Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/0XLcY4uqdJL5yeB7a7W8Pcy7_Lk.roa
File: 0XLcY4uqdJL5yeB7a7W8Pcy7_Lk.roa (raw, json)
Hash identifier: JzTr/paQz6R5vcXM7KG9f2E+wh1QPe7ZkvsywL9D5hA=
Subject key identifier: D1:72:DC:63:8B:AA:74:92:F9:C9:E0:7B:6B:B5:BC:3D:CC:BB:FC:B9
Certificate issuer: /CN=e7478550068bf78220408c25d612bc2fb02460c1
Certificate serial: 01850D09069B047196237F4BD608F14D8A17
Authority key identifier: E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/0XLcY4uqdJL5yeB7a7W8Pcy7_Lk.roa
Signing time: Tue 13 Dec 2022 19:49:33 +0000
ROA not before: Tue 13 Dec 2022 19:49:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21507
IP address blocks: 217.142.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0d:09:06:9b:04:71:96:23:7f:4b:d6:08:f1:4d:8a:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7478550068bf78220408c25d612bc2fb02460c1
Validity
Not Before: Dec 13 19:49:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d172dc638baa7492f9c9e07b6bb5bc3dccbbfcb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0e:86:90:9f:d6:c0:90:2d:5d:83:22:50:94:
11:24:06:63:da:58:8e:16:c6:b6:d4:96:ab:ad:07:
33:14:29:39:e4:6a:42:79:ce:55:ea:f8:6f:fb:dd:
e3:fb:c0:96:1b:e5:0a:5d:01:f0:6b:eb:09:a0:c6:
bb:24:43:ab:b8:9d:3b:d8:84:ea:98:a7:f4:59:9f:
9c:9f:45:30:fe:40:cf:86:b1:b3:cc:fd:4e:d3:d6:
9b:d2:6d:6d:90:cb:7d:82:62:e2:d8:5b:90:aa:82:
41:31:56:04:56:f7:77:b9:9b:c8:32:7d:4f:9a:23:
9e:4d:e2:01:06:c8:18:a5:2d:03:85:23:bd:7d:3f:
1a:2d:28:4f:bf:4c:d4:79:6b:67:1b:67:0b:b4:73:
2b:a5:ac:96:25:37:59:bc:ae:2c:0d:cc:5e:d3:2a:
1f:24:f6:f0:82:1f:19:f7:f8:1d:4f:46:0f:a9:29:
d6:e7:e8:c5:7d:2b:20:5c:11:c0:85:a1:df:27:02:
be:3d:7d:cd:6a:11:4e:f3:c0:cc:f5:7e:a8:fa:7c:
12:78:a1:04:ac:0a:02:82:32:e5:b4:b1:e7:b3:70:
63:72:42:71:86:d1:9a:9f:10:ad:b9:d4:41:2b:cd:
65:1d:57:8c:6c:ef:2c:cf:b1:95:f6:f7:8b:17:1c:
f3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:72:DC:63:8B:AA:74:92:F9:C9:E0:7B:6B:B5:BC:3D:CC:BB:FC:B9
X509v3 Authority Key Identifier:
keyid:E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/0XLcY4uqdJL5yeB7a7W8Pcy7_Lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/50eFUAaL94IgQIwl1hK8L7AkYME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.142.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5c:43:f7:ec:8b:d4:14:9e:8c:3d:20:a0:7f:01:f1:10:d6:bb:
e6:37:bf:5c:a5:60:72:e1:eb:db:44:37:d0:dc:b8:da:a5:d3:
57:0d:5f:c7:4a:9a:4d:1a:fd:0e:8a:78:0d:67:e1:1a:8d:e0:
06:59:53:39:93:1d:1b:1b:16:e7:79:de:df:d1:c3:7c:1a:a3:
a7:79:c9:ff:f7:2b:55:d2:5e:ed:77:a6:5e:37:17:a3:2b:41:
56:81:ae:90:49:eb:e6:b4:57:28:c4:b5:b4:80:0b:d6:b8:58:
98:5c:e0:1d:b4:f4:70:e4:fa:70:67:7b:33:69:fb:e9:6c:09:
ba:b4:f0:4a:aa:28:29:0e:2d:40:bd:f5:63:57:a1:21:a6:4f:
42:d8:e7:8e:b4:a6:3f:3d:02:bc:de:74:0a:b7:c0:d2:12:32:
8a:df:ff:15:03:b7:c5:da:ca:81:0a:a1:e7:11:b7:7d:04:74:
b3:e8:02:4c:62:34:46:b5:5b:21:50:82:d3:1c:bc:9e:b7:4b:
14:17:ce:55:aa:18:51:77:61:c9:69:59:0f:32:18:2d:12:36:
46:47:89:65:e9:05:26:55:af:0e:7c:00:bc:9e:45:4a:30:4c:
a4:79:d1:fb:7e:2c:ab:64:33:66:06:f5:ed:c9:31:bf:d1:a4:
e8:e4:7a:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUNCQabBHGWI39L1gjxTYoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NDc4NTUwMDY4YmY3ODIyMDQwOGMyNWQ2MTJiYzJmYjAy
NDYwYzEwHhcNMjIxMjEzMTk0OTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTcyZGM2MzhiYWE3NDkyZjljOWUwN2I2YmI1YmMzZGNjYmJmY2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQ6GkJ/WwJAtXYMiUJQRJAZj2liO
Fsa21JarrQczFCk55GpCec5V6vhv+93j+8CWG+UKXQHwa+sJoMa7JEOruJ072ITq
mKf0WZ+cn0Uw/kDPhrGzzP1O09ab0m1tkMt9gmLi2FuQqoJBMVYEVvd3uZvIMn1P
miOeTeIBBsgYpS0DhSO9fT8aLShPv0zUeWtnG2cLtHMrpayWJTdZvK4sDcxe0yof
JPbwgh8Z9/gdT0YPqSnW5+jFfSsgXBHAhaHfJwK+PX3NahFO88DM9X6o+nwSeKEE
rAoCgjLltLHns3BjckJxhtGanxCtudRBK81lHVeMbO8sz7GV9veLFxzzYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNFy3GOLqnSS+cnge2u1vD3Mu/y5MB8GA1UdIwQY
MBaAFOdHhVAGi/eCIECMJdYSvC+wJGDBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTBlRlVBYUw5NElnUUl3bDFoSzhMN0FrWU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82MzU1MTEtNzFmMy00ZjU3LTkxMzkt
N2RhM2NkMjUzYmY2LzEvMFhMY1k0dXFkSkw1eWVCN2E3VzhQY3k3X0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82MzU1MTEtNzFmMy00ZjU3LTkxMzktN2RhM2NkMjUzYmY2
LzEvNTBlRlVBYUw5NElnUUl3bDFoSzhMN0FrWU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG2Y5AMA0G
CSqGSIb3DQEBCwUAA4IBAQBcQ/fsi9QUnow9IKB/AfEQ1rvmN79cpWBy4evbRDfQ
3LjapdNXDV/HSppNGv0OingNZ+EajeAGWVM5kx0bGxbned7f0cN8GqOnecn/9ytV
0l7td6ZeNxejK0FWga6QSevmtFcoxLW0gAvWuFiYXOAdtPRw5PpwZ3szafvpbAm6
tPBKqigpDi1AvfVjV6Ehpk9C2OeOtKY/PQK83nQKt8DSEjKK3/8VA7fF2sqBCqHn
Ebd9BHSz6AJMYjRGtVshUILTHLyet0sUF85VqhhRd2HJaVkPMhgtEjZGR4ll6QUm
Va8OfAC8nkVKMEykedH7fiyrZDNmBvXtyTG/0aTo5Hph
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:17 2024 by rpki-client on console-fra.rpki-client.org