Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/91N5O0DmhGG4-N6lQL1zC4N_IGE.roa
File: 91N5O0DmhGG4-N6lQL1zC4N_IGE.roa (raw, json)
Hash identifier: HB3x7cOIhpUwGHfOQI39vmn3tUKY+BJv+ttSNfJGQms=
Subject key identifier: F7:53:79:3B:40:E6:84:61:B8:F8:DE:A5:40:BD:73:0B:83:7F:20:61
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 039F99EC
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/91N5O0DmhGG4-N6lQL1zC4N_IGE.roa
Signing time: Sat 01 Jan 2022 14:07:04 +0000
ROA not before: Sat 01 Jan 2022 14:07:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49392
IP address blocks: 188.64.162.0/24 maxlen: 24
5.183.153.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60791276 (0x39f99ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 14:07:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f753793b40e68461b8f8dea540bd730b837f2061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f1:63:51:24:bb:9c:ae:77:ad:b2:9f:22:2c:
11:d0:77:a4:23:e8:49:c5:50:35:3c:33:bf:c6:fa:
5b:22:4f:a1:6a:cc:a9:97:c8:ca:23:34:0c:16:d8:
6b:16:8d:68:bf:2e:df:39:72:7d:1e:fb:cc:a4:66:
90:c5:6f:53:29:99:ff:c9:b1:d6:9d:6e:c6:84:51:
1c:11:57:6d:c1:cb:41:ff:e8:e7:c8:17:f5:fa:4c:
23:d5:04:cc:f7:9b:39:2c:f1:7e:04:f1:89:f2:ae:
04:8a:ae:73:97:26:66:21:1c:6c:50:09:10:4e:57:
cb:75:47:93:2b:21:9d:a8:10:56:b6:32:8b:92:16:
a1:30:d5:87:6d:a0:9f:83:15:b6:0d:b4:83:ac:d4:
ee:61:f8:af:1a:db:1a:a3:a6:d4:b0:76:6d:58:ec:
f9:b5:b2:57:87:a5:29:3a:1d:73:36:5a:96:7c:35:
b1:be:9e:2f:0c:14:41:8c:1a:7b:27:9f:16:df:16:
bc:f6:1d:2b:e6:a0:77:99:bd:19:1f:4e:f5:ab:09:
cd:52:72:77:cd:0f:ea:b3:28:be:df:ef:ed:66:40:
e6:17:ac:ac:b4:69:be:ac:14:e7:da:bd:9e:68:31:
61:4b:13:4b:fb:2d:9e:62:36:18:68:f2:fa:eb:b1:
a8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:53:79:3B:40:E6:84:61:B8:F8:DE:A5:40:BD:73:0B:83:7F:20:61
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/91N5O0DmhGG4-N6lQL1zC4N_IGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.153.0/24
188.64.162.0/24
Signature Algorithm: sha256WithRSAEncryption
12:de:6d:70:7c:59:59:ee:bc:19:03:cd:48:21:08:a1:6c:01:
ba:93:04:70:ad:3e:2e:23:c2:e2:1f:43:2d:62:a7:c7:31:85:
04:9e:b9:8e:bc:9b:d9:a5:97:d4:f1:b1:ea:ff:a9:47:f0:2e:
fa:cf:1d:01:0a:66:c4:4d:48:15:84:eb:4e:02:16:2c:a9:c8:
b9:05:9f:7a:dd:cb:ba:d4:23:4c:f8:87:63:8f:da:f8:34:98:
f8:19:7d:e3:c6:64:47:ad:6e:f6:a6:08:af:4e:ff:da:4c:ec:
1c:71:de:eb:aa:a5:82:f3:a9:01:b2:cb:4c:4d:6c:87:dc:09:
f4:e4:54:d3:e2:da:2f:50:b5:78:21:ac:0a:3c:3b:c9:b1:7c:
dd:5f:12:c8:cb:c5:c9:7f:41:a5:80:64:ee:ca:09:1b:f4:c3:
5e:59:36:3d:4f:82:93:3d:2f:21:d1:6b:88:68:04:31:ad:86:
bb:d8:a7:50:2a:c2:e1:17:0a:45:5d:74:07:94:a7:b4:b3:49:
67:57:a6:c3:85:05:56:d3:4f:b1:e4:24:54:41:6b:18:b4:cc:
28:e3:86:a2:01:1d:3f:1d:51:5c:7e:1e:37:2a:ed:74:3e:39:
17:61:89:e9:b8:b8:4c:dc:43:e9:46:74:ae:ba:fd:aa:8b:05:
eb:44:28:be
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA5+Z7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGEzOTQxYzI3Y2ZlNWMyMzRjNGJmMjIxZWNiMmE1NzliMmRlYWFiMB4XDTIyMDEw
MTE0MDcwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjc1Mzc5M2I0MGU2
ODQ2MWI4ZjhkZWE1NDBiZDczMGI4MzdmMjA2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIrxY1Eku5yud62ynyIsEdB3pCPoScVQNTwzv8b6WyJPoWrM
qZfIyiM0DBbYaxaNaL8u3zlyfR77zKRmkMVvUymZ/8mx1p1uxoRRHBFXbcHLQf/o
58gX9fpMI9UEzPebOSzxfgTxifKuBIquc5cmZiEcbFAJEE5Xy3VHkyshnagQVrYy
i5IWoTDVh22gn4MVtg20g6zU7mH4rxrbGqOm1LB2bVjs+bWyV4elKTodczZalnw1
sb6eLwwUQYwaeyefFt8WvPYdK+agd5m9GR9O9asJzVJyd80P6rMovt/v7WZA5hes
rLRpvqwU59q9nmgxYUsTS/stnmI2GGjy+uuxqGsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBT3U3k7QOaEYbj43qVAvXMLg38gYTAfBgNVHSMEGDAWgBRdo5QcJ8/lwjTE
vyIeyypXmy3qqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hhT1VIQ2ZQNWNJMHhMOGlIc3NxVjVzdDZxcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvMzBlZDNlLWM0YzQtNGRlOC1iNGYxLWYxMWEzOWYyNmMzYi8x
LzkxTjVPMERtaEdHNC1ONmxRTDF6QzROX0lHRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
MzBlZDNlLWM0YzQtNGRlOC1iNGYxLWYxMWEzOWYyNmMzYi8xL1hhT1VIQ2ZQNWNJ
MHhMOGlIc3NxVjVzdDZxcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAAW3mQMEALxAojANBgkqhkiG9w0B
AQsFAAOCAQEAEt5tcHxZWe68GQPNSCEIoWwBupMEcK0+LiPC4h9DLWKnxzGFBJ65
jryb2aWX1PGx6v+pR/Au+s8dAQpmxE1IFYTrTgIWLKnIuQWfet3LutQjTPiHY4/a
+DSY+Bl948ZkR61u9qYIr07/2kzsHHHe66qlgvOpAbLLTE1sh9wJ9ORU0+LaL1C1
eCGsCjw7ybF83V8SyMvFyX9BpYBk7soJG/TDXlk2PU+Ckz0vIdFriGgEMa2Gu9in
UCrC4RcKRV10B5SntLNJZ1emw4UFVtNPseQkVEFrGLTMKOOGogEdPx1RXH4eNyrt
dD45F2GJ6bi4TNxD6UZ0rrr9qosF60Qovg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org