Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/NnV1V4juKTCdBtBJRVYJwXbA-yE.roa
File: NnV1V4juKTCdBtBJRVYJwXbA-yE.roa (raw, json)
Hash identifier: 52WebhT/9/L09N0OfCkIEaUPFBy+D3mlGYHaI8LZmnw=
Subject key identifier: 36:75:75:57:88:EE:29:30:9D:06:D0:49:45:56:09:C1:76:C0:FB:21
Certificate issuer: /CN=e7478550068bf78220408c25d612bc2fb02460c1
Certificate serial: 029DFB
Authority key identifier: E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/NnV1V4juKTCdBtBJRVYJwXbA-yE.roa
Signing time: Fri 18 Feb 2022 13:31:03 +0000
ROA not before: Fri 18 Feb 2022 13:31:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 11151
IP address blocks: 217.143.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171515 (0x29dfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7478550068bf78220408c25d612bc2fb02460c1
Validity
Not Before: Feb 18 13:31:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3675755788ee29309d06d049455609c176c0fb21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:62:a2:e2:40:23:6a:94:14:11:c0:f0:cc:68:
5c:25:0e:0b:4a:6a:32:89:ac:45:15:ec:d1:5e:ba:
75:3b:45:6f:04:fa:0f:7d:70:d1:e2:69:e4:54:34:
0a:d9:5e:2a:ee:b3:b3:39:57:0f:1a:38:b1:4f:ee:
68:b2:b3:0f:ad:d7:65:36:43:8a:d3:76:15:b2:c3:
62:f5:2f:21:86:e2:48:ff:c7:a9:57:14:e5:cf:2e:
bb:fb:4c:0c:ec:f0:fc:fb:bd:f8:04:fb:06:a8:51:
c3:1a:9e:79:8f:86:06:1d:8e:0e:86:bf:3a:6c:40:
c1:74:09:86:3f:79:41:0b:55:35:51:61:5e:68:00:
c0:5a:d1:c6:42:19:dc:3c:8f:44:f8:35:5b:18:97:
ab:96:45:64:8d:b2:50:e2:7a:d0:67:a6:c0:b4:75:
23:1d:b1:95:b1:24:9e:c8:79:39:d6:1d:1a:52:eb:
b1:ec:d4:f8:8e:65:fe:0e:53:b8:95:d2:c1:7a:fd:
6a:19:56:50:c4:15:4d:2e:96:8b:d5:06:e2:3a:ee:
82:da:5f:4c:96:8f:9a:5c:7d:cb:d8:6c:ea:44:c0:
0b:c8:3c:f7:7e:3e:e2:77:be:f3:08:23:ff:13:af:
95:94:1b:6c:3d:bf:8a:e1:66:43:ab:3f:d2:a7:9c:
5e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:75:75:57:88:EE:29:30:9D:06:D0:49:45:56:09:C1:76:C0:FB:21
X509v3 Authority Key Identifier:
keyid:E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/NnV1V4juKTCdBtBJRVYJwXbA-yE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/50eFUAaL94IgQIwl1hK8L7AkYME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.143.0.0/16
Signature Algorithm: sha256WithRSAEncryption
36:7d:3d:95:d4:54:3b:f9:fd:74:ba:72:b3:57:5a:a8:5e:2d:
7f:ba:0b:bc:3b:47:37:a6:e6:d3:8c:78:18:1c:5f:df:5a:5d:
5c:c0:df:64:83:88:38:1a:a9:ef:fa:f8:bf:a3:49:5c:d7:b5:
4a:8a:14:43:54:6a:b0:c5:69:35:18:43:02:8e:2d:39:17:13:
b0:a0:eb:2a:fc:79:a2:77:49:42:e4:39:73:38:b8:f7:27:59:
e0:20:3d:6e:d0:8c:9e:44:75:4e:d9:a5:52:bc:87:8c:e1:69:
2c:84:22:eb:f5:08:c6:8b:fb:c6:d9:f0:10:e9:ed:02:28:00:
d7:86:e3:37:8e:c4:d0:ac:27:1e:a7:48:4b:4f:f0:60:bf:02:
93:c6:04:f8:74:d2:b5:74:2a:ad:86:57:ca:d5:7c:17:a7:10:
88:58:50:e2:76:f4:27:a9:57:a0:c6:5d:65:a8:60:4c:a0:99:
d1:52:8a:79:fe:c3:f8:07:e8:e8:6c:dc:4f:3a:d6:f2:a4:09:
23:09:6f:c9:60:34:c7:1d:17:5c:f2:37:52:ae:e1:b5:82:b8:
6b:fe:43:82:e1:5a:10:e0:e4:46:89:cc:47:1e:55:a8:7e:4f:
c8:f4:e4:8d:51:00:2c:e1:30:d6:bb:eb:a1:3c:47:bc:b3:ca:
11:e0:10:35
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgIDAp37MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGU3
NDc4NTUwMDY4YmY3ODIyMDQwOGMyNWQ2MTJiYzJmYjAyNDYwYzEwHhcNMjIwMjE4
MTMzMTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzNjc1NzU1Nzg4ZWUy
OTMwOWQwNmQwNDk0NTU2MDljMTc2YzBmYjIxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqmKi4kAjapQUEcDwzGhcJQ4LSmoyiaxFFezRXrp1O0VvBPoP
fXDR4mnkVDQK2V4q7rOzOVcPGjixT+5osrMPrddlNkOK03YVssNi9S8hhuJI/8ep
VxTlzy67+0wM7PD8+734BPsGqFHDGp55j4YGHY4Ohr86bEDBdAmGP3lBC1U1UWFe
aADAWtHGQhncPI9E+DVbGJerlkVkjbJQ4nrQZ6bAtHUjHbGVsSSeyHk51h0aUuux
7NT4jmX+DlO4ldLBev1qGVZQxBVNLpaL1QbiOu6C2l9Mlo+aXH3L2GzqRMALyDz3
fj7id77zCCP/E6+VlBtsPb+K4WZDqz/Sp5xeRQIDAQABo4ICCDCCAgQwHQYDVR0O
BBYEFDZ1dVeI7ikwnQbQSUVWCcF2wPshMB8GA1UdIwQYMBaAFOdHhVAGi/eCIECM
JdYSvC+wJGDBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NTBlRlVBYUw5NElnUUl3bDFoSzhMN0FrWU1FLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yMi82MzU1MTEtNzFmMy00ZjU3LTkxMzktN2RhM2NkMjUzYmY2LzEv
Tm5WMVY0anVLVENkQnRCSlJWWUp3WGJBLXlFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82
MzU1MTEtNzFmMy00ZjU3LTkxMzktN2RhM2NkMjUzYmY2LzEvNTBlRlVBYUw5NEln
UUl3bDFoSzhMN0FrWU1FLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4G
CCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA2Y8wDQYJKoZIhvcNAQELBQADggEB
ADZ9PZXUVDv5/XS6crNXWqheLX+6C7w7Rzem5tOMeBgcX99aXVzA32SDiDgaqe/6
+L+jSVzXtUqKFENUarDFaTUYQwKOLTkXE7Cg6yr8eaJ3SULkOXM4uPcnWeAgPW7Q
jJ5EdU7ZpVK8h4zhaSyEIuv1CMaL+8bZ8BDp7QIoANeG4zeOxNCsJx6nSEtP8GC/
ApPGBPh00rV0Kq2GV8rVfBenEIhYUOJ29CepV6DGXWWoYEygmdFSinn+w/gH6Ohs
3E861vKkCSMJb8lgNMcdF1zyN1Ku4bWCuGv+Q4LhWhDg5EaJzEceVah+T8j05I1R
ACzhMNa766E8R7yzyhHgEDU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:17 2024 by rpki-client on console-fra.rpki-client.org