Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/9a5c17-956e-4077-94c3-d6ff913fca12/1/nko4GMVeBIT463lqH3n17BOoBdU.roa
File: nko4GMVeBIT463lqH3n17BOoBdU.roa (raw, json)
Hash identifier: vNliJoVHRxkqWXgLrf1rQ0rCyK/uLDcRP9fULyckulg=
Subject key identifier: 9E:4A:38:18:C5:5E:04:84:F8:EB:79:6A:1F:79:F5:EC:13:A8:05:D5
Certificate issuer: /CN=8ef9348e277114ccebbad89efe895f50a12a8187
Certificate serial: 016779
Authority key identifier: 8E:F9:34:8E:27:71:14:CC:EB:BA:D8:9E:FE:89:5F:50:A1:2A:81:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jvk0jidxFMzrutie_olfUKEqgYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/9a5c17-956e-4077-94c3-d6ff913fca12/1/nko4GMVeBIT463lqH3n17BOoBdU.roa
Signing time: Thu 17 Mar 2022 19:44:59 +0000
ROA not before: Thu 17 Mar 2022 19:44:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38933
IP address blocks: 5.133.104.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92025 (0x16779)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ef9348e277114ccebbad89efe895f50a12a8187
Validity
Not Before: Mar 17 19:44:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e4a3818c55e0484f8eb796a1f79f5ec13a805d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:07:dc:51:d0:4f:47:61:36:59:99:1c:f2:40:
f1:a6:6d:91:ca:42:d7:32:50:35:5c:db:2b:66:37:
c4:9f:7f:49:16:05:be:48:2a:a7:8b:57:46:3c:2b:
6b:03:eb:0b:e5:ae:4a:6b:31:b0:ab:d4:5d:2c:e3:
f3:95:cb:ab:e0:d3:67:0c:5b:cb:37:0d:e6:cb:6d:
bc:fb:86:44:a2:fd:7c:be:84:81:5d:ad:01:53:c0:
ea:1e:7b:20:a1:4b:c7:3a:3f:14:38:2c:33:1d:39:
91:46:67:be:b0:ae:58:ee:ed:f3:24:0f:48:d2:3a:
7e:d3:90:d6:12:cf:6f:5c:b8:63:7f:8c:7b:15:65:
56:68:36:2d:f5:f1:37:64:6f:65:56:62:5a:fa:04:
0f:13:27:eb:b1:25:2c:21:e7:f0:37:bb:fd:c0:09:
16:3f:dc:a2:6a:97:3e:d8:28:c8:97:8e:fc:08:04:
09:13:df:f2:bb:ea:b2:3a:66:f7:43:bf:69:a3:1c:
5d:5c:af:c5:2f:7f:21:96:3f:4b:45:9c:5f:23:59:
21:f0:2d:be:93:10:92:35:0c:d9:48:4e:81:5a:3c:
80:ae:ff:ae:51:e4:e7:b5:e5:58:fb:96:31:e3:10:
51:09:1d:ff:14:a0:b5:de:df:e2:67:ca:a8:5c:03:
77:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:4A:38:18:C5:5E:04:84:F8:EB:79:6A:1F:79:F5:EC:13:A8:05:D5
X509v3 Authority Key Identifier:
keyid:8E:F9:34:8E:27:71:14:CC:EB:BA:D8:9E:FE:89:5F:50:A1:2A:81:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jvk0jidxFMzrutie_olfUKEqgYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/9a5c17-956e-4077-94c3-d6ff913fca12/1/nko4GMVeBIT463lqH3n17BOoBdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/9a5c17-956e-4077-94c3-d6ff913fca12/1/jvk0jidxFMzrutie_olfUKEqgYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.104.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:9e:8f:d0:c3:c3:07:95:12:6b:e7:dc:d8:d7:0b:7d:f4:2c:
07:20:f9:c5:51:c4:2e:c6:20:01:32:e6:55:92:16:35:fe:e3:
a3:6d:16:92:bf:91:91:0a:e7:f6:c1:02:ad:8e:86:d2:41:76:
db:7c:9c:25:bb:40:c4:17:26:ac:0b:a0:1a:7b:84:13:41:40:
e4:a7:62:1e:2e:2f:e7:88:60:d6:04:08:60:7a:d8:84:d9:34:
f6:53:4f:1a:73:18:18:f1:cd:7c:19:cd:17:73:78:40:b7:fd:
47:20:40:af:3a:9e:b4:df:8b:bc:d5:38:ff:1f:38:2d:b5:20:
a1:92:b8:25:04:9c:1e:68:f6:f6:e5:d4:da:dd:b8:e1:35:09:
ec:e2:ec:55:76:b4:ec:f6:27:45:2b:ed:53:97:f9:5e:e9:e8:
c5:29:7a:63:c2:87:71:3b:a4:c0:ed:7e:ea:1f:a2:ed:8f:6d:
21:62:e9:df:25:83:19:ea:58:4a:bf:05:22:bb:a4:58:fb:97:
26:1c:ef:0f:f9:af:e3:52:2e:34:18:d8:0b:30:97:32:f5:f7:
5e:62:5f:b8:42:4d:bc:bf:46:32:99:7b:d3:07:ca:75:e6:c5:
b3:82:cc:8b:78:62:db:38:02:88:ee:ab:6f:24:15:67:f8:85:
36:89:97:6e
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAWd5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhl
ZjkzNDhlMjc3MTE0Y2NlYmJhZDg5ZWZlODk1ZjUwYTEyYTgxODcwHhcNMjIwMzE3
MTk0NDU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5ZTRhMzgxOGM1NWUw
NDg0ZjhlYjc5NmExZjc5ZjVlYzEzYTgwNWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwAfcUdBPR2E2WZkc8kDxpm2RykLXMlA1XNsrZjfEn39JFgW+
SCqni1dGPCtrA+sL5a5KazGwq9RdLOPzlcur4NNnDFvLNw3my228+4ZEov18voSB
Xa0BU8DqHnsgoUvHOj8UOCwzHTmRRme+sK5Y7u3zJA9I0jp+05DWEs9vXLhjf4x7
FWVWaDYt9fE3ZG9lVmJa+gQPEyfrsSUsIefwN7v9wAkWP9yiapc+2CjIl478CAQJ
E9/yu+qyOmb3Q79poxxdXK/FL38hlj9LRZxfI1kh8C2+kxCSNQzZSE6BWjyArv+u
UeTnteVY+5Yx4xBRCR3/FKC13t/iZ8qoXAN3vQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFJ5KOBjFXgSE+Ot5ah959ewTqAXVMB8GA1UdIwQYMBaAFI75NI4ncRTM67rY
nv6JX1ChKoGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
anZrMGppZHhGTXpydXRpZV9vbGZVS0VxZ1ljLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84My85YTVjMTctOTU2ZS00MDc3LTk0YzMtZDZmZjkxM2ZjYTEyLzEv
bmtvNEdNVmVCSVQ0NjNscUgzbjE3Qk9vQmRVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My85
YTVjMTctOTU2ZS00MDc3LTk0YzMtZDZmZjkxM2ZjYTEyLzEvanZrMGppZHhGTXpy
dXRpZV9vbGZVS0VxZ1ljLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBYVoMA0GCSqGSIb3DQEBCwUAA4IB
AQCjno/Qw8MHlRJr59zY1wt99CwHIPnFUcQuxiABMuZVkhY1/uOjbRaSv5GRCuf2
wQKtjobSQXbbfJwlu0DEFyasC6Aae4QTQUDkp2IeLi/niGDWBAhgetiE2TT2U08a
cxgY8c18Gc0Xc3hAt/1HIECvOp6034u81Tj/HzgttSChkrglBJweaPb25dTa3bjh
NQns4uxVdrTs9idFK+1Tl/le6ejFKXpjwodxO6TA7X7qH6Ltj20hYunfJYMZ6lhK
vwUiu6RY+5cmHO8P+a/jUi40GNgLMJcy9fdeYl+4Qk28v0YymXvTB8p15sWzgsyL
eGLbOAKI7qtvJBVn+IU2iZdu
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:11:14 2025 by rpki-client