Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/EKImINhC-f-ZEePB5cUNjzTFE0s.roa
File: EKImINhC-f-ZEePB5cUNjzTFE0s.roa (raw, json)
Hash identifier: 6vDjedFGAxHdBEk/efHQtTzcYHNBHz8LajM6QHcbKNQ=
Subject key identifier: 10:A2:26:20:D8:42:F9:FF:99:11:E3:C1:E5:C5:0D:8F:34:C5:13:4B
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01856F1DBF0872E84F322F37D8C61C39844E
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/EKImINhC-f-ZEePB5cUNjzTFE0s.roa
Signing time: Sun 01 Jan 2023 20:54:58 +0000
ROA not before: Sun 01 Jan 2023 20:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49598
IP address blocks: 5.183.153.0/24 maxlen: 24
45.136.146.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:bf:08:72:e8:4f:32:2f:37:d8:c6:1c:39:84:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 1 20:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10a22620d842f9ff9911e3c1e5c50d8f34c5134b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c9:50:b0:41:60:dc:28:aa:43:3f:41:59:a3:
d5:b1:0e:52:3c:82:ea:b7:31:3b:6e:74:78:fd:a7:
36:12:40:b0:b9:48:c0:1b:34:42:a0:0e:95:ac:08:
97:03:6c:fd:e3:7a:10:4d:ec:47:dc:02:67:47:0f:
49:c3:7b:33:2a:97:07:3d:2d:cd:8f:6f:f2:40:3b:
21:92:1b:3f:c9:71:6c:3d:ba:a0:79:3d:ae:da:1c:
e4:12:f6:c6:67:ac:52:2e:7e:c8:18:57:8a:9d:22:
ca:de:33:d6:b4:36:12:0d:f1:4b:f2:b6:74:61:a9:
44:54:21:4d:d5:a7:a3:aa:66:03:1a:72:50:d1:21:
47:ca:26:75:f5:db:a9:3a:67:84:ef:0c:94:a2:8b:
34:3b:a0:e2:20:1e:9f:a3:35:71:1f:37:7b:23:5f:
db:a9:e3:05:13:82:0d:f2:42:bf:db:d7:58:f5:0d:
40:1f:7b:8c:3f:87:78:e2:5c:70:54:40:b7:12:12:
cc:c5:00:58:ca:ef:e7:b2:54:2f:f4:4a:db:99:24:
dd:0a:87:52:3f:f9:26:6e:ba:7a:04:66:9a:68:aa:
80:28:49:3c:06:91:2c:03:28:67:00:91:c6:47:ec:
a3:a7:ce:0a:4d:f8:3b:c7:5e:5c:49:a6:7f:f7:ae:
04:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:A2:26:20:D8:42:F9:FF:99:11:E3:C1:E5:C5:0D:8F:34:C5:13:4B
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/EKImINhC-f-ZEePB5cUNjzTFE0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.153.0/24
45.136.146.0/24
Signature Algorithm: sha256WithRSAEncryption
42:34:3e:13:e7:a5:9a:11:bc:75:5e:be:fc:9c:95:0e:88:ff:
63:97:0d:17:3c:0e:44:71:bd:78:d2:e7:55:ff:49:13:21:46:
e0:f9:ed:c0:12:7d:00:91:ee:ef:b3:29:f8:63:f4:cd:ed:50:
44:8a:53:02:1a:bd:37:86:ef:68:f6:9c:88:8e:55:65:fb:44:
6d:72:6c:51:24:fc:ed:56:92:59:74:92:85:5b:63:ef:03:99:
92:a8:f8:9e:16:c5:f5:dc:1b:cd:06:d9:f3:5e:45:87:8f:dc:
73:8a:ca:31:5d:65:de:0e:3b:2c:0d:b9:5b:89:cd:52:3d:fd:
b1:cf:03:15:41:31:6a:f2:c8:e4:76:8e:ad:1a:3a:73:18:31:
57:3a:d9:ab:52:39:f9:9b:0f:22:ac:14:02:fb:cc:1f:7f:79:
04:cb:26:2f:55:a1:b6:71:e4:b8:ce:24:90:0f:9a:a7:4f:64:
4b:e1:65:56:37:7c:ad:89:57:26:9e:70:1f:6e:47:12:19:fd:
77:18:96:cc:e7:be:50:6d:be:b7:3e:15:16:c3:8c:c7:8b:71:
8c:35:2f:cc:4b:bc:11:71:28:b5:57:15:a1:40:98:1c:11:a4:
06:95:5c:60:3d:f8:ff:08:cc:07:99:f7:42:c2:87:dc:46:e3:
26:8d:20:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvHb8IcuhPMi832MYcOYROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjMwMTAxMjA1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGEyMjYyMGQ4NDJmOWZmOTkxMWUzYzFlNWM1MGQ4ZjM0YzUxMzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMlQsEFg3CiqQz9BWaPVsQ5SPILq
tzE7bnR4/ac2EkCwuUjAGzRCoA6VrAiXA2z943oQTexH3AJnRw9Jw3szKpcHPS3N
j2/yQDshkhs/yXFsPbqgeT2u2hzkEvbGZ6xSLn7IGFeKnSLK3jPWtDYSDfFL8rZ0
YalEVCFN1aejqmYDGnJQ0SFHyiZ19dupOmeE7wyUoos0O6DiIB6fozVxHzd7I1/b
qeMFE4IN8kK/29dY9Q1AH3uMP4d44lxwVEC3EhLMxQBYyu/nslQv9ErbmSTdCodS
P/kmbrp6BGaaaKqAKEk8BpEsAyhnAJHGR+yjp84KTfg7x15cSaZ/964EewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBCiJiDYQvn/mRHjweXFDY80xRNLMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvRUtJbUlOaEMtZi1aRWVQQjVjVU5qelRGRTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbeZAwQA
LYiSMA0GCSqGSIb3DQEBCwUAA4IBAQBCND4T56WaEbx1Xr78nJUOiP9jlw0XPA5E
cb140udV/0kTIUbg+e3AEn0Ake7vsyn4Y/TN7VBEilMCGr03hu9o9pyIjlVl+0Rt
cmxRJPztVpJZdJKFW2PvA5mSqPieFsX13BvNBtnzXkWHj9xzisoxXWXeDjssDblb
ic1SPf2xzwMVQTFq8sjkdo6tGjpzGDFXOtmrUjn5mw8irBQC+8wff3kEyyYvVaG2
ceS4ziSQD5qnT2RL4WVWN3ytiVcmnnAfbkcSGf13GJbM575Qbb63PhUWw4zHi3GM
NS/MS7wRcSi1VxWhQJgcEaQGlVxgPfj/CMwHmfdCwofcRuMmjSAq
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:13 2023 by rpki-client on console-ams.rpki-client.org