Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/5eDayGdpqGGbztBrVaRoePP3SWo.roa
File: 5eDayGdpqGGbztBrVaRoePP3SWo.roa (raw, json)
Hash identifier: TK6hzCSHuCfWLfmhf5ZuFaOY3lu9Er35twYwfBju+Gc=
Subject key identifier: E5:E0:DA:C8:67:69:A8:61:9B:CE:D0:6B:55:A4:68:78:F3:F7:49:6A
Certificate issuer: /CN=fb744006eac3084bf88f128349b0e733bb3d79e3
Certificate serial: 0918AD98
Authority key identifier: FB:74:40:06:EA:C3:08:4B:F8:8F:12:83:49:B0:E7:33:BB:3D:79:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3RABurDCEv4jxKDSbDnM7s9eeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/5eDayGdpqGGbztBrVaRoePP3SWo.roa
Signing time: Mon 03 Jan 2022 12:56:35 +0000
ROA not before: Mon 03 Jan 2022 12:56:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210578
IP address blocks: 2.58.56.0/24 maxlen: 24
2.58.57.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152612248 (0x918ad98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb744006eac3084bf88f128349b0e733bb3d79e3
Validity
Not Before: Jan 3 12:56:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e5e0dac86769a8619bced06b55a46878f3f7496a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9a:4a:dd:db:49:4c:2e:c1:6e:7b:f6:bf:f0:
95:e6:ed:3f:bc:20:12:22:7b:e6:3f:44:05:b6:fb:
8a:5b:d8:f8:5d:b6:06:22:58:51:dd:b7:9a:39:d2:
15:73:30:76:c2:2d:a0:36:b6:68:08:26:7e:66:71:
42:25:cc:64:11:e7:4e:f4:04:81:b5:0a:cd:0e:85:
09:9e:be:1b:6b:98:0d:63:07:85:3f:01:d5:57:e2:
e2:c1:d1:3a:1c:a6:49:ec:28:94:46:fb:67:c5:25:
26:fb:75:eb:ed:c1:97:df:c1:3f:e4:bc:fe:e6:2a:
34:9e:a2:50:b3:94:42:0d:59:21:6d:ae:55:6a:50:
04:5f:07:ef:9d:bc:ef:35:48:f2:70:53:6d:00:60:
95:7c:79:17:c1:41:d8:9c:e7:58:ee:ee:a4:4e:d5:
10:24:b3:34:e6:99:22:ab:21:4e:83:97:16:9d:71:
d1:3d:36:59:00:0a:4e:1c:39:35:a2:05:73:e7:66:
5d:e5:df:84:8d:8d:f4:e1:c2:f7:59:72:d3:25:31:
a5:3f:e2:b6:6f:e5:3b:b8:75:ce:21:bc:60:3a:1f:
44:47:a4:ff:a6:3c:e6:00:ee:13:17:50:e6:37:07:
21:7b:70:d6:6b:6d:4b:6a:7b:9a:df:37:8a:d9:67:
b8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:E0:DA:C8:67:69:A8:61:9B:CE:D0:6B:55:A4:68:78:F3:F7:49:6A
X509v3 Authority Key Identifier:
keyid:FB:74:40:06:EA:C3:08:4B:F8:8F:12:83:49:B0:E7:33:BB:3D:79:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3RABurDCEv4jxKDSbDnM7s9eeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/5eDayGdpqGGbztBrVaRoePP3SWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/17836a-d678-41ca-8fb2-5eb7bef9a7a8/1/1-3RABurDCEv4jxKDSbDnM7s9eeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.56.0/23
Signature Algorithm: sha256WithRSAEncryption
32:1b:a9:ef:b3:ec:20:dc:b8:a6:2f:e0:90:dd:2e:87:28:60:
15:64:f5:69:7e:5c:06:b4:34:42:84:1a:cc:4b:b9:2c:75:5b:
38:e8:94:4d:8d:fc:e2:5e:e2:8b:3d:34:44:be:cb:d0:bd:3f:
f9:3a:50:be:7a:6a:64:6e:3f:14:36:e7:04:87:6a:a0:1b:62:
c2:46:40:4d:39:84:2c:6f:b9:74:28:d4:a5:46:d7:3a:d5:66:
be:6c:f0:ed:4d:08:d3:63:7a:05:9e:02:ad:08:e5:fc:44:7e:
e3:3e:8b:fd:92:27:85:87:72:be:09:d4:04:be:c0:2e:0d:fe:
d6:08:e9:7c:69:5c:c6:d5:b0:39:a1:fa:ff:79:d0:62:1a:17:
fa:5a:b8:dc:c5:7d:46:02:fc:67:75:7b:1a:ec:32:fa:5b:f4:
f7:bb:a9:c2:dc:82:3b:c1:a4:12:aa:fb:d6:f4:67:93:d6:2f:
e3:56:18:5c:18:6d:98:b7:56:be:5d:b1:e6:ef:fc:c0:3b:f8:
ec:71:39:93:f0:d1:c3:7a:ad:88:e6:8e:0f:54:6f:a5:b7:61:
30:1d:d6:c7:8c:7b:e3:8f:b5:32:e9:c8:e7:0c:21:6d:3b:8c:
24:fd:42:3b:3a:6e:08:3c:47:82:17:fc:22:88:ee:21:d0:0b:
5c:3a:99:42
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECRitmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Yjc0NDAwNmVhYzMwODRiZjg4ZjEyODM0OWIwZTczM2JiM2Q3OWUzMB4XDTIyMDEw
MzEyNTYzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTVlMGRhYzg2NzY5
YTg2MTliY2VkMDZiNTVhNDY4NzhmM2Y3NDk2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeaSt3bSUwuwW579r/wlebtP7wgEiJ75j9EBbb7ilvY+F22
BiJYUd23mjnSFXMwdsItoDa2aAgmfmZxQiXMZBHnTvQEgbUKzQ6FCZ6+G2uYDWMH
hT8B1Vfi4sHROhymSewolEb7Z8UlJvt16+3Bl9/BP+S8/uYqNJ6iULOUQg1ZIW2u
VWpQBF8H75287zVI8nBTbQBglXx5F8FB2JznWO7upE7VECSzNOaZIqshToOXFp1x
0T02WQAKThw5NaIFc+dmXeXfhI2N9OHC91ly0yUxpT/itm/lO7h1ziG8YDofREek
/6Y85gDuExdQ5jcHIXtw1mttS2p7mt83itlnuJECAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBTl4NrIZ2moYZvO0GtVpGh48/dJajAfBgNVHSMEGDAWgBT7dEAG6sMIS/iP
EoNJsOczuz154zAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtM1JBQnVyRENFdjRqeEtEU2JEbk03czllZU0uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2ZlLzE3ODM2YS1kNjc4LTQxY2EtOGZiMi01ZWI3YmVmOWE3YTgv
MS81ZURheUdkcHFHR2J6dEJyVmFSb2VQUDNTV28ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Zl
LzE3ODM2YS1kNjc4LTQxY2EtOGZiMi01ZWI3YmVmOWE3YTgvMS8xLTNSQUJ1ckRD
RXY0anhLRFNiRG5NN3M5ZWVNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBAjo4MA0GCSqGSIb3DQEBCwUA
A4IBAQAyG6nvs+wg3LimL+CQ3S6HKGAVZPVpflwGtDRChBrMS7ksdVs46JRNjfzi
XuKLPTREvsvQvT/5OlC+empkbj8UNucEh2qgG2LCRkBNOYQsb7l0KNSlRtc61Wa+
bPDtTQjTY3oFngKtCOX8RH7jPov9kieFh3K+CdQEvsAuDf7WCOl8aVzG1bA5ofr/
edBiGhf6WrjcxX1GAvxndXsa7DL6W/T3u6nC3II7waQSqvvW9GeT1i/jVhhcGG2Y
t1a+XbHm7/zAO/jscTmT8NHDeq2I5o4PVG+lt2EwHdbHjHvjj7Uy6cjnDCFtO4wk
/UI7Om4IPEeCF/wiiO4h0AtcOplC
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:00 2023 by rpki-client on console-fra.rpki-client.org