Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/Wb9yJuqyANwDT06zDeMF_H8ZJWw.roa
File: Wb9yJuqyANwDT06zDeMF_H8ZJWw.roa (raw, json)
Hash identifier: QKNXGR1LYL9/QQ0JR5gCOt0GfjSZaIPr2NAbcsVtzGc=
Subject key identifier: 59:BF:72:26:EA:B2:00:DC:03:4F:4E:B3:0D:E3:05:FC:7F:19:25:6C
Certificate issuer: /CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Certificate serial: 018A07F3139C487DF582EEDD4C78B4BB0F8C
Authority key identifier: 84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/Wb9yJuqyANwDT06zDeMF_H8ZJWw.roa
Signing time: Fri 18 Aug 2023 09:21:25 +0000
ROA not before: Fri 18 Aug 2023 09:21:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 217.140.64.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:07:f3:13:9c:48:7d:f5:82:ee:dd:4c:78:b4:bb:0f:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Validity
Not Before: Aug 18 09:21:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59bf7226eab200dc034f4eb30de305fc7f19256c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ce:08:7c:7d:48:f2:01:1c:f5:bd:6d:e0:87:
33:a3:4e:0a:d9:08:f0:08:b4:47:54:dc:4d:27:2c:
1a:c7:51:86:25:92:52:e8:37:ff:6d:a9:d6:c2:ff:
58:a5:fd:f7:a2:74:c9:d9:69:da:49:c5:4b:7a:88:
b3:61:21:7b:1d:72:fc:26:33:d5:25:4a:a7:94:6c:
6a:fc:38:54:95:bc:9a:ff:62:00:50:7c:b6:97:b5:
fd:83:bc:f7:4b:4c:ef:48:85:3e:1c:c2:af:b1:36:
44:a5:c5:e9:5e:e4:e3:c9:c0:5f:16:2e:ba:fa:86:
36:b7:ea:12:32:58:4f:08:bf:6b:2f:d3:76:2d:bf:
27:5b:68:e2:47:7d:c9:19:b0:35:b2:3c:63:83:f9:
34:c2:30:6b:9d:d5:58:d4:38:85:53:48:c7:83:30:
32:5d:76:bd:cf:23:2a:07:a0:ea:47:d3:67:04:05:
fe:b9:4c:46:24:4f:f4:6f:5c:f2:b6:81:43:d8:00:
de:6d:37:8e:c9:0c:db:a0:10:d6:53:cd:88:5e:3b:
0b:53:41:e7:a6:8a:9b:75:40:f1:0f:f4:42:a1:06:
b9:bf:bd:9f:d9:78:68:c5:f0:cc:7a:aa:8b:83:ef:
b1:5c:aa:14:df:1c:a3:0e:2b:1d:fa:ca:f9:86:fc:
ae:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:BF:72:26:EA:B2:00:DC:03:4F:4E:B3:0D:E3:05:FC:7F:19:25:6C
X509v3 Authority Key Identifier:
keyid:84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/Wb9yJuqyANwDT06zDeMF_H8ZJWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.140.64.0/21
Signature Algorithm: sha256WithRSAEncryption
7d:9f:b4:03:95:cb:4c:d1:dc:6e:6b:4a:30:4e:07:4e:2e:29:
72:72:d2:45:38:d0:2c:3e:7a:0c:86:20:cf:c8:10:89:30:5d:
44:03:81:2a:0f:af:6f:cf:8c:b1:ae:5c:92:e5:57:c4:1a:bb:
6c:18:2d:ea:2c:23:de:c3:26:9f:2f:62:7f:ee:26:d1:47:09:
97:36:49:e9:82:cc:09:d6:cc:ad:96:80:af:00:b4:51:a7:a6:
16:a7:69:eb:00:73:76:c5:67:f4:05:bc:53:25:1c:08:8c:b1:
0c:f4:a4:2d:59:3c:8b:59:0e:72:3f:57:c8:40:4d:48:32:ac:
8d:ec:32:a2:78:07:d1:d2:d9:c1:cb:35:c3:36:cf:03:14:6e:
b3:d9:bf:f4:bf:6b:24:b7:8b:09:40:c3:57:71:85:fb:fa:ae:
0d:2a:e2:36:31:44:fd:5e:60:80:64:d9:94:d1:04:c3:47:d8:
e2:25:ea:cd:71:c7:aa:90:96:65:09:02:01:1c:47:c9:9f:8b:
02:d4:9d:11:ab:01:f9:b3:2c:60:77:3c:2f:bc:b0:18:05:99:
77:03:3a:f1:59:e5:b5:4e:fa:8c:dd:b6:f4:17:46:a9:92:bb:
eb:2d:f5:4a:82:52:b3:77:26:79:99:56:c3:ef:7f:b2:73:28:
76:04:91:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoH8xOcSH31gu7dTHi0uw+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDcwYWYwZDg5ZDc4NWJhMThiYTYxN2RjMDllM2Y3MmM1
OTk2ZjMwHhcNMjMwODE4MDkyMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWJmNzIyNmVhYjIwMGRjMDM0ZjRlYjMwZGUzMDVmYzdmMTkyNTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqs4IfH1I8gEc9b1t4Iczo04K2Qjw
CLRHVNxNJywax1GGJZJS6Df/banWwv9Ypf33onTJ2WnaScVLeoizYSF7HXL8JjPV
JUqnlGxq/DhUlbya/2IAUHy2l7X9g7z3S0zvSIU+HMKvsTZEpcXpXuTjycBfFi66
+oY2t+oSMlhPCL9rL9N2Lb8nW2jiR33JGbA1sjxjg/k0wjBrndVY1DiFU0jHgzAy
XXa9zyMqB6DqR9NnBAX+uUxGJE/0b1zytoFD2ADebTeOyQzboBDWU82IXjsLU0Hn
poqbdUDxD/RCoQa5v72f2XhoxfDMeqqLg++xXKoU3xyjDisd+sr5hvyuYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFm/cibqsgDcA09Osw3jBfx/GSVsMB8GA1UdIwQY
MBaAFIRHCvDYnXhboYumF9wJ4/csWZbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDIt
ZTc2ZTNlMjkzZTAyLzEvV2I5eUp1cXlBTndEVDA2ekRlTUZfSDhaSld3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDItZTc2ZTNlMjkzZTAy
LzEvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD2YxAMA0G
CSqGSIb3DQEBCwUAA4IBAQB9n7QDlctM0dxua0owTgdOLilyctJFONAsPnoMhiDP
yBCJMF1EA4EqD69vz4yxrlyS5VfEGrtsGC3qLCPewyafL2J/7ibRRwmXNknpgswJ
1sytloCvALRRp6YWp2nrAHN2xWf0BbxTJRwIjLEM9KQtWTyLWQ5yP1fIQE1IMqyN
7DKieAfR0tnByzXDNs8DFG6z2b/0v2skt4sJQMNXcYX7+q4NKuI2MUT9XmCAZNmU
0QTDR9jiJerNcceqkJZlCQIBHEfJn4sC1J0RqwH5syxgdzwvvLAYBZl3AzrxWeW1
TvqM3bb0F0apkrvrLfVKglKzdyZ5mVbD73+ycyh2BJGs
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:58 2025 by rpki-client