Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/8YASMXO6kU_HwZJnnEnat639N74.roa
File: 8YASMXO6kU_HwZJnnEnat639N74.roa (raw, json)
Hash identifier: g4bJJFH46MYE2hNHTyuqU+3PuI1B7TfFrxvke5ax0Bs=
Subject key identifier: F1:80:12:31:73:BA:91:4F:C7:C1:92:67:9C:49:DA:B7:AD:FD:37:BE
Certificate issuer: /CN=e7478550068bf78220408c25d612bc2fb02460c1
Certificate serial: 018A3CB30513D33CA518778085E96CB1CC9C
Authority key identifier: E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/8YASMXO6kU_HwZJnnEnat639N74.roa
Signing time: Mon 28 Aug 2023 15:11:19 +0000
ROA not before: Mon 28 Aug 2023 15:11:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21507
IP address blocks: 217.142.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:b3:05:13:d3:3c:a5:18:77:80:85:e9:6c:b1:cc:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7478550068bf78220408c25d612bc2fb02460c1
Validity
Not Before: Aug 28 15:11:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f180123173ba914fc7c192679c49dab7adfd37be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2e:9c:be:81:83:2c:f4:97:22:9e:9c:2a:f7:
4d:eb:9a:c7:74:e9:b1:09:9e:21:e5:7c:b2:f0:53:
86:d0:60:b1:ba:e7:5b:52:5b:e5:d4:33:b5:d5:a2:
ae:92:3b:f5:5c:8f:ff:29:ad:1f:3f:d8:a6:e0:0a:
e5:a8:9c:9e:4d:08:7e:d8:43:ab:56:77:54:87:4b:
f7:7c:e0:26:ce:f1:a8:9f:63:32:51:0b:e5:e7:54:
be:bd:b5:32:62:6a:6d:d7:82:e2:14:d6:d1:76:81:
1a:f8:01:39:45:79:b5:e4:e9:9c:be:aa:a1:fc:f2:
04:38:46:57:3a:49:65:e6:ec:83:ac:0b:81:91:1a:
33:14:d8:57:13:7e:ce:8e:bd:6d:a4:2c:92:0f:f1:
4c:95:36:05:65:f9:dd:84:5b:9d:98:be:bf:62:f3:
ec:cc:20:68:97:b9:69:fa:34:cf:b3:a6:82:10:a0:
8d:7a:0e:5d:99:d7:6e:73:1e:0e:2e:47:45:e3:f2:
92:f3:dc:2c:35:a2:d7:36:29:61:55:c8:8d:36:fc:
97:97:7c:72:1a:6d:8c:21:24:cd:24:b5:65:5e:49:
c1:85:b9:e5:40:e6:bf:75:00:e4:a8:95:87:44:e6:
93:f7:01:05:11:12:33:aa:97:5c:3f:ef:48:d0:49:
b0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:80:12:31:73:BA:91:4F:C7:C1:92:67:9C:49:DA:B7:AD:FD:37:BE
X509v3 Authority Key Identifier:
keyid:E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/8YASMXO6kU_HwZJnnEnat639N74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/50eFUAaL94IgQIwl1hK8L7AkYME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.142.64.0/18
Signature Algorithm: sha256WithRSAEncryption
19:a6:6e:78:5e:e0:32:e3:c9:9c:44:5b:7b:d1:25:ad:7d:6e:
88:d5:2e:d7:d7:22:e2:1b:2c:53:89:73:3b:51:af:9a:78:0d:
cb:e9:bf:78:8b:37:c9:3c:ab:72:14:10:d4:2e:f7:d6:fb:21:
9d:1b:1b:0c:0d:88:26:ca:e2:c2:41:ac:b7:07:3f:69:2f:0f:
9e:ec:d0:55:b4:b0:71:23:c7:36:74:dc:38:27:bc:61:ac:70:
ee:98:f9:67:b9:90:89:90:d6:a5:e7:17:a3:79:30:7e:d6:37:
6f:4d:47:05:09:c3:d3:db:12:39:15:d0:17:fa:f0:43:61:aa:
1b:be:fb:d6:4e:fe:e2:51:68:b3:f6:ef:4b:bc:93:6b:63:82:
57:7d:fd:75:44:ec:1e:51:37:61:ef:51:22:0b:de:bf:90:2c:
ab:a6:bd:22:7f:2a:4e:b7:a0:61:99:0e:72:96:19:80:04:97:
bc:da:e7:26:47:4b:d6:63:93:c4:bc:b8:a6:57:dc:92:e9:05:
0f:90:a6:67:03:b0:f3:99:5f:e5:81:a3:90:a2:3a:78:db:33:
bd:e2:7b:80:eb:94:c9:94:d9:a2:65:30:01:ec:86:d3:ae:64:
98:f7:7e:90:ac:f9:44:a4:eb:cd:88:1d:b3:ee:82:13:c4:a6:
53:09:dc:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYo8swUT0zylGHeAhelsscycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NDc4NTUwMDY4YmY3ODIyMDQwOGMyNWQ2MTJiYzJmYjAy
NDYwYzEwHhcNMjMwODI4MTUxMTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTgwMTIzMTczYmE5MTRmYzdjMTkyNjc5YzQ5ZGFiN2FkZmQzN2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmy6cvoGDLPSXIp6cKvdN65rHdOmx
CZ4h5Xyy8FOG0GCxuudbUlvl1DO11aKukjv1XI//Ka0fP9im4ArlqJyeTQh+2EOr
VndUh0v3fOAmzvGon2MyUQvl51S+vbUyYmpt14LiFNbRdoEa+AE5RXm15Omcvqqh
/PIEOEZXOkll5uyDrAuBkRozFNhXE37Ojr1tpCySD/FMlTYFZfndhFudmL6/YvPs
zCBol7lp+jTPs6aCEKCNeg5dmdducx4OLkdF4/KS89wsNaLXNilhVciNNvyXl3xy
Gm2MISTNJLVlXknBhbnlQOa/dQDkqJWHROaT9wEFERIzqpdcP+9I0EmwJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPGAEjFzupFPx8GSZ5xJ2ret/Te+MB8GA1UdIwQY
MBaAFOdHhVAGi/eCIECMJdYSvC+wJGDBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTBlRlVBYUw5NElnUUl3bDFoSzhMN0FrWU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82MzU1MTEtNzFmMy00ZjU3LTkxMzkt
N2RhM2NkMjUzYmY2LzEvOFlBU01YTzZrVV9Id1pKbm5FbmF0NjM5Tjc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82MzU1MTEtNzFmMy00ZjU3LTkxMzktN2RhM2NkMjUzYmY2
LzEvNTBlRlVBYUw5NElnUUl3bDFoSzhMN0FrWU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG2Y5AMA0G
CSqGSIb3DQEBCwUAA4IBAQAZpm54XuAy48mcRFt70SWtfW6I1S7X1yLiGyxTiXM7
Ua+aeA3L6b94izfJPKtyFBDULvfW+yGdGxsMDYgmyuLCQay3Bz9pLw+e7NBVtLBx
I8c2dNw4J7xhrHDumPlnuZCJkNal5xejeTB+1jdvTUcFCcPT2xI5FdAX+vBDYaob
vvvWTv7iUWiz9u9LvJNrY4JXff11ROweUTdh71EiC96/kCyrpr0ifypOt6BhmQ5y
lhmABJe82ucmR0vWY5PEvLimV9yS6QUPkKZnA7DzmV/lgaOQojp42zO94nuA65TJ
lNmiZTAB7IbTrmSY936QrPlEpOvNiB2z7oITxKZTCdyv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:59 2024 by rpki-client on console-ams.rpki-client.org