Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/5HWOCh7RZEmSgfelUz6hwWfePQw.roa
File: 5HWOCh7RZEmSgfelUz6hwWfePQw.roa (raw, json)
Hash identifier: Gm0yZ/JOIkzFUK+zZ+z6rh+xU2hStYihNSecBBIy1Xo=
Subject key identifier: E4:75:8E:0A:1E:D1:64:49:92:81:F7:A5:53:3E:A1:C1:67:DE:3D:0C
Certificate issuer: /CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Certificate serial: 0711781F
Authority key identifier: 6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/5HWOCh7RZEmSgfelUz6hwWfePQw.roa
Signing time: Tue 11 Jan 2022 09:16:48 +0000
ROA not before: Tue 11 Jan 2022 09:16:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136557
IP address blocks: 188.68.0.0/22 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118585375 (0x711781f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03a2caf298019fbd668621516c8c6e1d10e83c
Validity
Not Before: Jan 11 09:16:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4758e0a1ed164499281f7a5533ea1c167de3d0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fe:95:57:7c:92:cd:03:21:81:35:03:20:5c:
35:e8:76:fc:f3:75:ce:06:59:1c:57:e6:45:28:f7:
1d:ca:0b:af:51:6a:b7:ef:0d:5f:f9:89:f4:33:7b:
20:16:bc:3f:43:71:27:a6:57:5e:24:d9:d5:fc:21:
26:f8:a3:3b:48:99:00:ff:01:9d:9f:4c:28:44:d7:
72:a5:37:44:e4:ab:48:ff:c0:c1:3f:4e:58:90:5d:
ac:3c:dc:e5:98:9c:59:0e:23:c1:69:db:91:04:b9:
b8:4b:8b:58:c0:91:a1:a4:cc:62:fb:34:be:53:0c:
58:b2:e9:63:c7:76:65:a1:57:d7:8c:fc:e7:de:9f:
84:f5:13:93:c5:a6:93:1e:a6:a8:40:d0:a7:21:b3:
7d:fb:e3:0e:44:f7:4e:3f:39:e9:a9:29:8b:14:d8:
bb:88:61:56:0b:4d:f2:f7:03:b7:36:a6:04:e6:b3:
7a:5b:66:03:f8:3c:7a:31:e1:d3:d7:f9:0c:82:3b:
c9:d9:b0:01:0e:9b:a2:a9:66:2f:1e:de:4c:5d:aa:
bd:db:d5:58:e1:f4:c1:64:b0:67:a0:0b:3e:34:ca:
da:27:23:f3:9a:b9:dc:c3:8c:0c:c6:71:95:ce:a8:
48:c7:5f:7d:ba:c0:20:92:8a:58:47:07:6e:34:f8:
fd:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:75:8E:0A:1E:D1:64:49:92:81:F7:A5:53:3E:A1:C1:67:DE:3D:0C
X509v3 Authority Key Identifier:
keyid:6C:03:A2:CA:F2:98:01:9F:BD:66:86:21:51:6C:8C:6E:1D:10:E8:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/5HWOCh7RZEmSgfelUz6hwWfePQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/16b8e4-1253-4d9e-bd49-fc37fb0cd43b/1/bAOiyvKYAZ-9ZoYhUWyMbh0Q6Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.68.0.0/22
Signature Algorithm: sha256WithRSAEncryption
61:0f:2a:a9:df:59:79:4f:fb:4a:cf:e4:cc:f1:20:bf:d0:de:
4d:96:c6:37:e4:03:8f:a8:e4:9c:95:df:3e:cf:96:4f:16:03:
ce:c0:c3:21:01:19:f7:90:d3:08:97:60:e8:6b:9a:f6:d5:d8:
04:79:22:11:a5:07:08:75:e0:94:c0:76:e9:ad:2d:d1:a0:a8:
dd:d8:4b:0b:a3:c7:7a:34:39:c9:c7:5e:56:2a:c7:12:b8:dc:
8d:b7:e4:e3:89:4e:49:10:fb:e7:93:9a:1e:fb:b3:eb:bb:e1:
d5:22:2f:db:c1:e0:c7:29:37:fc:f4:d1:ec:fe:2f:9d:6a:8e:
06:d9:34:ad:6b:7c:a6:a5:1c:57:6c:83:05:68:fd:e5:72:18:
3b:d2:e3:c9:7a:78:a9:61:ab:da:48:e0:45:d3:4c:1d:41:3b:
80:87:dd:69:2e:c5:42:aa:90:99:c9:9b:e2:db:d1:02:ce:19:
99:2e:c6:f2:d2:7d:62:f4:dd:7c:12:6c:cd:1e:e7:4f:1c:51:
48:36:e7:3f:1d:f7:9d:9b:00:5d:c3:42:83:e7:57:cb:33:44:
0f:c8:44:e1:75:d5:c8:92:43:31:10:da:bb:4e:58:74:6b:65:
05:bb:70:a7:6c:1c:62:2a:d9:64:63:f2:b6:c9:87:96:d0:ec:
7c:32:5a:fd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBxF4HzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzAzYTJjYWYyOTgwMTlmYmQ2Njg2MjE1MTZjOGM2ZTFkMTBlODNjMB4XDTIyMDEx
MTA5MTY0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQ3NThlMGExZWQx
NjQ0OTkyODFmN2E1NTMzZWExYzE2N2RlM2QwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMz+lVd8ks0DIYE1AyBcNeh2/PN1zgZZHFfmRSj3HcoLr1Fq
t+8NX/mJ9DN7IBa8P0NxJ6ZXXiTZ1fwhJvijO0iZAP8BnZ9MKETXcqU3ROSrSP/A
wT9OWJBdrDzc5ZicWQ4jwWnbkQS5uEuLWMCRoaTMYvs0vlMMWLLpY8d2ZaFX14z8
596fhPUTk8Wmkx6mqEDQpyGzffvjDkT3Tj856akpixTYu4hhVgtN8vcDtzamBOaz
eltmA/g8ejHh09f5DII7ydmwAQ6boqlmLx7eTF2qvdvVWOH0wWSwZ6ALPjTK2icj
85q53MOMDMZxlc6oSMdffbrAIJKKWEcHbjT4/aECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTkdY4KHtFkSZKB96VTPqHBZ949DDAfBgNVHSMEGDAWgBRsA6LK8pgBn71m
hiFRbIxuHRDoPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JBT2l5dktZQVotOVpvWWhVV3lNYmgwUTZEdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvMTZiOGU0LTEyNTMtNGQ5ZS1iZDQ5LWZjMzdmYjBjZDQzYi8x
LzVIV09DaDdSWkVtU2dmZWxVejZod1dmZVBRdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
MTZiOGU0LTEyNTMtNGQ5ZS1iZDQ5LWZjMzdmYjBjZDQzYi8xL2JBT2l5dktZQVot
OVpvWWhVV3lNYmgwUTZEdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArxEADANBgkqhkiG9w0BAQsFAAOC
AQEAYQ8qqd9ZeU/7Ss/kzPEgv9DeTZbGN+QDj6jknJXfPs+WTxYDzsDDIQEZ95DT
CJdg6Gua9tXYBHkiEaUHCHXglMB26a0t0aCo3dhLC6PHejQ5ycdeVirHErjcjbfk
44lOSRD755OaHvuz67vh1SIv28Hgxyk3/PTR7P4vnWqOBtk0rWt8pqUcV2yDBWj9
5XIYO9LjyXp4qWGr2kjgRdNMHUE7gIfdaS7FQqqQmcmb4tvRAs4ZmS7G8tJ9YvTd
fBJszR7nTxxRSDbnPx33nZsAXcNCg+dXyzNED8hE4XXVyJJDMRDau05YdGtlBbtw
p2wcYirZZGPytsmHltDsfDJa/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:49 2024 by rpki-client on console-ams.rpki-client.org