Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/w3ptLDFS7CRxP3Toop9eegQMJI0.roa
File: w3ptLDFS7CRxP3Toop9eegQMJI0.roa (raw, json)
Hash identifier: 1wSU+y5DmFBe+r6WSqSMfLhAuUotQN9V5cNsQwLfnHY=
Subject key identifier: C3:7A:6D:2C:31:52:EC:24:71:3F:74:E8:A2:9F:5E:7A:04:0C:24:8D
Certificate issuer: /CN=43668474e7bb3dbdb26adc01838ce7062d70c498
Certificate serial: 0185720C413FD882017989878012D1CF43CA
Authority key identifier: 43:66:84:74:E7:BB:3D:BD:B2:6A:DC:01:83:8C:E7:06:2D:70:C4:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q2aEdOe7Pb2yatwBg4znBi1wxJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/w3ptLDFS7CRxP3Toop9eegQMJI0.roa
Signing time: Mon 02 Jan 2023 10:34:43 +0000
ROA not before: Mon 02 Jan 2023 10:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207502
IP address blocks: 147.78.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:41:3f:d8:82:01:79:89:87:80:12:d1:cf:43:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43668474e7bb3dbdb26adc01838ce7062d70c498
Validity
Not Before: Jan 2 10:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c37a6d2c3152ec24713f74e8a29f5e7a040c248d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:10:eb:f5:6f:63:8f:f7:e8:7c:ef:6b:5a:17:
af:c1:f6:6e:9c:7c:0e:9d:de:a0:48:4d:70:9f:18:
0d:f2:a4:4e:3f:af:c8:21:f0:e6:7d:67:35:8a:d3:
d4:e1:b6:05:ae:d6:dc:78:5e:92:02:f0:33:f9:2b:
d1:3f:af:be:96:84:c4:df:17:68:4c:de:fb:c4:38:
21:df:a5:1f:6d:75:87:d6:fa:91:8c:cf:f6:91:bf:
9d:1f:f9:ec:b0:70:bd:7c:6c:2b:33:2f:fa:e1:cc:
ec:1f:02:32:58:44:e2:ff:5d:96:c8:e5:37:67:7b:
c7:22:45:c4:35:54:0b:95:55:97:8c:71:53:26:aa:
35:70:75:b8:ab:67:83:82:58:d3:a3:ac:28:6b:88:
cf:62:64:9e:e0:37:9b:2b:8a:97:88:e8:33:c3:3c:
b2:d7:8c:c4:3f:15:5c:7c:da:fc:2f:dd:ef:e6:ba:
e4:ab:86:95:39:88:ac:f5:8c:84:fa:ff:82:de:67:
c5:0b:71:ce:56:69:39:a0:92:8f:23:98:c8:6e:05:
87:d6:76:6e:a2:29:48:60:6d:ad:c9:77:7f:37:60:
ab:77:0a:51:9a:13:00:0a:e9:28:05:03:f3:a2:f4:
fa:98:90:6d:fd:06:94:7a:c6:6a:78:24:1f:f1:de:
d1:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:7A:6D:2C:31:52:EC:24:71:3F:74:E8:A2:9F:5E:7A:04:0C:24:8D
X509v3 Authority Key Identifier:
keyid:43:66:84:74:E7:BB:3D:BD:B2:6A:DC:01:83:8C:E7:06:2D:70:C4:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q2aEdOe7Pb2yatwBg4znBi1wxJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/w3ptLDFS7CRxP3Toop9eegQMJI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/Q2aEdOe7Pb2yatwBg4znBi1wxJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.162.0/24
Signature Algorithm: sha256WithRSAEncryption
47:da:2c:9c:75:05:89:b2:be:50:c8:63:c1:9a:3e:9d:6c:4a:
2f:29:7f:c6:69:73:9f:51:4e:af:a6:d2:6d:19:5f:d3:0b:52:
c4:48:42:01:65:b1:86:ea:38:f2:30:2b:9a:c5:82:6f:bb:47:
65:33:76:49:5b:84:1e:7c:2d:4b:d9:13:04:fb:bb:3f:59:6a:
a5:4c:f9:06:41:d9:57:de:ee:61:88:63:3d:6f:34:1e:fb:84:
ce:a5:cd:7c:ee:a8:a6:80:27:ab:72:69:cf:56:8a:21:54:de:
10:64:8b:ca:98:3e:a2:d5:e7:6f:e7:3d:f3:00:f5:04:80:0c:
9d:49:ea:dc:2f:fc:34:13:b3:3a:a0:8d:db:5f:64:75:68:51:
23:a2:09:48:cf:b3:64:7f:1a:27:9e:a1:ff:a4:92:0e:c1:1d:
19:bd:89:be:9d:cb:a5:96:6e:cc:57:48:a8:25:56:47:53:8c:
cd:82:3c:9c:b3:f8:31:4e:9e:07:e7:13:a9:21:be:03:74:62:
dc:cc:fa:e4:a9:b2:9b:56:9e:63:d1:e9:ef:3a:d2:f7:a6:39:
1c:82:70:ce:4b:8f:b7:13:b7:69:e6:7d:b2:0d:ea:81:72:fd:
3e:27:07:c7:10:f5:e2:b7:c0:a9:a3:af:cf:c7:1b:7c:69:bf:
b8:11:1b:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDEE/2IIBeYmHgBLRz0PKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNjY4NDc0ZTdiYjNkYmRiMjZhZGMwMTgzOGNlNzA2MmQ3
MGM0OTgwHhcNMjMwMTAyMTAzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzdhNmQyYzMxNTJlYzI0NzEzZjc0ZThhMjlmNWU3YTA0MGMyNDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRDr9W9jj/fofO9rWhevwfZunHwO
nd6gSE1wnxgN8qROP6/IIfDmfWc1itPU4bYFrtbceF6SAvAz+SvRP6++loTE3xdo
TN77xDgh36UfbXWH1vqRjM/2kb+dH/nssHC9fGwrMy/64czsHwIyWETi/12WyOU3
Z3vHIkXENVQLlVWXjHFTJqo1cHW4q2eDgljTo6woa4jPYmSe4DebK4qXiOgzwzyy
14zEPxVcfNr8L93v5rrkq4aVOYis9YyE+v+C3mfFC3HOVmk5oJKPI5jIbgWH1nZu
oilIYG2tyXd/N2CrdwpRmhMACukoBQPzovT6mJBt/QaUesZqeCQf8d7RuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMN6bSwxUuwkcT906KKfXnoEDCSNMB8GA1UdIwQY
MBaAFENmhHTnuz29smrcAYOM5wYtcMSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTJhRWRPZTdQYjJ5YXR3Qmc0em5CaTF3eEpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9hNGE1NzctMTkyNS00ZGYzLTkyMGQt
ZmEyMDg4Y2M1MDE0LzEvdzNwdExERlM3Q1J4UDNUb29wOWVlZ1FNSkkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9hNGE1NzctMTkyNS00ZGYzLTkyMGQtZmEyMDg4Y2M1MDE0
LzEvUTJhRWRPZTdQYjJ5YXR3Qmc0em5CaTF3eEpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk06iMA0G
CSqGSIb3DQEBCwUAA4IBAQBH2iycdQWJsr5QyGPBmj6dbEovKX/GaXOfUU6vptJt
GV/TC1LESEIBZbGG6jjyMCuaxYJvu0dlM3ZJW4QefC1L2RME+7s/WWqlTPkGQdlX
3u5hiGM9bzQe+4TOpc187qimgCercmnPVoohVN4QZIvKmD6i1edv5z3zAPUEgAyd
SercL/w0E7M6oI3bX2R1aFEjoglIz7NkfxonnqH/pJIOwR0ZvYm+ncullm7MV0io
JVZHU4zNgjycs/gxTp4H5xOpIb4DdGLczPrkqbKbVp5j0envOtL3pjkcgnDOS4+3
E7dp5n2yDeqBcv0+JwfHEPXit8Cpo6/Pxxt8ab+4ERsz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:08 2024 by rpki-client on console-fra.rpki-client.org