Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/5VEf1y2jFaGPR0DlG7DnvcFtJQY.roa
File: 5VEf1y2jFaGPR0DlG7DnvcFtJQY.roa (raw, json)
Hash identifier: 5A5JkWkLiva5cbIDZz7unFBE4PzPt9c9v6qGCT749F4=
Subject key identifier: E5:51:1F:D7:2D:A3:15:A1:8F:47:40:E5:1B:B0:E7:BD:C1:6D:25:06
Certificate issuer: /CN=7f7734dfea120657412ea867ddbc7b84d132bf78
Certificate serial: 0185C3304BFE6D5255A25B9161E916AD71CB
Authority key identifier: 7F:77:34:DF:EA:12:06:57:41:2E:A8:67:DD:BC:7B:84:D1:32:BF:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f3c03-oSBldBLqhn3bx7hNEyv3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/5VEf1y2jFaGPR0DlG7DnvcFtJQY.roa
Signing time: Wed 18 Jan 2023 04:43:20 +0000
ROA not before: Wed 18 Jan 2023 04:43:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 146.19.252.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c3:30:4b:fe:6d:52:55:a2:5b:91:61:e9:16:ad:71:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f7734dfea120657412ea867ddbc7b84d132bf78
Validity
Not Before: Jan 18 04:43:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5511fd72da315a18f4740e51bb0e7bdc16d2506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:45:65:9f:42:1c:ec:aa:61:13:f1:66:d6:b9:
44:bb:87:8d:10:3f:d0:5a:9e:86:10:47:36:25:d5:
25:dc:9c:04:01:19:bf:2c:35:54:60:8d:23:72:cc:
ed:27:ae:93:37:86:2d:33:5e:a8:66:43:a8:d2:0c:
d6:41:44:0e:3a:87:9e:f5:2b:e8:51:8a:75:7e:27:
21:af:18:aa:93:42:80:a4:74:7e:a8:25:75:55:45:
90:bb:57:20:58:c0:73:c5:4f:60:00:97:82:d5:1c:
67:06:4d:3a:45:96:8d:e1:f3:85:5f:3a:90:df:f5:
7f:52:a0:12:03:d4:ca:9b:43:d0:bc:41:72:83:08:
30:a6:0f:7c:0f:1c:6a:b3:03:05:f1:b0:6a:dd:79:
63:16:b9:ab:83:68:d1:91:1f:13:d9:c0:c8:56:68:
3d:72:26:55:b6:26:10:bb:78:c0:ac:05:f9:62:18:
c7:3c:a8:8d:32:06:5b:de:83:a1:8d:08:3d:2d:5c:
f5:5e:29:d6:1a:f0:9e:d7:9c:3c:98:73:f8:78:8a:
3a:4f:02:4c:e3:13:ec:9c:56:3e:dc:18:66:99:3e:
b6:54:75:4a:ab:1b:69:9c:74:4e:ab:44:16:11:eb:
a1:89:97:74:e2:5b:eb:b0:87:03:64:ee:5e:71:f0:
31:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:51:1F:D7:2D:A3:15:A1:8F:47:40:E5:1B:B0:E7:BD:C1:6D:25:06
X509v3 Authority Key Identifier:
keyid:7F:77:34:DF:EA:12:06:57:41:2E:A8:67:DD:BC:7B:84:D1:32:BF:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3c03-oSBldBLqhn3bx7hNEyv3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/5VEf1y2jFaGPR0DlG7DnvcFtJQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/680324-ee1f-40f2-88df-196931962d3c/1/f3c03-oSBldBLqhn3bx7hNEyv3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.252.0/24
Signature Algorithm: sha256WithRSAEncryption
16:67:de:49:7b:5a:15:28:1f:8f:09:38:22:a3:aa:11:d4:88:
7d:16:f9:46:d4:90:3e:ef:04:00:26:94:f5:67:a9:bb:5a:77:
c2:f5:d1:85:a9:c0:ec:7e:42:be:54:18:f2:3a:1d:3a:41:8f:
eb:f4:7e:9f:c8:f5:b6:d2:18:5b:6e:e3:df:2b:81:c1:8c:7b:
a6:07:31:52:52:67:57:1c:20:7b:a6:7a:32:0a:aa:98:5d:a2:
4d:5d:fb:c9:a1:18:43:09:d7:a4:d0:f9:a7:22:82:0e:29:8c:
cc:79:f9:d2:d7:e3:27:7e:23:49:f9:d0:9d:2e:e4:74:9f:1a:
50:a3:e4:7a:eb:b7:ce:0e:48:99:e5:6a:a3:39:7c:8d:85:49:
d8:3c:48:39:f5:ee:fa:97:84:14:18:1e:03:9c:be:8e:8b:db:
94:1a:62:0d:65:8a:ef:d6:7b:a5:64:6d:01:85:57:7f:1c:b3:
df:f8:e2:0a:4f:c1:82:94:ef:6b:a1:94:64:03:84:9a:e2:16:
05:77:f6:dd:25:d4:2c:88:80:7f:d3:58:34:d1:11:08:2b:90:
66:df:ae:95:58:04:19:7c:3e:13:a6:69:b0:af:2e:06:fd:54:
a7:e5:c4:c5:23:50:ae:1c:f2:58:35:d5:fb:7f:2a:85:a2:c6:
b4:8e:03:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXDMEv+bVJVoluRYekWrXHLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNzczNGRmZWExMjA2NTc0MTJlYTg2N2RkYmM3Yjg0ZDEz
MmJmNzgwHhcNMjMwMTE4MDQ0MzIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTUxMWZkNzJkYTMxNWExOGY0NzQwZTUxYmIwZTdiZGMxNmQyNTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEVln0Ic7KphE/Fm1rlEu4eNED/Q
Wp6GEEc2JdUl3JwEARm/LDVUYI0jcsztJ66TN4YtM16oZkOo0gzWQUQOOoee9Svo
UYp1fichrxiqk0KApHR+qCV1VUWQu1cgWMBzxU9gAJeC1RxnBk06RZaN4fOFXzqQ
3/V/UqASA9TKm0PQvEFygwgwpg98DxxqswMF8bBq3XljFrmrg2jRkR8T2cDIVmg9
ciZVtiYQu3jArAX5YhjHPKiNMgZb3oOhjQg9LVz1XinWGvCe15w8mHP4eIo6TwJM
4xPsnFY+3BhmmT62VHVKqxtpnHROq0QWEeuhiZd04lvrsIcDZO5ecfAx7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOVRH9ctoxWhj0dA5Ruw573BbSUGMB8GA1UdIwQY
MBaAFH93NN/qEgZXQS6oZ928e4TRMr94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjNjMDMtb1NCbGRCTHFobjNieDdoTkV5djNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS82ODAzMjQtZWUxZi00MGYyLTg4ZGYt
MTk2OTMxOTYyZDNjLzEvNVZFZjF5MmpGYUdQUjBEbEc3RG52Y0Z0SlFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS82ODAzMjQtZWUxZi00MGYyLTg4ZGYtMTk2OTMxOTYyZDNj
LzEvZjNjMDMtb1NCbGRCTHFobjNieDdoTkV5djNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhP8MA0G
CSqGSIb3DQEBCwUAA4IBAQAWZ95Je1oVKB+PCTgio6oR1Ih9FvlG1JA+7wQAJpT1
Z6m7WnfC9dGFqcDsfkK+VBjyOh06QY/r9H6fyPW20hhbbuPfK4HBjHumBzFSUmdX
HCB7pnoyCqqYXaJNXfvJoRhDCdek0PmnIoIOKYzMefnS1+MnfiNJ+dCdLuR0nxpQ
o+R667fODkiZ5WqjOXyNhUnYPEg59e76l4QUGB4DnL6Oi9uUGmINZYrv1nulZG0B
hVd/HLPf+OIKT8GClO9roZRkA4Sa4hYFd/bdJdQsiIB/01g00REIK5Bm366VWAQZ
fD4Tpmmwry4G/VSn5cTFI1CuHPJYNdX7fyqFosa0jgOe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:59 2024 by rpki-client on console-ams.rpki-client.org