Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/dea46a-b58a-4609-9df8-0e037f3d5805/1/t9IKYB3XBWVecCzDIjDXyvmYBDA.roa
File: t9IKYB3XBWVecCzDIjDXyvmYBDA.roa (raw, json)
Hash identifier: iSuXOhTfRUAZ/1YxqAmqMgBS0k/jF0T+iNc0PVIfGJM=
Subject key identifier: B7:D2:0A:60:1D:D7:05:65:5E:70:2C:C3:22:30:D7:CA:F9:98:04:30
Certificate issuer: /CN=28af17c00757b9860ff6a56ffe2f47e69094e2f6
Certificate serial: 018CC26D5A18F86B65CFD7818FF53968E7F2
Authority key identifier: 28:AF:17:C0:07:57:B9:86:0F:F6:A5:6F:FE:2F:47:E6:90:94:E2:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KK8XwAdXuYYP9qVv_i9H5pCU4vY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/dea46a-b58a-4609-9df8-0e037f3d5805/1/t9IKYB3XBWVecCzDIjDXyvmYBDA.roa
Signing time: Mon 01 Jan 2024 00:29:55 +0000
ROA not before: Mon 01 Jan 2024 00:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48737
IP address blocks: 5.181.17.0/24 maxlen: 24
5.181.18.0/24 maxlen: 24
5.181.19.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:5a:18:f8:6b:65:cf:d7:81:8f:f5:39:68:e7:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28af17c00757b9860ff6a56ffe2f47e69094e2f6
Validity
Not Before: Jan 1 00:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7d20a601dd705655e702cc32230d7caf9980430
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8d:09:5e:14:0e:fc:d0:8b:9f:c0:6c:4a:92:
82:f9:92:3e:72:4c:d2:a7:91:f6:04:43:70:da:a5:
a2:54:bf:7a:c1:fe:61:0d:8b:ba:ec:1a:f9:bd:3c:
18:56:a2:45:1d:3c:df:49:8a:1e:c8:ef:ef:88:34:
e5:b4:aa:89:a4:09:5a:3b:cf:52:40:ff:84:09:62:
8c:4e:4f:3a:de:47:f0:d9:52:06:92:16:5e:81:c9:
e8:df:4f:e2:57:8c:01:bd:58:d0:8b:28:35:a3:71:
ea:a6:4e:0a:7d:aa:1a:39:e3:27:e3:07:c1:e5:2e:
e2:89:8c:f5:40:bb:5e:50:63:46:0e:56:1a:55:44:
c5:81:74:18:1b:27:43:09:94:dd:27:9e:d5:70:08:
15:45:96:27:43:c2:c5:f7:be:bb:2f:d5:b0:31:f5:
6e:e4:5c:cd:90:b8:66:b4:4f:a9:1f:d7:de:85:31:
7a:fa:fd:76:eb:27:7a:63:0d:61:39:fb:92:16:6c:
94:78:83:dd:a8:e1:61:43:82:3c:b7:b1:51:21:93:
6c:1c:9a:1b:79:12:5b:49:1a:92:d2:ce:17:df:5c:
c3:00:73:ec:ba:c5:2f:0b:4a:1d:4b:33:56:30:77:
bb:83:c7:c0:af:cb:a6:0e:84:d0:55:e2:3f:4e:bc:
e5:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:D2:0A:60:1D:D7:05:65:5E:70:2C:C3:22:30:D7:CA:F9:98:04:30
X509v3 Authority Key Identifier:
keyid:28:AF:17:C0:07:57:B9:86:0F:F6:A5:6F:FE:2F:47:E6:90:94:E2:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KK8XwAdXuYYP9qVv_i9H5pCU4vY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/dea46a-b58a-4609-9df8-0e037f3d5805/1/t9IKYB3XBWVecCzDIjDXyvmYBDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/dea46a-b58a-4609-9df8-0e037f3d5805/1/KK8XwAdXuYYP9qVv_i9H5pCU4vY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.17.0-5.181.19.255
Signature Algorithm: sha256WithRSAEncryption
2a:67:8f:42:ca:65:ec:e2:06:9f:2f:ee:38:a1:86:03:dc:79:
1d:e9:b6:07:e7:c1:4e:ce:45:36:eb:6c:7e:d6:b0:1f:a8:8f:
39:a8:7e:07:49:71:52:8b:68:15:4c:c5:99:96:cc:0a:06:9e:
80:29:b0:d8:33:94:21:d2:cd:cc:e6:b7:dc:e5:04:4d:4b:15:
6f:5a:42:93:4d:92:2b:79:fe:f4:4c:d7:ac:19:82:03:23:45:
30:4d:f7:f3:32:73:06:22:c0:fc:0f:69:03:10:2c:d3:32:03:
86:91:71:a4:4a:20:8c:e8:38:2e:99:5c:f4:f6:97:d5:e0:e8:
c9:fd:bb:7a:86:ee:5a:c3:2e:05:66:94:39:86:f7:54:39:5f:
28:19:fc:a2:bf:16:38:71:3c:d5:c0:05:94:ff:f4:8e:ae:8a:
bf:9a:16:62:74:b8:cc:13:fd:02:64:6e:2f:b0:56:9d:d9:d6:
57:57:a7:bd:d4:8f:05:b2:10:74:a4:46:31:76:e1:c4:dd:92:
47:30:00:77:93:18:da:b1:e3:73:95:88:8f:3e:f0:40:e2:a9:
9a:09:a2:4b:bc:9e:f2:9a:c3:2b:5d:0a:e7:fc:38:2e:a2:96:
02:38:25:80:7b:05:12:da:3e:81:d8:2f:ac:81:63:7e:99:7c:
00:26:f6:ca
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzCbVoY+Gtlz9eBj/U5aOfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YWYxN2MwMDc1N2I5ODYwZmY2YTU2ZmZlMmY0N2U2OTA5
NGUyZjYwHhcNMjQwMTAxMDAyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2QyMGE2MDFkZDcwNTY1NWU3MDJjYzMyMjMwZDdjYWY5OTgwNDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvI0JXhQO/NCLn8BsSpKC+ZI+ckzS
p5H2BENw2qWiVL96wf5hDYu67Br5vTwYVqJFHTzfSYoeyO/viDTltKqJpAlaO89S
QP+ECWKMTk863kfw2VIGkhZegcno30/iV4wBvVjQiyg1o3Hqpk4KfaoaOeMn4wfB
5S7iiYz1QLteUGNGDlYaVUTFgXQYGydDCZTdJ57VcAgVRZYnQ8LF9767L9WwMfVu
5FzNkLhmtE+pH9fehTF6+v126yd6Yw1hOfuSFmyUeIPdqOFhQ4I8t7FRIZNsHJob
eRJbSRqS0s4X31zDAHPsusUvC0odSzNWMHe7g8fAr8umDoTQVeI/TrzlRQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLfSCmAd1wVlXnAswyIw18r5mAQwMB8GA1UdIwQY
MBaAFCivF8AHV7mGD/alb/4vR+aQlOL2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0s4WHdBZFh1WVlQOXFWdl9pOUg1cENVNHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9kZWE0NmEtYjU4YS00NjA5LTlkZjgt
MGUwMzdmM2Q1ODA1LzEvdDlJS1lCM1hCV1ZlY0N6RElqRFh5dm1ZQkRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9kZWE0NmEtYjU4YS00NjA5LTlkZjgtMGUwMzdmM2Q1ODA1
LzEvS0s4WHdBZFh1WVlQOXFWdl9pOUg1cENVNHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAFtRED
BAIFtRAwDQYJKoZIhvcNAQELBQADggEBACpnj0LKZeziBp8v7jihhgPceR3ptgfn
wU7ORTbrbH7WsB+ojzmofgdJcVKLaBVMxZmWzAoGnoApsNgzlCHSzczmt9zlBE1L
FW9aQpNNkit5/vRM16wZggMjRTBN9/MycwYiwPwPaQMQLNMyA4aRcaRKIIzoOC6Z
XPT2l9Xg6Mn9u3qG7lrDLgVmlDmG91Q5XygZ/KK/FjhxPNXABZT/9I6uir+aFmJ0
uMwT/QJkbi+wVp3Z1ldXp73UjwWyEHSkRjF24cTdkkcwAHeTGNqx43OViI8+8EDi
qZoJoku8nvKawytdCuf8OC6ilgI4JYB7BRLaPoHYL6yBY36ZfAAm9so=
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:59:19 2024 by rpki-client on console.sobornost.net