVpyZzc5MlliZDUzLXpXdENoQ0NQTGx5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvMTEwODFiLTRlZjktNGUyZi04MTUzLTI4NzkzNzk0MGQ3Yi8x
L29fa2ZVMTJVTkNWVHNYZXdJWjNDT0cwNWRxWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
MTEwODFiLTRlZjktNGUyZi04MTUzLTI4NzkzNzk0MGQ3Yi8xLzU5ZVpyZzc5Mlli
ZDUzLXpXdENoQ0NQTGx5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAQWZtjANBgkqhkiG9w0BAQsFAAOC
AQEAft4nT/KtX7igHtnwLHmkKmjT3XUrIrbcCkj46yqzugG5xrBq7j68iu/8/Ecu
KTzzb4ZM1MenG5qVAKNe50HlcnOS/FwuxXtYM6/qB4xZs0+EyxFVEgw/+ne2JbVY
yI/axv3TTQzkQDb0WyZNVKgwfpnZHusprGM87NoMJWhv0VgTq4SQubtCbp7WkgvS
HX02v5Q1gHS8R/Zx0pwin+53L8Aly+X/i6FEPQ4tzkN/kR0W3zi6tpz0ICSRXwop
ey8kkI4Xz+xTvmt2ictRbonU4XsdCdHDUWvYl0qSL2lvpEBRZ7pXRK2byUGMePHG
vdai+ZRasX/xJFp65fbMjT4ibw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:44 2024 by rpki-client on console-fra.rpki-client.org