Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/138hELPCFo5FR7jQjTDLa1d6wf0.roa
File: 138hELPCFo5FR7jQjTDLa1d6wf0.roa (raw, json)
Hash identifier: NvC2hCjc6tG6EZfERHwemfY++LBzj/hrLLZQLTENAoY=
Subject key identifier: D7:7F:21:10:B3:C2:16:8E:45:47:B8:D0:8D:30:CB:6B:57:7A:C1:FD
Certificate issuer: /CN=43668474e7bb3dbdb26adc01838ce7062d70c498
Certificate serial: 01825EBB8278AC7BEA251ED2F4EAF53220A9
Authority key identifier: 43:66:84:74:E7:BB:3D:BD:B2:6A:DC:01:83:8C:E7:06:2D:70:C4:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q2aEdOe7Pb2yatwBg4znBi1wxJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/138hELPCFo5FR7jQjTDLa1d6wf0.roa
Signing time: Tue 02 Aug 2022 13:25:23 +0000
ROA not before: Tue 02 Aug 2022 13:25:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207502
IP address blocks: 147.78.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5e:bb:82:78:ac:7b:ea:25:1e:d2:f4:ea:f5:32:20:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43668474e7bb3dbdb26adc01838ce7062d70c498
Validity
Not Before: Aug 2 13:25:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d77f2110b3c2168e4547b8d08d30cb6b577ac1fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a7:8e:12:bb:99:6a:ca:a4:9a:cf:d5:b5:26:
25:a0:4a:8b:20:0f:71:2a:5e:03:8b:02:79:84:d0:
06:8e:eb:13:50:17:1f:2e:eb:02:0d:1f:77:ee:b5:
ca:2e:e4:dc:98:f5:33:c7:0d:19:c3:af:e9:48:80:
bb:9a:8d:0f:89:9c:ab:ea:ba:93:44:eb:27:41:b0:
96:2b:f8:04:de:a8:43:a6:71:4c:13:87:2f:3d:73:
42:f2:db:8c:20:90:f3:28:70:f5:5f:0d:29:67:88:
1e:83:7a:49:9e:39:b4:67:64:86:66:d6:77:50:93:
3b:1b:ea:87:63:a4:23:dd:1b:37:4d:e1:dd:d9:31:
44:2f:4f:a1:62:73:77:fb:d2:ea:6e:37:e1:fe:68:
4b:7b:3b:01:6d:56:85:f5:6d:18:b4:4d:dd:f6:04:
c9:07:35:f0:5f:c2:cb:67:c3:95:03:13:05:97:e5:
44:d2:2c:de:27:37:3c:4c:49:38:48:68:f8:8d:a6:
45:25:b2:c6:c1:a8:b1:92:e2:4e:a4:f8:02:e3:01:
34:7e:74:99:3b:db:59:f8:63:11:ca:98:2e:a3:b2:
3f:44:9e:64:07:b5:5a:0b:e0:3f:a9:cf:24:b0:a2:
21:ba:3e:d9:94:63:03:04:27:dd:36:75:75:0d:41:
41:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:7F:21:10:B3:C2:16:8E:45:47:B8:D0:8D:30:CB:6B:57:7A:C1:FD
X509v3 Authority Key Identifier:
keyid:43:66:84:74:E7:BB:3D:BD:B2:6A:DC:01:83:8C:E7:06:2D:70:C4:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q2aEdOe7Pb2yatwBg4znBi1wxJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/138hELPCFo5FR7jQjTDLa1d6wf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/Q2aEdOe7Pb2yatwBg4znBi1wxJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.162.0/24
Signature Algorithm: sha256WithRSAEncryption
67:d5:db:98:31:25:13:ac:35:65:ea:e6:97:a1:44:d3:c6:24:
f7:32:f7:10:95:a5:8f:f7:4f:6e:36:36:2f:8b:c9:67:1d:78:
01:4b:8a:b6:ac:53:4f:55:c9:f8:94:d9:7b:9e:58:52:b1:8e:
2c:23:24:96:c1:16:d3:2e:b3:12:cb:e5:79:e4:59:c0:93:eb:
b6:d6:60:93:aa:98:a2:de:8d:81:aa:3c:29:b7:d1:1c:db:32:
c1:f9:0f:3d:f9:1f:55:be:94:a4:0f:94:f6:20:b1:b0:b8:eb:
55:17:aa:cd:24:22:3e:be:07:7c:36:5c:cd:60:9c:aa:04:05:
d6:e2:95:9d:8e:20:31:af:8f:fa:49:de:a5:f3:8a:9a:c9:23:
4e:be:18:b7:e7:ac:db:ee:31:c0:d5:e1:92:b3:5b:86:ea:92:
94:48:82:0e:60:8e:7c:ca:74:5f:fc:03:09:0d:dc:c0:46:69:
82:bb:1b:80:da:ff:0a:ed:1d:94:e3:c9:b7:db:b5:e3:2d:26:
8c:1a:73:53:49:21:aa:6f:46:d3:bc:64:5f:00:ba:ff:9f:88:
a3:90:42:fb:81:6a:11:90:f3:b8:b9:dd:3c:f4:b7:91:9a:1b:
4c:4f:a8:8f:f8:29:94:07:52:95:c9:bc:5a:da:cf:62:09:45:
a0:ca:0a:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJeu4J4rHvqJR7S9Or1MiCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNjY4NDc0ZTdiYjNkYmRiMjZhZGMwMTgzOGNlNzA2MmQ3
MGM0OTgwHhcNMjIwODAyMTMyNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzdmMjExMGIzYzIxNjhlNDU0N2I4ZDA4ZDMwY2I2YjU3N2FjMWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqeOEruZasqkms/VtSYloEqLIA9x
Kl4DiwJ5hNAGjusTUBcfLusCDR937rXKLuTcmPUzxw0Zw6/pSIC7mo0PiZyr6rqT
ROsnQbCWK/gE3qhDpnFME4cvPXNC8tuMIJDzKHD1Xw0pZ4geg3pJnjm0Z2SGZtZ3
UJM7G+qHY6Qj3Rs3TeHd2TFEL0+hYnN3+9Lqbjfh/mhLezsBbVaF9W0YtE3d9gTJ
BzXwX8LLZ8OVAxMFl+VE0izeJzc8TEk4SGj4jaZFJbLGwaixkuJOpPgC4wE0fnSZ
O9tZ+GMRypguo7I/RJ5kB7VaC+A/qc8ksKIhuj7ZlGMDBCfdNnV1DUFB6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNd/IRCzwhaORUe40I0wy2tXesH9MB8GA1UdIwQY
MBaAFENmhHTnuz29smrcAYOM5wYtcMSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTJhRWRPZTdQYjJ5YXR3Qmc0em5CaTF3eEpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9hNGE1NzctMTkyNS00ZGYzLTkyMGQt
ZmEyMDg4Y2M1MDE0LzEvMTM4aEVMUENGbzVGUjdqUWpURExhMWQ2d2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9hNGE1NzctMTkyNS00ZGYzLTkyMGQtZmEyMDg4Y2M1MDE0
LzEvUTJhRWRPZTdQYjJ5YXR3Qmc0em5CaTF3eEpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk06iMA0G
CSqGSIb3DQEBCwUAA4IBAQBn1duYMSUTrDVl6uaXoUTTxiT3MvcQlaWP909uNjYv
i8lnHXgBS4q2rFNPVcn4lNl7nlhSsY4sIySWwRbTLrMSy+V55FnAk+u21mCTqpii
3o2Bqjwpt9Ec2zLB+Q89+R9VvpSkD5T2ILGwuOtVF6rNJCI+vgd8NlzNYJyqBAXW
4pWdjiAxr4/6Sd6l84qaySNOvhi356zb7jHA1eGSs1uG6pKUSIIOYI58ynRf/AMJ
DdzARmmCuxuA2v8K7R2U48m327XjLSaMGnNTSSGqb0bTvGRfALr/n4ijkEL7gWoR
kPO4ud089LeRmhtMT6iP+CmUB1KVybxa2s9iCUWgygpz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:07 2024 by rpki-client on console-ams.rpki-client.org