Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/1iDoVQntR0za_nkBzTTlp89ojs8.roa
File: 1iDoVQntR0za_nkBzTTlp89ojs8.roa (raw, json)
Hash identifier: 3Cgi4HnE86priRyf1Ngy/nQooJOIWpp3OzSeKNWJz5E=
Subject key identifier: D6:20:E8:55:09:ED:47:4C:DA:FE:79:01:CD:34:E5:A7:CF:68:8E:CF
Certificate issuer: /CN=ab1d0e7e818baf9a7afb9866124292a61aafb8ca
Certificate serial: 0189E47A78C2BBD9CC71196F30D8797F4A46
Authority key identifier: AB:1D:0E:7E:81:8B:AF:9A:7A:FB:98:66:12:42:92:A6:1A:AF:B8:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qx0OfoGLr5p6-5hmEkKSphqvuMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/1iDoVQntR0za_nkBzTTlp89ojs8.roa
Signing time: Fri 11 Aug 2023 12:02:58 +0000
ROA not before: Fri 11 Aug 2023 12:02:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57922
IP address blocks: 5.250.253.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e4:7a:78:c2:bb:d9:cc:71:19:6f:30:d8:79:7f:4a:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab1d0e7e818baf9a7afb9866124292a61aafb8ca
Validity
Not Before: Aug 11 12:02:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d620e85509ed474cdafe7901cd34e5a7cf688ecf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d3:68:88:97:bf:55:2b:8b:ae:cc:f1:1a:6d:
eb:1d:34:6b:9b:0c:d7:d1:95:39:59:b7:a7:65:60:
26:33:0d:bb:52:56:6d:d4:e5:4a:bd:c4:d0:f3:bf:
2b:55:73:d0:e6:b9:a0:4e:f3:e9:17:17:89:9a:c2:
fe:e9:71:5b:92:ea:b7:3d:4c:83:fa:57:8f:f0:b8:
c6:1a:60:dd:f0:9f:3d:0e:65:3f:01:1e:6c:52:e2:
ff:c3:ef:98:69:4c:f9:19:bf:b7:7f:af:b4:0b:7e:
b6:26:72:f1:6c:d9:00:79:26:52:ee:3f:40:fd:66:
74:5a:7e:c0:77:5d:90:87:f7:e1:d0:63:d8:f2:37:
14:07:c8:11:ff:c2:0f:5d:85:d9:73:ae:55:0e:29:
2e:5a:59:99:38:0a:c0:ad:b8:44:8e:85:9e:ed:02:
29:c0:de:28:d9:86:d4:bd:72:02:43:5b:b2:98:e4:
e9:0c:7e:c4:e0:bc:ed:be:58:45:fa:fa:5f:b3:b6:
aa:6b:53:c6:90:02:47:3f:26:88:48:3b:9d:07:e3:
df:9f:3c:77:ff:a1:2d:40:cf:83:b0:d0:7b:fc:c8:
28:11:7b:fd:d3:35:9b:1a:61:23:83:b9:94:6f:0c:
6b:cf:82:df:b4:c7:a9:a3:60:ff:57:fc:70:4a:e8:
92:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:20:E8:55:09:ED:47:4C:DA:FE:79:01:CD:34:E5:A7:CF:68:8E:CF
X509v3 Authority Key Identifier:
keyid:AB:1D:0E:7E:81:8B:AF:9A:7A:FB:98:66:12:42:92:A6:1A:AF:B8:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qx0OfoGLr5p6-5hmEkKSphqvuMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/1iDoVQntR0za_nkBzTTlp89ojs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/qx0OfoGLr5p6-5hmEkKSphqvuMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.253.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:67:ae:c2:63:36:a9:95:fa:49:de:4f:3d:cc:d1:77:0d:72:
95:9a:88:de:06:40:a2:88:52:7c:56:dd:f5:be:09:a4:69:7d:
37:19:56:9a:cb:5a:3a:ff:a7:7a:8c:dd:49:b9:b8:ac:ab:87:
3e:86:90:a2:ea:b7:5e:6b:d8:d2:b0:f1:34:16:b7:c4:21:70:
48:9a:71:5b:89:a8:9a:ee:9b:7c:bf:ec:94:66:d1:42:a7:d2:
7c:58:5f:ff:1b:c4:03:75:e8:4e:f8:95:ec:ae:c6:64:a1:bf:
37:33:0d:ca:a2:0f:95:56:c2:b2:24:85:03:b0:d1:4e:f3:1d:
96:4c:3a:dd:3b:b1:70:20:8a:79:3f:c3:78:5c:a4:44:e4:c7:
4f:81:4c:78:91:dd:ea:38:e8:ae:81:e5:55:69:22:23:3a:02:
e5:4f:ad:9d:55:66:48:e7:9c:c6:61:20:3c:d3:48:05:5e:c0:
6a:2a:ea:1e:a6:0c:15:c9:4a:e9:ce:11:0c:61:54:a8:1d:58:
47:28:5b:de:d5:12:ad:a1:ec:56:49:5d:f6:51:69:e5:f8:f5:
92:52:33:bb:a5:f8:f4:4b:ba:eb:61:f3:c7:71:98:fe:6c:0c:
37:cc:65:fc:ad:31:0f:62:d6:eb:7f:3c:4f:f9:37:13:59:59:
e1:c6:64:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnkenjCu9nMcRlvMNh5f0pGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMWQwZTdlODE4YmFmOWE3YWZiOTg2NjEyNDI5MmE2MWFh
ZmI4Y2EwHhcNMjMwODExMTIwMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjIwZTg1NTA5ZWQ0NzRjZGFmZTc5MDFjZDM0ZTVhN2NmNjg4ZWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtNoiJe/VSuLrszxGm3rHTRrmwzX
0ZU5WbenZWAmMw27UlZt1OVKvcTQ878rVXPQ5rmgTvPpFxeJmsL+6XFbkuq3PUyD
+leP8LjGGmDd8J89DmU/AR5sUuL/w++YaUz5Gb+3f6+0C362JnLxbNkAeSZS7j9A
/WZ0Wn7Ad12Qh/fh0GPY8jcUB8gR/8IPXYXZc65VDikuWlmZOArArbhEjoWe7QIp
wN4o2YbUvXICQ1uymOTpDH7E4LztvlhF+vpfs7aqa1PGkAJHPyaISDudB+Pfnzx3
/6EtQM+DsNB7/MgoEXv90zWbGmEjg7mUbwxrz4LftMepo2D/V/xwSuiSMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNYg6FUJ7UdM2v55Ac005afPaI7PMB8GA1UdIwQY
MBaAFKsdDn6Bi6+aevuYZhJCkqYar7jKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXgwT2ZvR0xyNXA2LTVobUVrS1NwaHF2dU1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8xMjRjMzUtOTUyMy00M2I3LWI3ZWIt
ZWE1OTI2NGY5MDgzLzEvMWlEb1ZRbnRSMHphX25rQnpUVGxwODlvanM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8xMjRjMzUtOTUyMy00M2I3LWI3ZWItZWE1OTI2NGY5MDgz
LzEvcXgwT2ZvR0xyNXA2LTVobUVrS1NwaHF2dU1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABfr9MA0G
CSqGSIb3DQEBCwUAA4IBAQA+Z67CYzaplfpJ3k89zNF3DXKVmojeBkCiiFJ8Vt31
vgmkaX03GVaay1o6/6d6jN1Jubisq4c+hpCi6rdea9jSsPE0FrfEIXBImnFbiaia
7pt8v+yUZtFCp9J8WF//G8QDdehO+JXsrsZkob83Mw3Kog+VVsKyJIUDsNFO8x2W
TDrdO7FwIIp5P8N4XKRE5MdPgUx4kd3qOOiugeVVaSIjOgLlT62dVWZI55zGYSA8
00gFXsBqKuoepgwVyUrpzhEMYVSoHVhHKFve1RKtoexWSV32UWnl+PWSUjO7pfj0
S7rrYfPHcZj+bAw3zGX8rTEPYtbrfzxP+TcTWVnhxmTy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:18 2024 by rpki-client on console-ams.rpki-client.org