Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/EfH1iXl0_oTi1mmxVTg3hUJfKZo.roa
File: EfH1iXl0_oTi1mmxVTg3hUJfKZo.roa (raw, json)
Hash identifier: Ke7gXCmo9TMNyoiI73TaTP5fTNCm5S2zFyLx0oDFCd0=
Subject key identifier: 11:F1:F5:89:79:74:FE:84:E2:D6:69:B1:55:38:37:85:42:5F:29:9A
Certificate issuer: /CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Certificate serial: 0A83CC34
Authority key identifier: B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/EfH1iXl0_oTi1mmxVTg3hUJfKZo.roa
Signing time: Sat 01 Jan 2022 02:54:19 +0000
ROA not before: Sat 01 Jan 2022 02:54:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60201
IP address blocks: 5.154.180.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176409652 (0xa83cc34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Validity
Not Before: Jan 1 02:54:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11f1f5897974fe84e2d669b155383785425f299a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:00:cd:89:8a:a7:14:55:3a:10:23:d2:11:69:
43:7c:98:93:6f:79:fc:bf:61:b7:1e:a6:3a:2e:ab:
41:ba:7c:8f:7a:0c:1e:b7:64:cd:56:9e:bf:87:8a:
26:d1:68:bf:82:1d:a9:17:0f:f0:ca:2d:5a:cd:6d:
f7:51:4d:e5:38:c2:6e:e4:46:27:2e:70:77:38:ba:
87:1f:fd:98:e9:78:54:5a:be:9d:f8:2f:5a:fa:9f:
db:ad:f8:0c:e4:af:00:3a:af:8c:52:c0:83:da:c6:
00:71:bd:5c:41:72:ec:89:58:fe:5f:e2:de:41:bb:
9b:69:6b:be:2c:3b:93:05:27:56:3a:cb:69:f6:41:
d6:87:0e:e4:06:cb:90:95:99:3a:e8:8e:76:42:ea:
c2:7e:9a:82:51:7d:8c:61:b8:f0:6f:f6:92:25:59:
91:2c:6a:c2:3c:3e:30:fb:75:5a:f7:6c:f9:8e:f3:
8e:7e:26:8c:2c:91:81:a0:44:68:25:0c:cc:3a:93:
80:89:17:b1:b5:16:a6:85:96:57:f0:09:7e:29:c8:
fd:ad:52:8b:95:e1:31:55:4f:0f:38:fa:e8:4a:4a:
e3:33:5c:7e:41:e9:c1:a2:e9:79:29:01:d4:33:b1:
09:a4:6a:67:b7:a9:4a:e6:95:f6:71:c1:4c:51:e7:
24:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:F1:F5:89:79:74:FE:84:E2:D6:69:B1:55:38:37:85:42:5F:29:9A
X509v3 Authority Key Identifier:
keyid:B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/EfH1iXl0_oTi1mmxVTg3hUJfKZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.180.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:36:5a:2d:67:79:f9:9d:62:e1:9b:ab:74:91:d8:3e:40:51:
dc:35:8e:62:23:e5:47:fa:c4:3c:17:03:c8:2b:1b:18:4d:05:
9c:eb:9c:71:0b:14:00:ad:94:f5:43:99:d0:ea:dd:01:ba:94:
3b:73:a8:93:2a:6c:66:46:fa:9f:91:62:e9:a7:4e:84:31:60:
90:cf:44:0d:06:85:61:e5:f2:63:55:d1:f5:3a:90:cd:38:93:
7c:45:08:af:40:36:c9:3b:b8:3a:47:ce:ec:22:b8:c1:7e:c7:
88:a6:48:24:ee:86:a3:9a:dd:d2:62:03:cd:09:4a:31:12:12:
db:56:48:29:ec:f7:0c:a1:d4:cf:c4:96:42:b2:5c:24:64:fe:
b4:37:d9:d8:88:64:66:fb:75:17:e9:29:f7:1e:0d:fe:55:25:
70:7e:f8:2d:13:4e:3b:01:b3:0f:f6:21:91:32:0d:ed:8a:c6:
e3:ca:f1:6a:c2:8d:2f:c8:74:80:53:ad:5e:b1:40:3e:3f:0d:
f5:2a:26:48:81:81:81:cd:7a:fc:d8:66:6a:65:4a:e8:c8:75:
18:e5:44:06:0f:c5:85:7b:68:fd:80:2a:8e:93:c4:c7:e5:eb:
43:5e:d4:67:d2:02:15:25:d2:97:d8:6a:04:c6:be:92:f0:ca:
7e:3f:40:67
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECoPMNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MGMyMGFlMWRhY2NhMzE4MTViMjc0NzAyOTI3YzFhNWE5ZGJjN2IzMB4XDTIyMDEw
MTAyNTQxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTFmMWY1ODk3OTc0
ZmU4NGUyZDY2OWIxNTUzODM3ODU0MjVmMjk5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOkAzYmKpxRVOhAj0hFpQ3yYk295/L9htx6mOi6rQbp8j3oM
HrdkzVaev4eKJtFov4IdqRcP8MotWs1t91FN5TjCbuRGJy5wdzi6hx/9mOl4VFq+
nfgvWvqf2634DOSvADqvjFLAg9rGAHG9XEFy7IlY/l/i3kG7m2lrviw7kwUnVjrL
afZB1ocO5AbLkJWZOuiOdkLqwn6aglF9jGG48G/2kiVZkSxqwjw+MPt1Wvds+Y7z
jn4mjCyRgaBEaCUMzDqTgIkXsbUWpoWWV/AJfinI/a1Si5XhMVVPDzj66EpK4zNc
fkHpwaLpeSkB1DOxCaRqZ7epSuaV9nHBTFHnJKsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQR8fWJeXT+hOLWabFVODeFQl8pmjAfBgNVHSMEGDAWgBSwwgrh2syjGBWy
dHApJ8GlqdvHszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NNSUs0ZHJNb3hnVnNuUndLU2ZCcGFuYng3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvODg4ODY5LTdhNjUtNDE1Yi1iNjhmLTU0ODQ0MDJjZWI3YS8x
L0VmSDFpWGwwX29UaTFtbXhWVGczaFVKZktaby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
ODg4ODY5LTdhNjUtNDE1Yi1iNjhmLTU0ODQ0MDJjZWI3YS8xL3NNSUs0ZHJNb3hn
VnNuUndLU2ZCcGFuYng3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAWatDANBgkqhkiG9w0BAQsFAAOC
AQEAfzZaLWd5+Z1i4ZurdJHYPkBR3DWOYiPlR/rEPBcDyCsbGE0FnOuccQsUAK2U
9UOZ0OrdAbqUO3OokypsZkb6n5Fi6adOhDFgkM9EDQaFYeXyY1XR9TqQzTiTfEUI
r0A2yTu4OkfO7CK4wX7HiKZIJO6Go5rd0mIDzQlKMRIS21ZIKez3DKHUz8SWQrJc
JGT+tDfZ2IhkZvt1F+kp9x4N/lUlcH74LRNOOwGzD/YhkTIN7YrG48rxasKNL8h0
gFOtXrFAPj8N9SomSIGBgc16/NhmamVK6Mh1GOVEBg/FhXto/YAqjpPEx+XrQ17U
Z9ICFSXSl9hqBMa+kvDKfj9AZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org