Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/9Ua5w3i3hNnRvdugF5SVD2EHQUM.roa
File: 9Ua5w3i3hNnRvdugF5SVD2EHQUM.roa (raw, json)
Hash identifier: hp2nkCE+kTfI7GYFVeuU7M1nxKn9AfgdvE/PObht/nU=
Subject key identifier: F5:46:B9:C3:78:B7:84:D9:D1:BD:DB:A0:17:94:95:0F:61:07:41:43
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018EECAB801733963D66D47AE457F70E99A1
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/9Ua5w3i3hNnRvdugF5SVD2EHQUM.roa
Signing time: Wed 17 Apr 2024 15:27:26 +0000
ROA not before: Wed 17 Apr 2024 15:27:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 37.153.132.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ec:ab:80:17:33:96:3d:66:d4:7a:e4:57:f7:0e:99:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Apr 17 15:27:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f546b9c378b784d9d1bddba01794950f61074143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:19:4a:a3:5c:29:b5:3c:27:65:67:bf:32:f6:
d6:3e:c0:ff:5e:af:8e:25:f5:aa:c2:34:cc:d4:4f:
ef:b5:3a:b9:92:20:cc:c9:0b:74:45:94:23:c9:16:
41:17:b6:0d:ef:1b:61:de:91:12:3c:39:3b:62:18:
0e:0d:27:f9:13:c6:6d:9b:e2:61:48:ac:ab:d2:c5:
05:44:00:46:77:fc:7f:20:f4:15:3a:b8:d3:d6:72:
4a:b4:b4:94:21:e2:b6:9d:9f:b0:7a:91:30:84:23:
f3:34:d2:c0:41:ff:41:ca:9b:86:51:fe:94:51:d4:
71:1d:d3:79:e4:df:cb:4c:60:6a:94:5f:f3:d5:58:
ba:88:4a:26:b8:41:f9:f6:63:5d:2e:64:69:10:df:
34:fe:ca:0d:c1:4c:61:89:00:b5:ec:9c:6a:51:14:
cb:5a:a9:bc:de:31:12:56:20:7b:9e:dd:2c:e7:34:
b7:36:17:89:c8:b9:e7:db:8d:d6:28:68:7e:e9:8c:
d6:a6:da:1e:2e:95:38:c6:70:ef:1d:15:52:43:10:
3a:d3:6d:cc:a4:02:0d:7d:44:72:b7:d0:df:7a:6d:
7f:7b:04:d7:7e:3c:21:14:d3:35:99:99:94:9e:07:
bb:dc:29:45:b7:d4:c4:d0:ac:f3:4e:4b:2d:99:17:
00:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:46:B9:C3:78:B7:84:D9:D1:BD:DB:A0:17:94:95:0F:61:07:41:43
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/9Ua5w3i3hNnRvdugF5SVD2EHQUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.132.0/24
Signature Algorithm: sha256WithRSAEncryption
10:44:26:70:43:89:0b:c0:e5:4c:ad:27:f7:1e:10:59:5b:3c:
96:46:08:51:be:2c:28:f1:d7:6e:1d:68:47:15:9d:ad:a3:ee:
8e:07:92:65:50:a4:7d:97:d9:7b:f9:31:1c:c2:a1:a2:94:77:
f9:a0:a9:0e:c9:87:ab:e8:38:a8:8f:e1:63:e7:94:6d:2c:29:
84:7c:3e:43:b1:e5:cc:95:9c:ee:cd:3b:47:68:b2:2c:14:4a:
ca:85:95:53:3d:ee:8f:a2:1e:40:0d:fb:4a:d6:9a:d9:ca:46:
a0:f7:57:f3:5e:25:d8:e9:58:47:f2:dd:eb:67:80:f9:27:ca:
11:ca:22:00:09:a0:49:f0:89:c8:84:54:32:ca:ec:8c:25:95:
0c:2c:df:ca:2a:64:2a:e6:98:3a:6d:82:f0:47:37:a3:8f:df:
a8:04:aa:99:9b:4d:1e:7a:88:d1:8d:1e:ae:ad:54:46:5e:82:
0b:80:bf:2f:93:d7:9c:83:1a:ee:08:6b:28:84:94:82:62:7c:
a7:20:aa:89:0c:7f:56:bb:85:d7:7a:1c:53:3b:d6:21:05:69:
4b:f0:12:5f:a4:7e:34:13:6e:ec:f5:64:be:ce:c8:01:fe:f1:
40:ed:10:8a:27:53:d1:d5:e9:c5:9e:f9:06:a3:fd:d3:a7:86:
af:2a:e3:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7sq4AXM5Y9ZtR65Ff3DpmhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwNDE3MTUyNzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTQ2YjljMzc4Yjc4NGQ5ZDFiZGRiYTAxNzk0OTUwZjYxMDc0MTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthlKo1wptTwnZWe/MvbWPsD/Xq+O
JfWqwjTM1E/vtTq5kiDMyQt0RZQjyRZBF7YN7xth3pESPDk7YhgODSf5E8Ztm+Jh
SKyr0sUFRABGd/x/IPQVOrjT1nJKtLSUIeK2nZ+wepEwhCPzNNLAQf9BypuGUf6U
UdRxHdN55N/LTGBqlF/z1Vi6iEomuEH59mNdLmRpEN80/soNwUxhiQC17JxqURTL
Wqm83jESViB7nt0s5zS3NheJyLnn243WKGh+6YzWptoeLpU4xnDvHRVSQxA6023M
pAINfURyt9Dfem1/ewTXfjwhFNM1mZmUnge73ClFt9TE0KzzTkstmRcAfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPVGucN4t4TZ0b3boBeUlQ9hB0FDMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvOVVhNXczaTNoTm5SdmR1Z0Y1U1ZEMkVIUVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJZmEMA0G
CSqGSIb3DQEBCwUAA4IBAQAQRCZwQ4kLwOVMrSf3HhBZWzyWRghRviwo8dduHWhH
FZ2to+6OB5JlUKR9l9l7+TEcwqGilHf5oKkOyYer6Dioj+Fj55RtLCmEfD5DseXM
lZzuzTtHaLIsFErKhZVTPe6Poh5ADftK1prZykag91fzXiXY6VhH8t3rZ4D5J8oR
yiIACaBJ8InIhFQyyuyMJZUMLN/KKmQq5pg6bYLwRzejj9+oBKqZm00eeojRjR6u
rVRGXoILgL8vk9ecgxruCGsohJSCYnynIKqJDH9Wu4XXehxTO9YhBWlL8BJfpH40
E27s9WS+zsgB/vFA7RCKJ1PR1enFnvkGo/3Tp4avKuNR
-----END CERTIFICATE-----
Generated at Fri Aug 2 12:06:49 2024 by rpki-client on console-fra.rpki-client.org