Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/uZpCHByAOsVuzd_poclvTJEPyZ8.roa
File: uZpCHByAOsVuzd_poclvTJEPyZ8.roa (raw, json)
Hash identifier: 4QJNYNfRasnVY0TAO/aGwTezEbdIbErS2cRL6aRQnT0=
Subject key identifier: B9:9A:42:1C:1C:80:3A:C5:6E:CD:DF:E9:A1:C9:6F:4C:91:0F:C9:9F
Certificate issuer: /CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Certificate serial: 01830D096BF534A7C061D78B7A8128427555
Authority key identifier: E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/uZpCHByAOsVuzd_poclvTJEPyZ8.roa
Signing time: Mon 05 Sep 2022 09:44:24 +0000
ROA not before: Mon 05 Sep 2022 09:44:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3261
IP address blocks: 5.153.128.0/18 maxlen: 24
92.242.96.0/19 maxlen: 32
195.184.192.0/19 maxlen: 24
2a02:300::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0d:09:6b:f5:34:a7:c0:61:d7:8b:7a:81:28:42:75:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Validity
Not Before: Sep 5 09:44:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b99a421c1c803ac56ecddfe9a1c96f4c910fc99f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f3:9c:2f:8e:a2:53:ba:2f:a3:a8:35:0c:30:
09:bb:bb:f8:66:4f:d5:ed:6a:89:4a:ce:df:85:a5:
9d:d5:65:88:30:a2:57:b1:aa:f9:bd:e3:14:8f:f1:
65:e2:6f:0f:d9:92:29:0e:ff:55:67:6d:1a:46:a7:
83:d6:82:05:2d:da:e0:b2:c1:5e:1a:07:68:8c:34:
1a:d6:7b:21:a2:84:e0:2f:c0:4c:34:60:a9:59:81:
3d:bc:fa:ec:a7:b9:42:b9:98:9e:59:73:15:ad:03:
79:d9:9a:96:64:f3:bd:4b:c2:3e:33:17:9b:21:f2:
bf:ec:78:c8:28:01:6e:49:d0:48:56:29:ea:03:5e:
dc:87:58:fa:80:5b:54:98:4f:af:e1:74:ca:cb:48:
c8:ac:89:58:5a:d2:45:e6:58:c6:fe:d1:74:90:3f:
9e:5f:7a:fd:17:e7:f6:0d:4c:75:6c:35:64:24:e9:
30:4a:48:8d:f7:04:f8:cb:e8:f7:ff:fc:4a:ce:ca:
8a:1c:44:c8:94:11:33:0c:13:11:eb:97:4d:c7:fa:
e5:30:1c:71:b7:b4:d6:59:52:28:07:9e:7a:97:d2:
c1:35:45:8c:ec:2e:ae:be:f8:32:d9:44:ce:47:a3:
74:54:f4:fc:b7:8c:6c:b2:95:08:09:9d:b0:5c:af:
8a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:9A:42:1C:1C:80:3A:C5:6E:CD:DF:E9:A1:C9:6F:4C:91:0F:C9:9F
X509v3 Authority Key Identifier:
keyid:E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/uZpCHByAOsVuzd_poclvTJEPyZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/59eZrg792Ybd53-zWtChCCPLly8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.128.0/18
92.242.96.0/19
195.184.192.0/19
IPv6:
2a02:300::/32
Signature Algorithm: sha256WithRSAEncryption
82:42:98:34:77:91:e0:b9:7b:62:9f:47:c7:35:31:c1:c4:df:
91:9d:6a:ce:cc:91:d9:97:c1:0f:47:c4:29:05:e9:35:08:38:
47:e8:92:98:de:ce:f4:0a:87:55:5d:1c:5a:a9:17:eb:a5:75:
8e:73:62:7b:bf:2e:d9:55:b2:1e:b3:d5:19:6d:c5:30:8e:e3:
cb:59:c3:de:55:4b:a1:0f:5c:03:f8:53:df:ed:75:4b:d8:30:
01:26:45:9e:ac:01:7f:88:67:e8:cf:4e:51:6a:4d:b5:4a:dc:
ad:e6:55:2a:19:b6:f2:a7:2c:b0:42:30:10:3b:e9:a1:e6:68:
55:84:f5:27:7b:c7:9b:63:05:f9:6f:43:36:3a:0c:66:8b:c6:
c6:76:58:62:d6:0b:7e:07:47:c3:68:70:3c:e3:65:46:13:e2:
84:04:4d:3d:15:a3:77:34:26:fc:42:e6:29:4c:ed:8e:77:5e:
77:73:7c:30:54:67:ef:14:3e:bf:d7:eb:5d:67:63:a5:0d:85:
23:6f:a8:6a:b2:50:79:86:b2:ba:d0:71:9a:de:83:a5:54:a2:
57:1a:d2:3c:28:c9:e6:7e:a4:15:d3:d9:d2:a2:b5:f2:86:1c:
8e:c3:be:1b:18:e5:36:8f:12:99:27:9d:c1:e2:73:55:cb:1b:
9c:9f:ce:31
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYMNCWv1NKfAYdeLeoEoQnVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZDc5OWFlMGVmZGQ5ODZkZGU3N2ZiMzVhZDBhMTA4MjNj
Yjk3MmYwHhcNMjIwOTA1MDk0NDI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTlhNDIxYzFjODAzYWM1NmVjZGRmZTlhMWM5NmY0YzkxMGZjOTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvOcL46iU7ovo6g1DDAJu7v4Zk/V
7WqJSs7fhaWd1WWIMKJXsar5veMUj/Fl4m8P2ZIpDv9VZ20aRqeD1oIFLdrgssFe
GgdojDQa1nshooTgL8BMNGCpWYE9vPrsp7lCuZieWXMVrQN52ZqWZPO9S8I+Mxeb
IfK/7HjIKAFuSdBIVinqA17ch1j6gFtUmE+v4XTKy0jIrIlYWtJF5ljG/tF0kD+e
X3r9F+f2DUx1bDVkJOkwSkiN9wT4y+j3//xKzsqKHETIlBEzDBMR65dNx/rlMBxx
t7TWWVIoB556l9LBNUWM7C6uvvgy2UTOR6N0VPT8t4xsspUICZ2wXK+K5wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLmaQhwcgDrFbs3f6aHJb0yRD8mfMB8GA1UdIwQY
MBaAFOfXma4O/dmG3ed/s1rQoQgjy5cvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTllWnJnNzkyWWJkNTMteld0Q2hDQ1BMbHk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xMTA4MWItNGVmOS00ZTJmLTgxNTMt
Mjg3OTM3OTQwZDdiLzEvdVpwQ0hCeUFPc1Z1emRfcG9jbHZUSkVQeVo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xMTA4MWItNGVmOS00ZTJmLTgxNTMtMjg3OTM3OTQwZDdi
LzEvNTllWnJnNzkyWWJkNTMteld0Q2hDQ1BMbHk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGBZmAAwQF
XPJgAwQFw7jAMA0EAgACMAcDBQAqAgMAMA0GCSqGSIb3DQEBCwUAA4IBAQCCQpg0
d5HguXtin0fHNTHBxN+RnWrOzJHZl8EPR8QpBek1CDhH6JKY3s70CodVXRxaqRfr
pXWOc2J7vy7ZVbIes9UZbcUwjuPLWcPeVUuhD1wD+FPf7XVL2DABJkWerAF/iGfo
z05Rak21Styt5lUqGbbypyywQjAQO+mh5mhVhPUne8ebYwX5b0M2Ogxmi8bGdlhi
1gt+B0fDaHA842VGE+KEBE09FaN3NCb8QuYpTO2Od153c3wwVGfvFD6/1+tdZ2Ol
DYUjb6hqslB5hrK60HGa3oOlVKJXGtI8KMnmfqQV09nSorXyhhyOw74bGOU2jxKZ
J53B4nNVyxucn84x
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:13 2023 by rpki-client on console-fra.rpki-client.org