Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/1-A8n8uJHDSJKBECoOc_Kk5-2C7A.roa
File: 1-A8n8uJHDSJKBECoOc_Kk5-2C7A.roa (raw, json)
Hash identifier: 10B+HU3bWMkBl7Q1R5hSkTsYw+kPzXBpfn/3M89l878=
Subject key identifier: F8:0F:27:F2:E2:47:0D:22:4A:04:40:A8:39:CF:CA:93:9F:B6:0B:B0
Certificate issuer: /CN=e7478550068bf78220408c25d612bc2fb02460c1
Certificate serial: 018718E2C31A67288931909FF604FCCB8BAF
Authority key identifier: E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/1-A8n8uJHDSJKBECoOc_Kk5-2C7A.roa
Signing time: Sat 25 Mar 2023 13:08:46 +0000
ROA not before: Sat 25 Mar 2023 13:08:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21507
IP address blocks: 217.142.128.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:18:e2:c3:1a:67:28:89:31:90:9f:f6:04:fc:cb:8b:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7478550068bf78220408c25d612bc2fb02460c1
Validity
Not Before: Mar 25 13:08:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f80f27f2e2470d224a0440a839cfca939fb60bb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:5b:52:bf:2e:b2:7f:5a:22:f9:97:82:06:04:
9c:a3:fc:47:c2:15:04:1a:a8:d6:5c:56:e4:2c:b4:
9f:98:bb:59:db:ed:41:df:aa:0c:a0:08:df:4d:ba:
5c:10:0c:2a:9a:9a:86:d8:88:0b:9d:87:99:bc:d8:
77:8d:10:93:01:f5:53:65:dd:ff:4a:47:cc:a0:1f:
66:0d:7d:8b:2b:32:15:d9:34:a8:99:f8:61:b9:3c:
31:5c:f0:88:71:1d:2b:72:93:6e:93:a4:c8:3b:a5:
b6:c6:c6:78:e7:09:9b:e5:2a:98:b5:d0:e6:88:a9:
91:87:b0:da:d4:e5:2d:6c:aa:8c:9a:ad:b3:8e:c9:
5a:de:9f:93:72:d2:7b:27:96:f0:18:48:0e:51:e5:
d0:66:ba:ad:d4:e6:a5:96:68:8c:4c:00:21:25:98:
f5:67:3a:0b:df:d2:17:f0:f0:2f:ab:17:92:9d:5e:
9d:0d:8d:a7:55:b0:04:fe:03:43:7a:fa:e0:82:e7:
88:8e:b1:ea:8a:3c:39:c2:8c:3d:c6:90:9e:7b:84:
f4:f8:42:99:65:3c:83:ab:d1:09:19:cd:5b:e5:63:
a1:1e:19:f2:2d:23:4a:b7:c0:c4:2a:03:1e:ad:d2:
7f:cb:80:ed:6e:c2:5e:6e:e3:ca:22:a4:af:25:81:
a6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:0F:27:F2:E2:47:0D:22:4A:04:40:A8:39:CF:CA:93:9F:B6:0B:B0
X509v3 Authority Key Identifier:
keyid:E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/1-A8n8uJHDSJKBECoOc_Kk5-2C7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/50eFUAaL94IgQIwl1hK8L7AkYME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.142.128.0/18
Signature Algorithm: sha256WithRSAEncryption
5f:68:0f:4c:a8:6f:58:4e:66:33:37:20:be:dd:00:cd:8f:76:
a4:18:81:36:11:ad:10:6a:96:0e:a9:1c:80:d3:cb:96:92:82:
bf:1f:ec:5c:f6:e8:84:69:32:95:67:1b:bd:97:6e:93:a1:80:
e2:ce:39:15:85:01:c4:ee:df:b5:1b:e2:98:b7:53:d8:23:c2:
ae:ac:1f:df:88:24:7e:9c:87:fd:43:82:1a:5f:fb:e4:1c:15:
a7:dc:79:cf:02:12:c4:98:4d:17:1b:df:63:02:ac:b6:08:3b:
8b:12:4d:54:0e:ad:4b:f3:53:4d:ea:f2:32:6a:76:9d:af:f2:
9f:f7:7f:9a:42:b8:fb:eb:9f:19:63:de:ea:35:b9:08:04:0f:
f8:4a:15:28:ed:23:89:11:8f:62:6f:29:1c:53:2e:1f:dc:ba:
88:82:d0:5d:34:23:2c:7a:e6:66:4a:10:e4:5b:ae:50:71:72:
09:ea:59:52:8a:5a:5b:a1:cb:3b:ae:e9:c9:e7:11:93:26:f3:
d8:cb:e9:5e:6c:6b:c3:34:3b:93:6c:28:45:53:40:b2:20:11:
f8:5f:71:d8:39:73:99:bb:f4:07:8d:a9:05:3a:af:6d:96:c0:
43:ab:a6:c6:e0:ef:b7:bb:53:ba:b4:65:a7:3a:2c:a1:51:2a:
af:f9:85:d0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYcY4sMaZyiJMZCf9gT8y4uvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NDc4NTUwMDY4YmY3ODIyMDQwOGMyNWQ2MTJiYzJmYjAy
NDYwYzEwHhcNMjMwMzI1MTMwODQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODBmMjdmMmUyNDcwZDIyNGEwNDQwYTgzOWNmY2E5MzlmYjYwYmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVtSvy6yf1oi+ZeCBgSco/xHwhUE
GqjWXFbkLLSfmLtZ2+1B36oMoAjfTbpcEAwqmpqG2IgLnYeZvNh3jRCTAfVTZd3/
SkfMoB9mDX2LKzIV2TSomfhhuTwxXPCIcR0rcpNuk6TIO6W2xsZ45wmb5SqYtdDm
iKmRh7Da1OUtbKqMmq2zjsla3p+TctJ7J5bwGEgOUeXQZrqt1OallmiMTAAhJZj1
ZzoL39IX8PAvqxeSnV6dDY2nVbAE/gNDevrggueIjrHqijw5wow9xpCee4T0+EKZ
ZTyDq9EJGc1b5WOhHhnyLSNKt8DEKgMerdJ/y4DtbsJebuPKIqSvJYGmgwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPgPJ/LiRw0iSgRAqDnPypOftguwMB8GA1UdIwQY
MBaAFOdHhVAGi/eCIECMJdYSvC+wJGDBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTBlRlVBYUw5NElnUUl3bDFoSzhMN0FrWU1FLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82MzU1MTEtNzFmMy00ZjU3LTkxMzkt
N2RhM2NkMjUzYmY2LzEvMS1BOG44dUpIRFNKS0JFQ29PY19LazUtMkM3QS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjIvNjM1NTExLTcxZjMtNGY1Ny05MTM5LTdkYTNjZDI1M2Jm
Ni8xLzUwZUZVQWFMOTRJZ1FJd2wxaEs4TDdBa1lNRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtmOgDAN
BgkqhkiG9w0BAQsFAAOCAQEAX2gPTKhvWE5mMzcgvt0AzY92pBiBNhGtEGqWDqkc
gNPLlpKCvx/sXPbohGkylWcbvZduk6GA4s45FYUBxO7ftRvimLdT2CPCrqwf34gk
fpyH/UOCGl/75BwVp9x5zwISxJhNFxvfYwKstgg7ixJNVA6tS/NTTeryMmp2na/y
n/d/mkK4++ufGWPe6jW5CAQP+EoVKO0jiRGPYm8pHFMuH9y6iILQXTQjLHrmZkoQ
5FuuUHFyCepZUopaW6HLO67pyecRkybz2MvpXmxrwzQ7k2woRVNAsiAR+F9x2Dlz
mbv0B42pBTqvbZbAQ6umxuDvt7tTurRlpzosoVEqr/mF0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:17 2024 by rpki-client on console-fra.rpki-client.org