Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/psjh8Ce4B3Yi5xq794eNdLHbL_Y.roa
File: psjh8Ce4B3Yi5xq794eNdLHbL_Y.roa (raw, json)
Hash identifier: frcYg7w1xEs9EFsp1xMcKN5wUssTbDX2YfaJyzwBcAg=
Subject key identifier: A6:C8:E1:F0:27:B8:07:76:22:E7:1A:BB:F7:87:8D:74:B1:DB:2F:F6
Certificate issuer: /CN=e7478550068bf78220408c25d612bc2fb02460c1
Certificate serial: 95E42E
Authority key identifier: E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/psjh8Ce4B3Yi5xq794eNdLHbL_Y.roa
Signing time: Wed 20 Apr 2022 12:31:38 +0000
ROA not before: Wed 20 Apr 2022 12:31:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16253
IP address blocks: 217.142.0.0/16 maxlen: 16
2a03:f0c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9823278 (0x95e42e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7478550068bf78220408c25d612bc2fb02460c1
Validity
Not Before: Apr 20 12:31:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6c8e1f027b8077622e71abbf7878d74b1db2ff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:81:8b:0c:b5:56:8a:52:5d:1e:08:3d:b2:7f:
41:17:c1:c4:51:2b:79:e6:95:7c:d5:15:4b:7d:4c:
e2:6c:52:5c:ae:d0:46:b5:9b:d7:e7:39:67:7e:b7:
02:53:97:04:85:bb:90:e1:97:5b:f0:dd:3b:2a:0d:
ee:c3:b8:d9:18:e2:ce:19:a6:8e:df:73:88:81:c1:
06:52:0d:46:62:68:78:00:ae:ff:61:47:90:80:bd:
7d:d0:18:df:38:3a:4a:d7:e4:01:73:b4:02:97:f3:
1e:4e:20:d0:f7:b4:99:6c:51:7b:a4:15:25:3d:9c:
0a:38:1a:d3:32:8a:01:1c:df:84:90:46:af:82:36:
54:d9:3f:e3:0a:3f:ab:24:14:3b:cd:21:32:13:f9:
3c:68:91:06:db:64:a5:56:9c:fd:5e:9f:3c:42:44:
23:22:15:17:23:24:7f:89:e2:47:fb:3a:fa:90:be:
7f:2f:f1:d9:df:7e:3a:75:b1:29:d5:bd:7b:68:ec:
5b:14:e5:c6:cc:22:64:e3:75:67:63:21:fd:67:0d:
d1:18:c3:62:8a:c6:1b:12:e6:6d:24:38:d0:95:c5:
14:dc:bd:ff:7f:64:a3:94:72:34:e6:21:ab:60:35:
c1:bb:a8:2f:c8:a3:d3:65:65:35:91:a8:0e:9a:c0:
fc:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:C8:E1:F0:27:B8:07:76:22:E7:1A:BB:F7:87:8D:74:B1:DB:2F:F6
X509v3 Authority Key Identifier:
keyid:E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/psjh8Ce4B3Yi5xq794eNdLHbL_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/50eFUAaL94IgQIwl1hK8L7AkYME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.142.0.0/16
IPv6:
2a03:f0c0::/32
Signature Algorithm: sha256WithRSAEncryption
0b:b7:f7:0a:9f:25:1c:03:13:e6:ee:d1:f0:8c:20:1e:a7:44:
e0:40:f6:8d:88:e2:c3:7b:af:52:3a:88:28:57:1a:2e:44:d1:
06:ec:a1:a8:e3:88:b6:b1:9a:b9:b7:bb:69:b4:9a:ba:7c:04:
c4:cf:1c:ac:64:dc:c0:66:b7:23:96:19:cf:93:42:b3:c6:1e:
6c:17:00:8e:0e:57:83:89:86:ed:f7:88:9f:e2:ba:b6:c0:c8:
53:94:6e:90:2c:c4:7f:38:df:17:24:ca:94:25:46:48:9e:d6:
cf:88:57:c9:86:d2:ce:96:75:78:4f:f6:ba:ba:88:fe:24:53:
ed:9b:32:1f:48:8e:12:2b:15:cf:21:20:10:0a:c3:4f:2b:9e:
b0:13:68:99:77:c7:2a:42:73:e3:94:ad:65:18:3e:4c:aa:df:
de:2d:b0:d7:61:d1:76:c4:05:c3:f9:aa:fb:71:eb:94:e1:4c:
61:c3:03:76:e8:64:a3:bc:55:f9:9f:5e:bc:d1:16:bf:58:f7:
1e:e6:98:8c:4a:b5:ec:88:b5:8b:63:8d:6d:da:ab:3d:a1:05:
1a:73:00:aa:1c:22:98:be:bc:e6:bb:8c:f3:04:23:52:b8:6e:
89:7f:8d:d8:8d:02:a9:ef:ca:b5:d2:5a:2d:63:be:83:83:2b:
f2:fc:e2:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEAJXkLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NzQ3ODU1MDA2OGJmNzgyMjA0MDhjMjVkNjEyYmMyZmIwMjQ2MGMxMB4XDTIyMDQy
MDEyMzEzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTZjOGUxZjAyN2I4
MDc3NjIyZTcxYWJiZjc4NzhkNzRiMWRiMmZmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOWBiwy1VopSXR4IPbJ/QRfBxFEreeaVfNUVS31M4mxSXK7Q
RrWb1+c5Z363AlOXBIW7kOGXW/DdOyoN7sO42Rjizhmmjt9ziIHBBlINRmJoeACu
/2FHkIC9fdAY3zg6StfkAXO0ApfzHk4g0Pe0mWxRe6QVJT2cCjga0zKKARzfhJBG
r4I2VNk/4wo/qyQUO80hMhP5PGiRBttkpVac/V6fPEJEIyIVFyMkf4niR/s6+pC+
fy/x2d9+OnWxKdW9e2jsWxTlxswiZON1Z2Mh/WcN0RjDYorGGxLmbSQ40JXFFNy9
/39ko5RyNOYhq2A1wbuoL8ij02VlNZGoDprA/KkCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBSmyOHwJ7gHdiLnGrv3h410sdsv9jAfBgNVHSMEGDAWgBTnR4VQBov3giBA
jCXWErwvsCRgwTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzUwZUZVQWFMOTRJZ1FJd2wxaEs4TDdBa1lNRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvNjM1NTExLTcxZjMtNGY1Ny05MTM5LTdkYTNjZDI1M2JmNi8x
L3Bzamg4Q2U0QjNZaTV4cTc5NGVOZExIYkxfWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
NjM1NTExLTcxZjMtNGY1Ny05MTM5LTdkYTNjZDI1M2JmNi8xLzUwZUZVQWFMOTRJ
Z1FJd2wxaEs4TDdBa1lNRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwCwQCAAEwBQMDANmOMA0EAgACMAcDBQAqA/DAMA0G
CSqGSIb3DQEBCwUAA4IBAQALt/cKnyUcAxPm7tHwjCAep0TgQPaNiOLDe69SOogo
VxouRNEG7KGo44i2sZq5t7tptJq6fATEzxysZNzAZrcjlhnPk0Kzxh5sFwCODleD
iYbt94if4rq2wMhTlG6QLMR/ON8XJMqUJUZIntbPiFfJhtLOlnV4T/a6uoj+JFPt
mzIfSI4SKxXPISAQCsNPK56wE2iZd8cqQnPjlK1lGD5Mqt/eLbDXYdF2xAXD+ar7
ceuU4UxhwwN26GSjvFX5n1680Ra/WPce5piMSrXsiLWLY41t2qs9oQUacwCqHCKY
vrzmu4zzBCNSuG6Jf43YjQKp78q10lotY76Dgyvy/OK7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:00 2023 by rpki-client on console-ams.rpki-client.org