Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e23d30-76e3-4491-8d75-2fda4c273a48/1/5XD46rgH_ZmlBK_ArbcVIww4aic.roa
File: 5XD46rgH_ZmlBK_ArbcVIww4aic.roa (raw, json)
Hash identifier: uXvgq6IFSi+A8o4MB4SmfhUEN1hY9Ldfq/YOIraNhjg=
Subject key identifier: E5:70:F8:EA:B8:07:FD:99:A5:04:AF:C0:AD:B7:15:23:0C:38:6A:27
Certificate issuer: /CN=556a5fa0dcfb34433f9b860d95e2c442547c5f9c
Certificate serial: 018CC493411EEAE24D5BFE723C2B1E10E9F1
Authority key identifier: 55:6A:5F:A0:DC:FB:34:43:3F:9B:86:0D:95:E2:C4:42:54:7C:5F:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VWpfoNz7NEM_m4YNleLEQlR8X5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e23d30-76e3-4491-8d75-2fda4c273a48/1/5XD46rgH_ZmlBK_ArbcVIww4aic.roa
Signing time: Mon 01 Jan 2024 10:30:33 +0000
ROA not before: Mon 01 Jan 2024 10:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57164
IP address blocks: 151.0.0.0/19 maxlen: 24
151.0.32.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:41:1e:ea:e2:4d:5b:fe:72:3c:2b:1e:10:e9:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=556a5fa0dcfb34433f9b860d95e2c442547c5f9c
Validity
Not Before: Jan 1 10:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e570f8eab807fd99a504afc0adb715230c386a27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4f:8a:2a:57:29:8c:e8:0f:a2:b8:99:ef:36:
0c:9d:56:00:f9:4e:3f:b3:73:13:dc:72:66:bd:f9:
a3:e0:7f:0b:0a:03:c8:f9:70:61:13:c9:9b:3c:41:
e8:6a:99:1e:f5:8a:78:0a:d9:00:1a:36:4f:56:52:
de:00:a3:2b:c3:10:cc:42:38:aa:4c:a6:41:29:7b:
a1:18:11:db:85:b7:a1:ef:dd:29:4c:48:2c:49:a3:
6b:6e:25:a0:fc:e6:35:f4:63:21:3b:ff:80:b5:24:
8a:68:52:58:1a:1b:00:2e:85:41:54:39:d5:54:c5:
c6:d6:c0:f1:84:5a:8c:d0:9d:20:9a:b7:67:5f:40:
b7:57:93:3d:de:f3:8e:a2:f3:d8:43:7d:eb:44:c4:
63:d7:75:7c:1a:3c:11:58:13:9a:d5:c5:49:29:bc:
8a:17:fb:b3:db:14:c2:d9:cd:2f:b9:d5:62:f8:ca:
95:cc:66:ec:83:11:2d:21:6d:5a:a8:00:69:7f:8e:
e1:95:ad:bc:e9:a6:31:51:d3:3e:a9:f7:02:bb:ec:
d4:dc:d1:f7:b2:07:70:15:82:7f:c6:f4:15:fe:eb:
54:e6:6c:a1:c1:be:1d:e7:97:ea:21:e8:7d:c5:32:
57:0d:a1:1a:5a:5a:84:18:e9:f0:cf:6f:ec:ca:bf:
77:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:70:F8:EA:B8:07:FD:99:A5:04:AF:C0:AD:B7:15:23:0C:38:6A:27
X509v3 Authority Key Identifier:
keyid:55:6A:5F:A0:DC:FB:34:43:3F:9B:86:0D:95:E2:C4:42:54:7C:5F:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VWpfoNz7NEM_m4YNleLEQlR8X5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e23d30-76e3-4491-8d75-2fda4c273a48/1/5XD46rgH_ZmlBK_ArbcVIww4aic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e23d30-76e3-4491-8d75-2fda4c273a48/1/VWpfoNz7NEM_m4YNleLEQlR8X5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.0.0.0-151.0.35.255
Signature Algorithm: sha256WithRSAEncryption
c8:95:f8:2f:26:a4:a7:48:75:c7:f3:52:86:8a:66:12:71:24:
ca:77:e8:37:a9:66:9f:db:4d:6c:91:83:64:aa:55:9d:2d:c3:
5e:51:e0:ac:d8:c3:94:62:0c:8d:2a:ac:38:74:bb:69:3d:5b:
84:8c:2f:b5:50:99:bd:da:4d:a4:7d:48:9e:62:80:16:ac:9d:
18:e6:a9:ef:11:8d:bd:ff:ff:ec:b7:d5:9e:9c:57:f5:44:31:
8a:20:4d:ee:fb:32:97:8c:91:28:28:72:50:4b:4d:2b:2d:a7:
7a:94:69:cd:dd:03:1b:6a:5b:19:5a:6d:2f:05:0e:62:78:3e:
18:4d:61:28:00:3b:fa:01:78:f2:0a:b6:af:f2:e2:02:6a:7f:
73:80:85:51:58:51:70:64:7d:0c:2d:77:f1:25:fc:95:e1:f9:
8a:2b:e8:f9:a7:30:c5:65:7e:df:ef:ba:84:0c:ca:4a:d7:06:
6e:8a:08:43:9a:8b:2b:ea:57:56:2c:23:08:4e:99:d0:69:b0:
41:89:71:1a:1c:2b:75:2e:60:9e:bb:57:4a:66:70:2d:d9:4a:
79:5c:50:0f:1b:ce:2e:85:5d:76:f2:2d:7a:a6:09:2c:e5:ed:
d7:80:29:85:07:e6:d5:af:03:d2:23:84:8b:25:74:37:26:1c:
65:25:b4:34
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEk0Ee6uJNW/5yPCseEOnxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NmE1ZmEwZGNmYjM0NDMzZjliODYwZDk1ZTJjNDQyNTQ3
YzVmOWMwHhcNMjQwMTAxMTAzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTcwZjhlYWI4MDdmZDk5YTUwNGFmYzBhZGI3MTUyMzBjMzg2YTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApk+KKlcpjOgPoriZ7zYMnVYA+U4/
s3MT3HJmvfmj4H8LCgPI+XBhE8mbPEHoapke9Yp4CtkAGjZPVlLeAKMrwxDMQjiq
TKZBKXuhGBHbhbeh790pTEgsSaNrbiWg/OY19GMhO/+AtSSKaFJYGhsALoVBVDnV
VMXG1sDxhFqM0J0gmrdnX0C3V5M93vOOovPYQ33rRMRj13V8GjwRWBOa1cVJKbyK
F/uz2xTC2c0vudVi+MqVzGbsgxEtIW1aqABpf47hla286aYxUdM+qfcCu+zU3NH3
sgdwFYJ/xvQV/utU5myhwb4d55fqIeh9xTJXDaEaWlqEGOnwz2/syr93/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOVw+Oq4B/2ZpQSvwK23FSMMOGonMB8GA1UdIwQY
MBaAFFVqX6Dc+zRDP5uGDZXixEJUfF+cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVldwZm9OejdORU1fbTRZTmxlTEVRbFI4WDV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lMjNkMzAtNzZlMy00NDkxLThkNzUt
MmZkYTRjMjczYTQ4LzEvNVhENDZyZ0hfWm1sQktfQXJiY1ZJd3c0YWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lMjNkMzAtNzZlMy00NDkxLThkNzUtMmZkYTRjMjczYTQ4
LzEvVldwZm9OejdORU1fbTRZTmxlTEVRbFI4WDV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMMAoDAgCXAwQC
lwAgMA0GCSqGSIb3DQEBCwUAA4IBAQDIlfgvJqSnSHXH81KGimYScSTKd+g3qWaf
201skYNkqlWdLcNeUeCs2MOUYgyNKqw4dLtpPVuEjC+1UJm92k2kfUieYoAWrJ0Y
5qnvEY29///st9WenFf1RDGKIE3u+zKXjJEoKHJQS00rLad6lGnN3QMbalsZWm0v
BQ5ieD4YTWEoADv6AXjyCrav8uICan9zgIVRWFFwZH0MLXfxJfyV4fmKK+j5pzDF
ZX7f77qEDMpK1wZuighDmosr6ldWLCMITpnQabBBiXEaHCt1LmCeu1dKZnAt2Up5
XFAPG84uhV128i16pgks5e3XgCmFB+bVrwPSI4SLJXQ3JhxlJbQ0
-----END CERTIFICATE-----
Generated at Fri Feb 2 09:27:08 2024 by rpki-client on console-ams.rpki-client.org