Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/xuJ_5cFe0n_11ROrUm0yyxs8OfE.roa
File: xuJ_5cFe0n_11ROrUm0yyxs8OfE.roa (raw, json)
Hash identifier: 0Ba+r1oXnYU6a4T4sFZO7lUagrW8JBqeDWQfTqpPjSA=
Subject key identifier: C6:E2:7F:E5:C1:5E:D2:7F:F5:D5:13:AB:52:6D:32:CB:1B:3C:39:F1
Certificate issuer: /CN=e7478550068bf78220408c25d612bc2fb02460c1
Certificate serial: 01850D029D74238A991BD75110555EF8CF20
Authority key identifier: E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/xuJ_5cFe0n_11ROrUm0yyxs8OfE.roa
Signing time: Tue 13 Dec 2022 19:42:33 +0000
ROA not before: Tue 13 Dec 2022 19:42:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16253
IP address blocks: 217.142.0.0/18 maxlen: 18
217.142.128.0/18 maxlen: 18
2a03:f0c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0d:02:9d:74:23:8a:99:1b:d7:51:10:55:5e:f8:cf:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7478550068bf78220408c25d612bc2fb02460c1
Validity
Not Before: Dec 13 19:42:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6e27fe5c15ed27ff5d513ab526d32cb1b3c39f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:de:79:6f:44:61:7e:ba:6d:aa:36:a3:ed:51:
bb:61:8a:5f:d4:91:25:5d:1d:70:7f:dc:94:d2:d7:
b2:63:2a:f2:0f:aa:24:c2:d8:b7:68:b8:21:2c:a9:
af:ce:06:0c:40:58:83:0a:65:f0:4e:91:9e:ad:87:
c9:dc:f0:eb:45:23:65:8b:00:48:9b:36:ae:e9:99:
76:c7:7e:b0:69:32:f3:d7:3c:59:d8:c0:2a:e5:37:
40:6e:ac:46:3e:22:d4:33:8c:af:f9:5e:26:43:f7:
7f:52:01:a4:9f:4d:08:f9:52:8b:67:02:64:cc:24:
e8:58:7b:c5:dc:7e:08:f8:7a:90:7e:c9:f2:5c:34:
7b:5a:08:42:99:d7:53:78:1b:b3:92:24:52:69:1e:
a7:be:99:e4:d7:69:14:31:b2:e0:c9:ea:9e:c0:07:
7c:ad:1e:61:0f:ff:32:c9:a0:e2:2e:d4:45:5c:55:
c3:e3:55:55:ee:03:8f:da:4c:52:08:a7:5f:22:db:
d7:8f:fb:91:e5:9e:b9:84:5f:b1:c9:d1:a3:09:1e:
d9:75:81:b8:35:57:a3:17:4c:3f:74:c4:71:7b:27:
89:9d:0c:01:41:5c:7b:6d:47:be:8a:f6:66:5a:24:
00:26:63:3d:b2:6f:8f:43:1a:5d:7a:c9:64:41:7d:
c4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:E2:7F:E5:C1:5E:D2:7F:F5:D5:13:AB:52:6D:32:CB:1B:3C:39:F1
X509v3 Authority Key Identifier:
keyid:E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/xuJ_5cFe0n_11ROrUm0yyxs8OfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/50eFUAaL94IgQIwl1hK8L7AkYME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.142.0.0/18
217.142.128.0/18
IPv6:
2a03:f0c0::/32
Signature Algorithm: sha256WithRSAEncryption
7b:8d:65:59:34:33:3b:49:56:cc:a9:e7:9d:ba:19:28:68:f3:
d4:54:50:4e:80:17:00:f6:8a:ca:43:cf:95:27:48:8a:42:84:
54:aa:f2:5f:2c:6e:23:a0:6d:48:5d:01:b5:70:6d:21:9e:e9:
80:08:02:be:9f:fe:9a:dc:6d:96:b5:87:f7:13:d6:a3:27:c0:
70:e7:ca:55:df:76:22:4c:cc:f1:5e:32:4b:ac:0d:0e:f4:2a:
dc:1b:ba:8f:dd:47:eb:89:a0:97:6b:54:b2:02:e1:3f:bb:fd:
0f:e0:b0:80:6b:63:20:3f:80:33:d3:e7:02:b4:6f:ad:52:5c:
43:88:d5:27:e5:71:af:4a:e8:e9:ef:81:03:53:6a:46:38:cd:
ef:ba:cb:21:ae:c4:5c:e0:be:5f:36:43:28:d3:58:90:d0:ec:
81:cd:b7:a2:d9:6a:d3:68:b8:86:ae:f2:e9:98:41:aa:25:20:
c4:95:ea:14:ba:fa:5c:be:81:bc:c2:e1:7e:1e:33:8a:5e:d2:
45:fa:d5:47:74:a0:49:b1:0c:2c:82:4a:c7:a5:f5:bb:c1:75:
79:84:bc:c8:98:ac:43:68:e7:33:cf:65:f2:17:b3:88:36:88:
77:cc:d9:bf:04:15:de:5c:07:02:ad:a7:67:85:38:e7:8f:a3:
3c:c5:a7:61
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYUNAp10I4qZG9dREFVe+M8gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NDc4NTUwMDY4YmY3ODIyMDQwOGMyNWQ2MTJiYzJmYjAy
NDYwYzEwHhcNMjIxMjEzMTk0MjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmUyN2ZlNWMxNWVkMjdmZjVkNTEzYWI1MjZkMzJjYjFiM2MzOWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjd55b0Rhfrptqjaj7VG7YYpf1JEl
XR1wf9yU0teyYyryD6okwti3aLghLKmvzgYMQFiDCmXwTpGerYfJ3PDrRSNliwBI
mzau6Zl2x36waTLz1zxZ2MAq5TdAbqxGPiLUM4yv+V4mQ/d/UgGkn00I+VKLZwJk
zCToWHvF3H4I+HqQfsnyXDR7WghCmddTeBuzkiRSaR6nvpnk12kUMbLgyeqewAd8
rR5hD/8yyaDiLtRFXFXD41VV7gOP2kxSCKdfItvXj/uR5Z65hF+xydGjCR7ZdYG4
NVejF0w/dMRxeyeJnQwBQVx7bUe+ivZmWiQAJmM9sm+PQxpdeslkQX3EnQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMbif+XBXtJ/9dUTq1JtMssbPDnxMB8GA1UdIwQY
MBaAFOdHhVAGi/eCIECMJdYSvC+wJGDBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTBlRlVBYUw5NElnUUl3bDFoSzhMN0FrWU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82MzU1MTEtNzFmMy00ZjU3LTkxMzkt
N2RhM2NkMjUzYmY2LzEveHVKXzVjRmUwbl8xMVJPclVtMHl5eHM4T2ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82MzU1MTEtNzFmMy00ZjU3LTkxMzktN2RhM2NkMjUzYmY2
LzEvNTBlRlVBYUw5NElnUUl3bDFoSzhMN0FrWU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQG2Y4AAwQG
2Y6AMA0EAgACMAcDBQAqA/DAMA0GCSqGSIb3DQEBCwUAA4IBAQB7jWVZNDM7SVbM
qeeduhkoaPPUVFBOgBcA9orKQ8+VJ0iKQoRUqvJfLG4joG1IXQG1cG0hnumACAK+
n/6a3G2WtYf3E9ajJ8Bw58pV33YiTMzxXjJLrA0O9CrcG7qP3UfriaCXa1SyAuE/
u/0P4LCAa2MgP4Az0+cCtG+tUlxDiNUn5XGvSujp74EDU2pGOM3vusshrsRc4L5f
NkMo01iQ0OyBzbei2WrTaLiGrvLpmEGqJSDEleoUuvpcvoG8wuF+HjOKXtJF+tVH
dKBJsQwsgkrHpfW7wXV5hLzImKxDaOczz2XyF7OINoh3zNm/BBXeXAcCradnhTjn
j6M8xadh
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:01 2023 by rpki-client on console-ams.rpki-client.org