Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/5cFfI34AeARfDAwIi-VMpUH21DM.roa
File: 5cFfI34AeARfDAwIi-VMpUH21DM.roa (raw, json)
Hash identifier: FfKVIY3UmKrN3kIrkfvIFp096O4aEWRksY24fS7bRWo=
Subject key identifier: E5:C1:5F:23:7E:00:78:04:5F:0C:0C:08:8B:E5:4C:A5:41:F6:D4:33
Certificate issuer: /CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Certificate serial: 0791EA12
Authority key identifier: 60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/5cFfI34AeARfDAwIi-VMpUH21DM.roa
Signing time: Thu 03 Mar 2022 19:44:59 +0000
ROA not before: Thu 03 Mar 2022 19:44:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 192.42.65.0/24 maxlen: 24
147.189.163.0/24 maxlen: 24
147.189.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127003154 (0x791ea12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Validity
Not Before: Mar 3 19:44:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e5c15f237e0078045f0c0c088be54ca541f6d433
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b1:db:94:95:3c:b7:2f:14:0f:9f:9e:3c:8e:
91:1b:7a:e0:74:32:5c:4a:d0:ba:54:90:cd:8e:4f:
ba:37:2d:bd:60:eb:20:4a:02:2a:f2:43:90:76:75:
ef:e5:f9:c7:41:48:a4:47:74:31:0b:ac:ee:de:34:
76:6c:a1:b3:c2:88:0a:43:4e:ad:82:39:f9:21:15:
56:ef:14:6f:e5:be:19:92:d3:34:0c:1d:93:0b:f7:
51:bf:f0:3b:e9:7c:9f:ec:6d:2f:17:8f:77:a9:eb:
c9:c1:a1:79:22:19:82:1e:af:fe:68:72:5c:dc:2e:
e0:30:df:54:0b:29:81:78:75:17:1e:17:84:ca:fe:
2d:30:69:36:39:37:90:d5:3a:46:d6:72:81:46:94:
bf:03:af:51:c3:c7:b8:19:df:b1:c9:f7:66:4a:8e:
21:fb:ac:9a:90:51:59:23:40:56:0d:37:b7:f5:19:
b4:49:8b:45:8c:f7:20:3c:a7:1f:eb:ad:47:26:75:
db:d7:b8:1e:5b:d9:7d:01:53:3f:2f:c4:b2:f1:61:
16:3b:47:b5:a0:6f:25:af:dd:b8:c4:74:a7:a2:90:
a8:2c:fe:7a:50:bd:44:08:70:e7:cf:02:69:dc:70:
3e:a9:df:ad:47:30:6e:69:8b:2f:62:ed:bb:cc:d0:
fe:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:C1:5F:23:7E:00:78:04:5F:0C:0C:08:8B:E5:4C:A5:41:F6:D4:33
X509v3 Authority Key Identifier:
keyid:60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/5cFfI34AeARfDAwIi-VMpUH21DM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.162.0/23
192.42.65.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:03:2d:0b:c7:a7:88:4f:4e:b5:a6:59:8a:c0:f6:e5:bd:2d:
ab:7c:5d:14:e0:00:1b:c5:bd:9b:d9:b2:89:7d:1e:16:da:dd:
04:ca:55:75:60:7f:de:b0:41:f3:eb:6c:65:40:3c:14:36:5c:
9e:48:09:06:f4:86:8d:8d:a4:d2:4d:19:d3:bf:07:42:b5:96:
50:bc:12:c6:15:61:35:86:16:fe:3b:01:3d:1b:38:92:84:14:
db:f4:fa:7d:bf:b1:67:6e:b0:e7:2f:37:ec:2c:46:8d:0e:a9:
a4:88:5e:4b:b6:55:30:af:1c:8d:21:12:9c:dd:f1:dd:a8:e0:
30:75:6b:79:5a:32:dc:b6:99:4c:ab:d2:da:b0:ca:2a:b2:a3:
6a:88:31:76:46:34:64:65:b8:af:f5:5a:56:2d:9a:0a:ce:4b:
09:01:9b:23:21:91:86:08:11:15:ed:96:17:17:66:e8:c7:cf:
23:dd:af:d2:fe:75:cd:72:19:79:e2:f1:5e:8b:c0:10:e4:87:
0a:90:6f:c4:06:53:10:df:c4:2e:7d:79:81:dc:83:b5:7c:95:
b8:63:fd:ee:da:5b:55:3c:cc:ef:b5:d3:8d:3a:72:90:37:57:
5a:95:2c:48:8c:e5:63:8b:9a:48:e7:a2:08:0a:a5:29:d2:dc:
18:0e:66:fa
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEB5HqEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDk5OGQzYzlkOGJkYzljMWRmZjhlMzE5NDI0NDEyYjZjZGMxZGQzMB4XDTIyMDMw
MzE5NDQ1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTVjMTVmMjM3ZTAw
NzgwNDVmMGMwYzA4OGJlNTRjYTU0MWY2ZDQzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALex25SVPLcvFA+fnjyOkRt64HQyXErQulSQzY5PujctvWDr
IEoCKvJDkHZ17+X5x0FIpEd0MQus7t40dmyhs8KICkNOrYI5+SEVVu8Ub+W+GZLT
NAwdkwv3Ub/wO+l8n+xtLxePd6nrycGheSIZgh6v/mhyXNwu4DDfVAspgXh1Fx4X
hMr+LTBpNjk3kNU6RtZygUaUvwOvUcPHuBnfscn3ZkqOIfusmpBRWSNAVg03t/UZ
tEmLRYz3IDynH+utRyZ129e4HlvZfQFTPy/EsvFhFjtHtaBvJa/duMR0p6KQqCz+
elC9RAhw588CadxwPqnfrUcwbmmLL2Ltu8zQ/mUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTlwV8jfgB4BF8MDAiL5UylQfbUMzAfBgNVHSMEGDAWgBRgmY08nYvcnB3/
jjGUJEErbNwd0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lKbU5QSjJMM0p3ZF80NHhsQ1JCSzJ6Y0hkTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvNzc5YWU5LTdkMjItNDI1Mi04YzViLTBlYTRkNTMxYjc5My8x
LzVjRmZJMzRBZUFSZkRBd0lpLVZNcFVIMjFETS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
Nzc5YWU5LTdkMjItNDI1Mi04YzViLTBlYTRkNTMxYjc5My8xL1lKbU5QSjJMM0p3
ZF80NHhsQ1JCSzJ6Y0hkTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAZO9ogMEAMAqQTANBgkqhkiG9w0B
AQsFAAOCAQEArAMtC8eniE9OtaZZisD25b0tq3xdFOAAG8W9m9myiX0eFtrdBMpV
dWB/3rBB8+tsZUA8FDZcnkgJBvSGjY2k0k0Z078HQrWWULwSxhVhNYYW/jsBPRs4
koQU2/T6fb+xZ26w5y837CxGjQ6ppIheS7ZVMK8cjSESnN3x3ajgMHVreVoy3LaZ
TKvS2rDKKrKjaogxdkY0ZGW4r/VaVi2aCs5LCQGbIyGRhggRFe2WFxdm6MfPI92v
0v51zXIZeeLxXovAEOSHCpBvxAZTEN/ELn15gdyDtXyVuGP97tpbVTzM77XTjTpy
kDdXWpUsSIzlY4uaSOeiCAqlKdLcGA5m+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:06 2024 by rpki-client on console-ams.rpki-client.org