Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/_N6e6k-miW4aAjYMuXTcZbKHhyY.roa
File: _N6e6k-miW4aAjYMuXTcZbKHhyY.roa (raw, json)
Hash identifier: q7VxVwDcjXQV0UJZmEIArxzQ+7mhCy9IY3YEL8yg5qQ=
Subject key identifier: FC:DE:9E:EA:4F:A6:89:6E:1A:02:36:0C:B9:74:DC:65:B2:87:87:26
Certificate issuer: /CN=9a393ef16027fc03bc5c045ff9289d4bbb7ff364
Certificate serial: 01856F14B8969C06AB2E67DC1AA7CB4EC8F6
Authority key identifier: 9A:39:3E:F1:60:27:FC:03:BC:5C:04:5F:F9:28:9D:4B:BB:7F:F3:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mjk-8WAn_AO8XARf-SidS7t_82Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/_N6e6k-miW4aAjYMuXTcZbKHhyY.roa
Signing time: Sun 01 Jan 2023 20:45:06 +0000
ROA not before: Sun 01 Jan 2023 20:45:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2269
IP address blocks: 160.228.0.0/16 maxlen: 16
138.195.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:b8:96:9c:06:ab:2e:67:dc:1a:a7:cb:4e:c8:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a393ef16027fc03bc5c045ff9289d4bbb7ff364
Validity
Not Before: Jan 1 20:45:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcde9eea4fa6896e1a02360cb974dc65b2878726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:dd:0e:57:85:5c:38:29:e9:82:a3:d7:48:f7:
b8:ef:1e:cb:41:ea:8e:79:04:70:00:77:22:0a:24:
e7:f2:4a:ae:e6:fb:52:5f:96:95:2d:43:bf:c6:1b:
75:a6:1f:c2:a1:90:89:84:fd:29:21:fe:0d:56:62:
94:db:c7:50:ac:54:63:b0:06:44:4c:0a:22:cc:12:
58:b1:78:26:57:77:55:04:81:d4:29:9c:b0:fb:ef:
0a:04:98:be:62:ac:70:75:a7:46:b6:99:a1:d7:41:
30:ad:91:40:f5:18:e1:4e:ed:42:6b:68:a4:9f:39:
fa:e0:be:63:f0:a2:85:e2:c9:a9:ae:6e:ca:69:49:
86:63:fa:70:06:96:2a:85:22:63:09:32:c8:e0:46:
f6:37:9d:9a:de:ec:c4:c8:2b:eb:86:ff:7e:2d:f7:
33:ff:9a:77:7c:3b:98:d6:c4:26:28:53:2b:be:da:
87:98:99:3a:b2:60:99:0b:6a:58:16:eb:ca:60:3d:
8e:31:fb:7a:47:5d:84:e5:84:10:5e:d5:b4:b0:79:
f3:25:70:ef:c8:fb:9c:0e:ab:c9:28:c0:bc:6a:6b:
50:a7:b6:36:80:32:9e:24:fc:6e:93:cd:48:7d:1a:
a1:07:48:ea:64:d2:c8:5a:36:d9:0f:5e:36:46:f7:
59:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:DE:9E:EA:4F:A6:89:6E:1A:02:36:0C:B9:74:DC:65:B2:87:87:26
X509v3 Authority Key Identifier:
keyid:9A:39:3E:F1:60:27:FC:03:BC:5C:04:5F:F9:28:9D:4B:BB:7F:F3:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mjk-8WAn_AO8XARf-SidS7t_82Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/_N6e6k-miW4aAjYMuXTcZbKHhyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/mjk-8WAn_AO8XARf-SidS7t_82Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.195.0.0/16
160.228.0.0/16
Signature Algorithm: sha256WithRSAEncryption
32:25:88:7a:24:c0:1c:b3:92:f4:65:c3:d5:b1:e3:23:d8:61:
65:cb:c6:85:ff:c4:d6:c2:ef:78:e8:51:8c:d7:6e:1f:aa:ee:
75:88:7f:08:d3:09:b9:ee:0c:ed:fa:04:e3:f0:22:52:c5:3e:
0f:74:35:d8:19:cc:0d:0b:8b:7a:55:c1:a8:5d:11:c2:18:03:
5c:8b:66:c5:92:7e:4d:06:be:7e:60:ac:13:19:f5:8c:f1:e8:
ed:22:41:7d:57:a8:39:5c:77:25:d2:1e:3d:c1:19:46:17:4f:
52:f3:ae:01:76:f8:84:cf:c7:e2:04:02:4f:7d:ae:c1:1b:05:
7e:68:f3:22:c3:4d:12:cc:fc:13:12:bc:00:66:b7:f1:b1:c6:
5d:61:03:9a:bb:70:8b:fa:d1:85:1a:f2:93:e9:ec:d4:20:d9:
e5:f7:1a:40:57:23:36:2b:05:91:a8:f2:43:a1:30:47:6d:7a:
d5:61:bf:12:76:f0:cc:9b:5b:87:ec:20:8a:30:d1:3b:62:0c:
51:c3:4b:48:f2:cc:60:e6:9a:83:5b:2a:b5:bd:ed:ce:66:d1:
6c:3a:98:77:7f:c4:97:3b:4e:63:d4:ef:cd:8a:b3:c6:b4:79:
f2:3d:c2:6b:0b:3a:21:e1:96:22:b5:55:e5:55:11:45:61:30:
b6:ac:37:38
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYVvFLiWnAarLmfcGqfLTsj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMzkzZWYxNjAyN2ZjMDNiYzVjMDQ1ZmY5Mjg5ZDRiYmI3
ZmYzNjQwHhcNMjMwMTAxMjA0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2RlOWVlYTRmYTY4OTZlMWEwMjM2MGNiOTc0ZGM2NWIyODc4NzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod0OV4VcOCnpgqPXSPe47x7LQeqO
eQRwAHciCiTn8kqu5vtSX5aVLUO/xht1ph/CoZCJhP0pIf4NVmKU28dQrFRjsAZE
TAoizBJYsXgmV3dVBIHUKZyw++8KBJi+YqxwdadGtpmh10EwrZFA9RjhTu1Ca2ik
nzn64L5j8KKF4smprm7KaUmGY/pwBpYqhSJjCTLI4Eb2N52a3uzEyCvrhv9+Lfcz
/5p3fDuY1sQmKFMrvtqHmJk6smCZC2pYFuvKYD2OMft6R12E5YQQXtW0sHnzJXDv
yPucDqvJKMC8amtQp7Y2gDKeJPxuk81IfRqhB0jqZNLIWjbZD142RvdZ+QIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPzenupPpoluGgI2DLl03GWyh4cmMB8GA1UdIwQY
MBaAFJo5PvFgJ/wDvFwEX/konUu7f/NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWprLThXQW5fQU84WEFSZi1TaWRTN3RfODJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jNmQ5ODQtNmJmYy00NjAyLTlkNTgt
YWIyZDVlN2Q0YTdiLzEvX042ZTZrLW1pVzRhQWpZTXVYVGNaYktIaHlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jNmQ5ODQtNmJmYy00NjAyLTlkNTgtYWIyZDVlN2Q0YTdi
LzEvbWprLThXQW5fQU84WEFSZi1TaWRTN3RfODJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMAisMDAwCg
5DANBgkqhkiG9w0BAQsFAAOCAQEAMiWIeiTAHLOS9GXD1bHjI9hhZcvGhf/E1sLv
eOhRjNduH6rudYh/CNMJue4M7foE4/AiUsU+D3Q12BnMDQuLelXBqF0RwhgDXItm
xZJ+TQa+fmCsExn1jPHo7SJBfVeoOVx3JdIePcEZRhdPUvOuAXb4hM/H4gQCT32u
wRsFfmjzIsNNEsz8ExK8AGa38bHGXWEDmrtwi/rRhRryk+ns1CDZ5fcaQFcjNisF
kajyQ6EwR2161WG/EnbwzJtbh+wgijDRO2IMUcNLSPLMYOaag1sqtb3tzmbRbDqY
d3/ElztOY9TvzYqzxrR58j3Caws6IeGWIrVV5VURRWEwtqw3OA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:21 2024 by rpki-client on console-fra.rpki-client.org