Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/9a5c17-956e-4077-94c3-d6ff913fca12/1/Nt4jNKgfm2KRCf6feuuq66eLQVg.roa
File: Nt4jNKgfm2KRCf6feuuq66eLQVg.roa (raw, json)
Hash identifier: oyTrUotMiHCFlTHxLtEi7eMbTbQVbsd1fGW3szCHZ4A=
Subject key identifier: 36:DE:23:34:A8:1F:9B:62:91:09:FE:9F:7A:EB:AA:EB:A7:8B:41:58
Certificate issuer: /CN=8ef9348e277114ccebbad89efe895f50a12a8187
Certificate serial: 018CC64B481C547C30CDF40B30AB6C323997
Authority key identifier: 8E:F9:34:8E:27:71:14:CC:EB:BA:D8:9E:FE:89:5F:50:A1:2A:81:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jvk0jidxFMzrutie_olfUKEqgYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/9a5c17-956e-4077-94c3-d6ff913fca12/1/Nt4jNKgfm2KRCf6feuuq66eLQVg.roa
Signing time: Mon 01 Jan 2024 18:31:11 +0000
ROA not before: Mon 01 Jan 2024 18:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38933
IP address blocks: 5.133.104.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:48:1c:54:7c:30:cd:f4:0b:30:ab:6c:32:39:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ef9348e277114ccebbad89efe895f50a12a8187
Validity
Not Before: Jan 1 18:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36de2334a81f9b629109fe9f7aebaaeba78b4158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:6d:20:ee:74:de:37:65:80:28:38:86:ce:13:
46:12:7a:a1:8f:65:02:11:99:ef:fd:a9:1d:37:a3:
2a:6d:7c:a5:24:67:a7:74:61:88:97:ac:bf:96:da:
1a:00:30:48:8c:12:95:c6:bc:37:99:0c:15:e2:cd:
ec:b6:53:fa:dd:13:55:fe:2c:00:b9:8c:eb:0e:0c:
06:27:9f:70:1a:7c:27:81:73:08:b5:95:02:82:9f:
88:28:5e:68:b6:90:1a:5f:88:15:e1:ea:f3:ae:e0:
f8:e6:bb:cc:d4:d0:84:c4:c7:aa:6a:42:36:b5:c8:
01:bf:c5:90:8e:f0:27:d8:58:79:28:ae:4c:03:4d:
a0:f6:e2:75:a8:3d:fc:96:48:85:a2:73:0d:1d:b5:
64:03:73:71:b6:a2:a4:3f:71:6a:fe:f9:03:e7:1e:
ce:ae:27:dd:6d:a8:bb:37:35:d8:22:2d:78:fb:02:
fb:85:3b:6e:07:6d:10:a0:9c:55:b7:33:ba:52:e0:
9f:a9:90:79:25:61:f8:7a:58:9a:ac:68:b2:5b:22:
da:63:02:ca:92:d2:c6:26:34:29:bc:13:38:22:19:
2d:d4:fe:f1:26:5a:81:65:c0:55:91:41:3f:49:41:
18:e7:0c:7f:84:bb:6c:74:4d:e3:49:b7:bd:2b:d1:
99:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:DE:23:34:A8:1F:9B:62:91:09:FE:9F:7A:EB:AA:EB:A7:8B:41:58
X509v3 Authority Key Identifier:
keyid:8E:F9:34:8E:27:71:14:CC:EB:BA:D8:9E:FE:89:5F:50:A1:2A:81:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jvk0jidxFMzrutie_olfUKEqgYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/9a5c17-956e-4077-94c3-d6ff913fca12/1/Nt4jNKgfm2KRCf6feuuq66eLQVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/9a5c17-956e-4077-94c3-d6ff913fca12/1/jvk0jidxFMzrutie_olfUKEqgYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.104.0/22
Signature Algorithm: sha256WithRSAEncryption
37:2e:3a:3e:40:d2:ab:f4:14:7c:db:6d:f3:e3:a3:b7:1a:c0:
02:63:45:2a:cc:05:7f:c1:10:ec:ee:b6:04:98:66:3e:dd:87:
49:0d:48:ce:2a:0d:13:c4:52:aa:7f:09:80:92:f9:93:20:76:
e5:9a:37:74:a4:b7:35:98:2f:f9:da:5c:ba:d1:5d:8d:2d:e7:
2c:4a:fb:75:13:62:22:9d:67:88:1a:fe:93:5a:2d:e3:02:f9:
1f:36:fa:0a:89:fc:9a:a0:a6:94:0f:32:f7:59:1a:f6:72:b4:
f9:86:f9:dd:1b:2a:ec:60:92:d5:21:66:e4:a1:e7:0e:a0:a3:
48:d1:44:66:e2:b1:66:6d:e3:28:26:12:7d:c2:11:6b:82:96:
8f:2e:90:7d:eb:ab:4b:79:39:da:c1:1d:e8:cd:b8:55:22:2e:
b5:6d:0f:4a:d4:b8:a9:0e:db:6f:bd:b3:4c:e3:fa:5f:4f:94:
f1:6a:10:11:32:fa:74:b8:0b:76:4b:09:bf:56:24:dd:48:8d:
10:e0:41:fb:0b:b2:c9:ee:f8:6e:2d:39:54:67:b5:2b:0d:14:
5c:cc:04:7a:15:a4:5c:c3:da:04:af:f3:2c:15:e0:89:e0:25:
32:ef:fe:29:bf:43:f2:11:ed:78:1c:b6:47:f4:97:a2:c4:e5:
04:55:89:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS0gcVHwwzfQLMKtsMjmXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZjkzNDhlMjc3MTE0Y2NlYmJhZDg5ZWZlODk1ZjUwYTEy
YTgxODcwHhcNMjQwMTAxMTgzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmRlMjMzNGE4MWY5YjYyOTEwOWZlOWY3YWViYWFlYmE3OGI0MTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg20g7nTeN2WAKDiGzhNGEnqhj2UC
EZnv/akdN6MqbXylJGendGGIl6y/ltoaADBIjBKVxrw3mQwV4s3stlP63RNV/iwA
uYzrDgwGJ59wGnwngXMItZUCgp+IKF5otpAaX4gV4erzruD45rvM1NCExMeqakI2
tcgBv8WQjvAn2Fh5KK5MA02g9uJ1qD38lkiFonMNHbVkA3NxtqKkP3Fq/vkD5x7O
rifdbai7NzXYIi14+wL7hTtuB20QoJxVtzO6UuCfqZB5JWH4eliarGiyWyLaYwLK
ktLGJjQpvBM4Ihkt1P7xJlqBZcBVkUE/SUEY5wx/hLtsdE3jSbe9K9GZPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbeIzSoH5tikQn+n3rrquuni0FYMB8GA1UdIwQY
MBaAFI75NI4ncRTM67rYnv6JX1ChKoGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanZrMGppZHhGTXpydXRpZV9vbGZVS0VxZ1ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My85YTVjMTctOTU2ZS00MDc3LTk0YzMt
ZDZmZjkxM2ZjYTEyLzEvTnQ0ak5LZ2ZtMktSQ2Y2ZmV1dXE2NmVMUVZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My85YTVjMTctOTU2ZS00MDc3LTk0YzMtZDZmZjkxM2ZjYTEy
LzEvanZrMGppZHhGTXpydXRpZV9vbGZVS0VxZ1ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBYVoMA0G
CSqGSIb3DQEBCwUAA4IBAQA3Ljo+QNKr9BR8223z46O3GsACY0UqzAV/wRDs7rYE
mGY+3YdJDUjOKg0TxFKqfwmAkvmTIHblmjd0pLc1mC/52ly60V2NLecsSvt1E2Ii
nWeIGv6TWi3jAvkfNvoKifyaoKaUDzL3WRr2crT5hvndGyrsYJLVIWbkoecOoKNI
0URm4rFmbeMoJhJ9whFrgpaPLpB966tLeTnawR3ozbhVIi61bQ9K1LipDttvvbNM
4/pfT5TxahARMvp0uAt2Swm/ViTdSI0Q4EH7C7LJ7vhuLTlUZ7UrDRRczAR6FaRc
w9oEr/MsFeCJ4CUy7/4pv0PyEe14HLZH9JeixOUEVYm+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:18 2024 by rpki-client on console-fra.rpki-client.org