Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/b9hAqdLA3TakoH5xfExeI459Hw0.roa
File: b9hAqdLA3TakoH5xfExeI459Hw0.roa (raw, json)
Hash identifier: bT8echs6D9FE5znZsab1XbR7ddOYZdsKkbbg0sj5WrE=
Subject key identifier: 6F:D8:40:A9:D2:C0:DD:36:A4:A0:7E:71:7C:4C:5E:23:8E:7D:1F:0D
Certificate issuer: /CN=e7478550068bf78220408c25d612bc2fb02460c1
Certificate serial: 01826985A8022E7C48F08A2F68144B8F4449
Authority key identifier: E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/b9hAqdLA3TakoH5xfExeI459Hw0.roa
Signing time: Thu 04 Aug 2022 15:42:23 +0000
ROA not before: Thu 04 Aug 2022 15:42:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21507
IP address blocks: 217.142.192.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:69:85:a8:02:2e:7c:48:f0:8a:2f:68:14:4b:8f:44:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7478550068bf78220408c25d612bc2fb02460c1
Validity
Not Before: Aug 4 15:42:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6fd840a9d2c0dd36a4a07e717c4c5e238e7d1f0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:43:36:79:16:93:23:4a:a5:07:f2:85:3a:07:
e7:54:12:be:2a:ed:52:1b:01:38:8d:23:89:01:d7:
24:f2:9a:75:86:8a:86:d4:ec:53:dd:8e:46:b4:6c:
f6:a1:7b:42:46:66:7f:88:4d:90:27:64:42:df:3c:
b6:4f:da:69:48:c0:9a:64:b2:0f:22:f2:88:90:72:
77:ad:24:53:64:6c:09:55:cc:4d:3f:05:61:b3:dc:
c7:46:7e:67:44:c4:9f:b3:63:c3:e9:a5:d4:ed:39:
4f:04:46:a9:33:46:13:b5:3b:92:ec:9b:62:0c:79:
ad:a6:3a:b1:b2:40:28:25:04:c6:dc:94:50:20:49:
af:27:3e:45:64:9f:ee:3f:59:39:d8:54:19:7b:d2:
ba:35:5e:51:19:5b:a6:7a:c3:26:15:70:00:7f:70:
06:ee:6f:1e:d4:c5:55:5b:e1:a8:4e:f8:79:27:7e:
7a:e8:50:66:65:33:36:e2:fc:f7:84:24:bb:1e:c7:
0e:8b:88:e5:d4:db:8d:d6:06:5b:79:76:1b:a3:b9:
29:64:7d:b8:6f:93:5f:0e:e7:45:a5:c6:f8:db:33:
c3:98:21:30:dc:e1:d7:ac:08:54:04:8a:da:e7:8e:
45:5e:a8:77:36:02:35:d5:c0:cb:e5:2a:64:f0:ea:
8f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D8:40:A9:D2:C0:DD:36:A4:A0:7E:71:7C:4C:5E:23:8E:7D:1F:0D
X509v3 Authority Key Identifier:
keyid:E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/b9hAqdLA3TakoH5xfExeI459Hw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/50eFUAaL94IgQIwl1hK8L7AkYME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.142.192.0/18
Signature Algorithm: sha256WithRSAEncryption
09:6b:58:07:8e:a1:8d:1f:98:9c:58:c3:85:75:e7:81:e2:34:
d4:e2:4b:31:71:60:03:60:03:9f:4f:cb:f6:b4:ef:88:eb:24:
b1:92:34:78:33:0d:c3:21:1e:f1:da:d8:37:82:3d:1c:46:e9:
b2:5e:6a:b4:bc:e0:44:d4:d1:b4:64:db:0d:61:39:66:46:09:
47:69:a3:71:ed:d6:92:89:74:0f:5a:33:81:90:31:92:e1:d8:
d8:f6:80:dd:c5:00:3f:a1:39:4c:49:66:1c:ea:04:fa:ec:2e:
7b:44:14:59:d4:c5:91:21:db:e9:24:bc:e1:0d:31:41:bb:c8:
00:e0:41:2d:75:1f:eb:54:35:3d:8b:4b:75:eb:8a:7b:81:60:
c6:be:e2:90:67:8c:1f:3f:c2:75:f9:5f:db:f7:d0:43:4b:ec:
d3:c0:7f:23:1a:73:81:c7:df:4b:44:74:42:83:f3:aa:22:4d:
78:0b:5a:e6:2a:69:fb:32:3e:8e:91:c6:13:ed:55:e3:e6:40:
5b:8e:f2:c2:6a:2b:83:f4:4a:49:3a:b8:05:99:6f:9b:67:ea:
ed:89:88:ff:6a:04:58:c5:8b:5f:be:4f:3b:d2:a5:4c:6c:b4:
ab:2c:a4:40:b6:9c:61:64:5b:1e:2e:46:bb:92:4f:12:a2:e4:
97:9d:8c:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJphagCLnxI8IovaBRLj0RJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NDc4NTUwMDY4YmY3ODIyMDQwOGMyNWQ2MTJiYzJmYjAy
NDYwYzEwHhcNMjIwODA0MTU0MjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmQ4NDBhOWQyYzBkZDM2YTRhMDdlNzE3YzRjNWUyMzhlN2QxZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0M2eRaTI0qlB/KFOgfnVBK+Ku1S
GwE4jSOJAdck8pp1hoqG1OxT3Y5GtGz2oXtCRmZ/iE2QJ2RC3zy2T9ppSMCaZLIP
IvKIkHJ3rSRTZGwJVcxNPwVhs9zHRn5nRMSfs2PD6aXU7TlPBEapM0YTtTuS7Jti
DHmtpjqxskAoJQTG3JRQIEmvJz5FZJ/uP1k52FQZe9K6NV5RGVumesMmFXAAf3AG
7m8e1MVVW+GoTvh5J3566FBmZTM24vz3hCS7HscOi4jl1NuN1gZbeXYbo7kpZH24
b5NfDudFpcb42zPDmCEw3OHXrAhUBIra545FXqh3NgI11cDL5Spk8OqPOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG/YQKnSwN02pKB+cXxMXiOOfR8NMB8GA1UdIwQY
MBaAFOdHhVAGi/eCIECMJdYSvC+wJGDBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTBlRlVBYUw5NElnUUl3bDFoSzhMN0FrWU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82MzU1MTEtNzFmMy00ZjU3LTkxMzkt
N2RhM2NkMjUzYmY2LzEvYjloQXFkTEEzVGFrb0g1eGZFeGVJNDU5SHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82MzU1MTEtNzFmMy00ZjU3LTkxMzktN2RhM2NkMjUzYmY2
LzEvNTBlRlVBYUw5NElnUUl3bDFoSzhMN0FrWU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG2Y7AMA0G
CSqGSIb3DQEBCwUAA4IBAQAJa1gHjqGNH5icWMOFdeeB4jTU4ksxcWADYAOfT8v2
tO+I6ySxkjR4Mw3DIR7x2tg3gj0cRumyXmq0vOBE1NG0ZNsNYTlmRglHaaNx7daS
iXQPWjOBkDGS4djY9oDdxQA/oTlMSWYc6gT67C57RBRZ1MWRIdvpJLzhDTFBu8gA
4EEtdR/rVDU9i0t164p7gWDGvuKQZ4wfP8J1+V/b99BDS+zTwH8jGnOBx99LRHRC
g/OqIk14C1rmKmn7Mj6OkcYT7VXj5kBbjvLCaiuD9EpJOrgFmW+bZ+rtiYj/agRY
xYtfvk870qVMbLSrLKRAtpxhZFseLka7kk8SouSXnYw1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:00 2023 by rpki-client on console-ams.rpki-client.org