Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/mz5_KREEknujZQoXHfbHmQZrYvg.roa
File: mz5_KREEknujZQoXHfbHmQZrYvg.roa (raw, json)
Hash identifier: RyVzCNKBTWp7O5OXhcD39xmyvlXTnA4tHgWAJ9wEpXY=
Subject key identifier: 9B:3E:7F:29:11:04:92:7B:A3:65:0A:17:1D:F6:C7:99:06:6B:62:F8
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 018EC78259E7A8A3918EA324D363F82BCDF5
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/mz5_KREEknujZQoXHfbHmQZrYvg.roa
Signing time: Wed 10 Apr 2024 10:16:32 +0000
ROA not before: Wed 10 Apr 2024 10:16:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 5.42.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c7:82:59:e7:a8:a3:91:8e:a3:24:d3:63:f8:2b:cd:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Apr 10 10:16:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b3e7f291104927ba3650a171df6c799066b62f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ee:1e:1c:8f:05:07:b0:5e:29:90:e6:79:68:
13:0e:32:cc:9c:a5:f0:7c:5d:5b:c2:9c:50:5a:8f:
f0:fc:3d:d6:f9:c9:0a:9a:86:f7:ce:31:a0:50:cb:
41:d9:57:6d:45:4f:90:4d:94:f2:19:6a:5d:99:9e:
73:be:1d:dd:4c:2c:f2:d1:56:3f:cc:a3:cb:4d:6c:
d1:53:d7:78:e3:ae:4d:50:58:fd:13:44:20:d2:7a:
26:de:bf:ab:f4:cc:54:1d:71:52:d7:01:65:e4:58:
59:97:25:a9:1d:c5:a1:97:23:71:6a:ab:68:e3:ae:
a2:08:83:49:6d:19:41:fa:40:d9:6b:8a:a0:d0:9f:
ef:45:da:cb:ce:57:d7:ca:72:a8:e4:b7:c5:d8:7e:
30:37:fe:b6:0c:fa:ae:34:fa:5d:ac:69:0e:47:86:
8b:3b:ed:a0:5e:33:1c:af:9b:fb:9c:a0:75:83:31:
9a:ab:cc:aa:e7:b8:49:da:dc:fc:5c:89:97:be:f0:
df:f6:17:cb:b7:a5:31:dd:ec:76:80:34:e8:f4:3f:
29:d0:a4:b8:68:8c:12:6f:1e:2e:a2:6e:65:dd:5e:
f8:c8:7f:cc:a7:86:95:db:71:fc:79:70:6c:2e:12:
81:b6:dd:49:43:5c:5c:c0:c1:99:a3:0e:83:05:8e:
9a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:3E:7F:29:11:04:92:7B:A3:65:0A:17:1D:F6:C7:99:06:6B:62:F8
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/mz5_KREEknujZQoXHfbHmQZrYvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.220.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:9a:ae:74:63:cd:0a:0d:67:d7:ce:32:22:30:0b:28:92:67:
cd:ca:8c:8d:70:0c:0b:32:4f:f6:c7:0a:31:d4:dc:5f:e3:dd:
a3:07:42:f7:ef:87:63:31:66:0a:89:f9:ef:85:a1:94:de:43:
d0:60:c5:24:22:84:dd:4b:82:4d:ce:5f:13:de:d2:c7:d6:18:
d2:d4:9a:4e:4c:ec:2e:86:ba:98:e2:e7:4e:65:13:b9:d4:75:
49:59:fa:23:41:9e:66:cc:2d:b3:db:8d:04:92:a1:12:fa:ad:
f6:86:78:84:51:c8:6b:f1:e8:c9:0b:60:82:07:51:be:61:0c:
b5:41:14:0e:5e:f8:49:18:67:14:ba:85:39:15:48:bc:30:db:
1d:ec:5b:52:a2:7f:2a:8a:29:41:68:4c:da:11:0f:11:54:16:
e4:5a:83:3c:33:61:a1:d5:8b:60:99:b9:11:de:d4:f0:5b:2c:
df:e9:95:45:33:60:1d:f7:07:6a:fe:1a:f7:ca:ed:d7:4d:29:
fc:fe:58:ad:5a:79:27:a2:f5:a3:b8:5e:7f:c2:ad:5c:70:46:
64:5b:a2:1b:60:d4:81:f9:fd:ed:84:77:58:61:e6:ad:bb:a6:
10:1c:91:1a:61:6b:ee:96:82:2b:df:9b:9f:30:97:74:a2:58:
39:71:f6:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7HglnnqKORjqMk02P4K831MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjQwNDEwMTAxNjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjNlN2YyOTExMDQ5MjdiYTM2NTBhMTcxZGY2Yzc5OTA2NmI2MmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApu4eHI8FB7BeKZDmeWgTDjLMnKXw
fF1bwpxQWo/w/D3W+ckKmob3zjGgUMtB2VdtRU+QTZTyGWpdmZ5zvh3dTCzy0VY/
zKPLTWzRU9d4465NUFj9E0Qg0nom3r+r9MxUHXFS1wFl5FhZlyWpHcWhlyNxaqto
466iCINJbRlB+kDZa4qg0J/vRdrLzlfXynKo5LfF2H4wN/62DPquNPpdrGkOR4aL
O+2gXjMcr5v7nKB1gzGaq8yq57hJ2tz8XImXvvDf9hfLt6Ux3ex2gDTo9D8p0KS4
aIwSbx4uom5l3V74yH/Mp4aV23H8eXBsLhKBtt1JQ1xcwMGZow6DBY6amwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJs+fykRBJJ7o2UKFx32x5kGa2L4MB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvbXo1X0tSRUVrbnVqWlFvWEhmYkhtUVpyWXZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSrcMA0G
CSqGSIb3DQEBCwUAA4IBAQAvmq50Y80KDWfXzjIiMAsokmfNyoyNcAwLMk/2xwox
1Nxf492jB0L374djMWYKifnvhaGU3kPQYMUkIoTdS4JNzl8T3tLH1hjS1JpOTOwu
hrqY4udOZRO51HVJWfojQZ5mzC2z240EkqES+q32hniEUchr8ejJC2CCB1G+YQy1
QRQOXvhJGGcUuoU5FUi8MNsd7FtSon8qiilBaEzaEQ8RVBbkWoM8M2Gh1YtgmbkR
3tTwWyzf6ZVFM2Ad9wdq/hr3yu3XTSn8/litWnknovWjuF5/wq1ccEZkW6IbYNSB
+f3thHdYYeatu6YQHJEaYWvuloIr35ufMJd0olg5cfYc
Generated at Mon Aug 19 10:52:58 2024 by rpki-client on console-fra.rpki-client.org