Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/9a5c17-956e-4077-94c3-d6ff913fca12/1/cSUvkFgcFtXrEFYMAOhTxC0QRW0.roa
File: cSUvkFgcFtXrEFYMAOhTxC0QRW0.roa (raw, json)
Hash identifier: g5fHuT+xT2WdC6dEEVNrjVUfVTW0BS+prJnU+cJgYGk=
Subject key identifier: 71:25:2F:90:58:1C:16:D5:EB:10:56:0C:00:E8:53:C4:2D:10:45:6D
Certificate issuer: /CN=8ef9348e277114ccebbad89efe895f50a12a8187
Certificate serial: 0185728C91F54D58BE5273CB390081DCFD6C
Authority key identifier: 8E:F9:34:8E:27:71:14:CC:EB:BA:D8:9E:FE:89:5F:50:A1:2A:81:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jvk0jidxFMzrutie_olfUKEqgYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/9a5c17-956e-4077-94c3-d6ff913fca12/1/cSUvkFgcFtXrEFYMAOhTxC0QRW0.roa
Signing time: Mon 02 Jan 2023 12:54:52 +0000
ROA not before: Mon 02 Jan 2023 12:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38933
IP address blocks: 5.133.104.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:91:f5:4d:58:be:52:73:cb:39:00:81:dc:fd:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ef9348e277114ccebbad89efe895f50a12a8187
Validity
Not Before: Jan 2 12:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71252f90581c16d5eb10560c00e853c42d10456d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a5:cb:47:0c:93:fc:e0:75:f4:01:26:3d:f7:
c0:d0:ca:66:b6:6b:3b:c0:55:13:c1:73:ee:b7:a9:
47:52:64:5b:12:d7:b4:8a:88:c0:d4:74:e7:00:1b:
d3:ca:36:c6:eb:03:8b:9d:e6:29:7b:6f:fc:9b:21:
2a:3b:f0:e4:28:32:22:c0:c6:05:db:e7:17:b6:70:
d5:7f:34:32:95:69:fb:4b:d6:89:a4:cb:87:e2:44:
6f:55:34:0d:59:6f:76:3c:89:05:56:de:a8:ab:72:
b3:ea:7c:79:1c:d1:9c:5b:11:3b:ef:f4:34:97:b6:
39:75:2b:a8:bb:40:e8:52:a1:d3:45:67:32:b0:47:
24:ec:e2:a0:8a:68:47:6c:fd:42:8e:01:dc:cd:ef:
35:70:6e:fc:02:90:69:e6:ba:17:8b:f8:d9:85:bd:
c2:c7:a6:11:b4:a3:e2:f0:0f:04:f9:57:59:57:6a:
2b:ae:47:ab:ee:5a:94:57:62:7c:e7:56:49:0a:4f:
f4:28:94:e2:93:d9:b7:30:ac:c0:89:9a:31:2f:0f:
b8:50:c9:8e:fa:95:30:64:f6:4e:e7:6b:eb:2e:4b:
3b:13:7c:f5:ff:2a:4d:66:c9:25:e4:f7:c4:ab:0f:
2b:7c:d9:2b:de:7a:a5:d4:1c:66:f8:db:83:81:41:
13:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:25:2F:90:58:1C:16:D5:EB:10:56:0C:00:E8:53:C4:2D:10:45:6D
X509v3 Authority Key Identifier:
keyid:8E:F9:34:8E:27:71:14:CC:EB:BA:D8:9E:FE:89:5F:50:A1:2A:81:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jvk0jidxFMzrutie_olfUKEqgYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/9a5c17-956e-4077-94c3-d6ff913fca12/1/cSUvkFgcFtXrEFYMAOhTxC0QRW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/9a5c17-956e-4077-94c3-d6ff913fca12/1/jvk0jidxFMzrutie_olfUKEqgYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.104.0/22
Signature Algorithm: sha256WithRSAEncryption
10:ce:98:b7:6e:d2:5a:15:04:99:3a:00:d8:83:aa:6a:67:8e:
ca:a5:a5:1a:b7:1e:b2:1f:e2:b0:e2:4f:41:40:96:6a:20:62:
f2:d3:ac:ab:25:27:43:ea:59:72:10:4d:c0:1f:55:08:cd:b0:
e2:0c:41:ac:36:a8:77:51:b6:ff:32:b7:25:7a:02:33:92:c3:
b1:9b:63:5f:10:97:2f:bc:1b:0d:d7:1d:2b:59:fd:1d:bd:4f:
4d:a3:b7:68:92:20:9a:97:47:aa:6c:f8:a8:0d:58:eb:5c:eb:
54:64:34:e9:cc:b8:92:c8:e7:46:2f:c1:2a:7f:83:59:e8:a8:
05:48:59:0a:1f:71:ee:69:d3:aa:df:e8:71:90:70:31:79:bc:
06:be:64:ab:fd:fc:9e:ed:3c:52:99:1e:1a:d3:e5:22:7e:78:
ab:89:17:65:e9:f7:72:4b:b7:55:40:d1:1c:fc:4e:f1:a8:d4:
93:71:3d:21:96:b4:68:f6:c9:6b:05:d1:e0:f6:d7:db:5a:fa:
fb:83:34:c4:11:a7:1f:18:4c:d0:0f:5a:0a:2a:87:6e:5b:07:
69:ee:5d:62:45:ea:e9:12:d4:5c:55:1f:36:f4:c4:e0:a9:87:
77:48:7e:74:fa:dc:6f:38:a3:24:ba:73:80:f3:23:2f:1c:e6:
04:51:51:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyjJH1TVi+UnPLOQCB3P1sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZjkzNDhlMjc3MTE0Y2NlYmJhZDg5ZWZlODk1ZjUwYTEy
YTgxODcwHhcNMjMwMTAyMTI1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTI1MmY5MDU4MWMxNmQ1ZWIxMDU2MGMwMGU4NTNjNDJkMTA0NTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6XLRwyT/OB19AEmPffA0Mpmtms7
wFUTwXPut6lHUmRbEte0iojA1HTnABvTyjbG6wOLneYpe2/8myEqO/DkKDIiwMYF
2+cXtnDVfzQylWn7S9aJpMuH4kRvVTQNWW92PIkFVt6oq3Kz6nx5HNGcWxE77/Q0
l7Y5dSuou0DoUqHTRWcysEck7OKgimhHbP1CjgHcze81cG78ApBp5roXi/jZhb3C
x6YRtKPi8A8E+VdZV2orrker7lqUV2J851ZJCk/0KJTik9m3MKzAiZoxLw+4UMmO
+pUwZPZO52vrLks7E3z1/ypNZskl5PfEqw8rfNkr3nql1Bxm+NuDgUETQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHElL5BYHBbV6xBWDADoU8QtEEVtMB8GA1UdIwQY
MBaAFI75NI4ncRTM67rYnv6JX1ChKoGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanZrMGppZHhGTXpydXRpZV9vbGZVS0VxZ1ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My85YTVjMTctOTU2ZS00MDc3LTk0YzMt
ZDZmZjkxM2ZjYTEyLzEvY1NVdmtGZ2NGdFhyRUZZTUFPaFR4QzBRUlcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My85YTVjMTctOTU2ZS00MDc3LTk0YzMtZDZmZjkxM2ZjYTEy
LzEvanZrMGppZHhGTXpydXRpZV9vbGZVS0VxZ1ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBYVoMA0G
CSqGSIb3DQEBCwUAA4IBAQAQzpi3btJaFQSZOgDYg6pqZ47KpaUatx6yH+Kw4k9B
QJZqIGLy06yrJSdD6llyEE3AH1UIzbDiDEGsNqh3Ubb/MrclegIzksOxm2NfEJcv
vBsN1x0rWf0dvU9No7dokiCal0eqbPioDVjrXOtUZDTpzLiSyOdGL8Eqf4NZ6KgF
SFkKH3HuadOq3+hxkHAxebwGvmSr/fye7TxSmR4a0+UifniriRdl6fdyS7dVQNEc
/E7xqNSTcT0hlrRo9slrBdHg9tfbWvr7gzTEEacfGEzQD1oKKoduWwdp7l1iRerp
EtRcVR829MTgqYd3SH50+txvOKMkunOA8yMvHOYEUVGb
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:37 2025 by rpki-client