Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/db5651-95f1-47c1-acf0-eafca5854257/1/g8GKVUQ5IDmYyVRd9uJofyOdQOk.roa
File: g8GKVUQ5IDmYyVRd9uJofyOdQOk.roa (raw, json)
Hash identifier: bWLGTg9B4aEE/DjjDhHkfe+URLuZxeE78c/78YSlvOQ=
Subject key identifier: 83:C1:8A:55:44:39:20:39:98:C9:54:5D:F6:E2:68:7F:23:9D:40:E9
Certificate issuer: /CN=ff994630fc74556ce508026870901545fb7b04cd
Certificate serial: 0184320DF4EAB4D282C6A87F9248515BF5E6
Authority key identifier: FF:99:46:30:FC:74:55:6C:E5:08:02:68:70:90:15:45:FB:7B:04:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_5lGMPx0VWzlCAJocJAVRft7BM0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/db5651-95f1-47c1-acf0-eafca5854257/1/g8GKVUQ5IDmYyVRd9uJofyOdQOk.roa
Signing time: Tue 01 Nov 2022 07:18:06 +0000
ROA not before: Tue 01 Nov 2022 07:18:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16360
IP address blocks: 217.159.0.0/17 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:32:0d:f4:ea:b4:d2:82:c6:a8:7f:92:48:51:5b:f5:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff994630fc74556ce508026870901545fb7b04cd
Validity
Not Before: Nov 1 07:18:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=83c18a554439203998c9545df6e2687f239d40e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:02:c4:cd:f7:66:ea:27:be:8f:33:9f:5a:44:
70:8c:14:5f:28:54:de:1b:7d:a8:5b:ca:03:a9:c8:
4d:0f:06:94:96:8c:ed:45:67:0d:12:b1:9e:6f:50:
a2:e6:a7:25:5c:77:78:09:db:45:9e:3e:3e:43:5e:
38:71:66:cd:6d:49:4b:97:c5:14:ee:95:48:1c:f8:
5e:58:c1:80:05:ef:cc:e3:7c:5a:39:43:5a:da:a6:
aa:8f:50:2b:86:94:6c:52:54:10:bc:6d:6e:76:86:
09:3a:ec:0f:62:b0:f7:00:e0:1d:98:4f:d4:62:d5:
41:2a:2f:d3:72:9e:a0:31:6b:dc:af:19:36:d5:5e:
ae:81:38:d9:c6:02:56:9a:10:cb:80:ff:9b:ba:34:
72:39:90:75:d7:d1:7e:2f:98:0c:a4:2b:81:67:cc:
a7:44:cb:f7:44:9e:ac:a2:98:17:46:47:35:87:7b:
25:38:71:12:6e:58:2b:f5:57:ac:76:6c:ac:b5:bd:
ea:8b:19:59:d1:70:7a:b0:84:77:e5:74:26:ff:c6:
ce:2a:08:ff:6d:3a:09:7f:4f:5b:d1:ab:af:84:39:
09:32:92:99:e1:c2:75:db:08:12:c8:36:71:76:b5:
7e:a8:69:45:a4:2b:c8:de:b8:8e:c5:49:ce:65:93:
8c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:C1:8A:55:44:39:20:39:98:C9:54:5D:F6:E2:68:7F:23:9D:40:E9
X509v3 Authority Key Identifier:
keyid:FF:99:46:30:FC:74:55:6C:E5:08:02:68:70:90:15:45:FB:7B:04:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_5lGMPx0VWzlCAJocJAVRft7BM0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/db5651-95f1-47c1-acf0-eafca5854257/1/g8GKVUQ5IDmYyVRd9uJofyOdQOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/db5651-95f1-47c1-acf0-eafca5854257/1/_5lGMPx0VWzlCAJocJAVRft7BM0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.159.0.0/17
Signature Algorithm: sha256WithRSAEncryption
c6:c0:3b:e9:ce:59:a0:51:74:f9:0b:9d:bc:0d:0e:26:9c:20:
ba:8c:32:e1:f3:3b:5a:b2:0c:b6:ba:83:4a:33:8f:78:c5:85:
a1:d4:fe:18:6a:88:11:4b:dd:c5:f2:86:32:87:8e:96:f5:65:
a5:5d:31:b5:10:df:5b:f7:1f:52:a8:d5:5b:9f:9f:ae:b2:e1:
2c:fe:13:6f:d0:e8:9f:c2:a9:53:a7:27:26:a2:fd:2f:95:bc:
a2:a3:99:3e:37:26:5a:df:6d:9a:0f:a3:a5:57:2c:a2:6e:fd:
b7:21:cf:98:bb:08:56:69:6a:14:86:24:81:fe:9c:2b:34:1a:
10:22:72:c1:8e:0c:86:37:1d:16:f3:35:65:44:3c:94:04:2b:
8a:86:50:21:7e:b6:a7:11:5d:c0:e2:85:ee:00:4b:d2:87:29:
00:0f:6f:a2:55:8d:57:2c:c7:fd:ee:fb:b5:01:f3:8b:e8:c7:
1c:34:77:8b:8c:d2:ea:28:7a:5a:89:7d:cb:1e:c6:ec:94:cc:
c9:d0:5c:9e:7c:7e:21:08:43:cc:8d:7c:7b:48:f8:c8:fd:04:
21:7c:43:48:40:84:ff:04:0e:76:5a:50:3d:0f:33:50:9a:15:
64:79:ac:50:1e:46:42:1e:6e:8b:c6:28:c8:a4:d8:4a:15:71:
f6:47:17:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQyDfTqtNKCxqh/kkhRW/XmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmOTk0NjMwZmM3NDU1NmNlNTA4MDI2ODcwOTAxNTQ1ZmI3
YjA0Y2QwHhcNMjIxMTAxMDcxODA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2MxOGE1NTQ0MzkyMDM5OThjOTU0NWRmNmUyNjg3ZjIzOWQ0MGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgLEzfdm6ie+jzOfWkRwjBRfKFTe
G32oW8oDqchNDwaUloztRWcNErGeb1Ci5qclXHd4CdtFnj4+Q144cWbNbUlLl8UU
7pVIHPheWMGABe/M43xaOUNa2qaqj1ArhpRsUlQQvG1udoYJOuwPYrD3AOAdmE/U
YtVBKi/Tcp6gMWvcrxk21V6ugTjZxgJWmhDLgP+bujRyOZB119F+L5gMpCuBZ8yn
RMv3RJ6sopgXRkc1h3slOHESblgr9Vesdmystb3qixlZ0XB6sIR35XQm/8bOKgj/
bToJf09b0auvhDkJMpKZ4cJ12wgSyDZxdrV+qGlFpCvI3riOxUnOZZOMiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIPBilVEOSA5mMlUXfbiaH8jnUDpMB8GA1UdIwQY
MBaAFP+ZRjD8dFVs5QgCaHCQFUX7ewTNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzVsR01QeDBWV3psQ0FKb2NKQVZSZnQ3Qk0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9kYjU2NTEtOTVmMS00N2MxLWFjZjAt
ZWFmY2E1ODU0MjU3LzEvZzhHS1ZVUTVJRG1ZeVZSZDl1Sm9meU9kUU9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9kYjU2NTEtOTVmMS00N2MxLWFjZjAtZWFmY2E1ODU0MjU3
LzEvXzVsR01QeDBWV3psQ0FKb2NKQVZSZnQ3Qk0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH2Z8AMA0G
CSqGSIb3DQEBCwUAA4IBAQDGwDvpzlmgUXT5C528DQ4mnCC6jDLh8ztasgy2uoNK
M494xYWh1P4YaogRS93F8oYyh46W9WWlXTG1EN9b9x9SqNVbn5+usuEs/hNv0Oif
wqlTpycmov0vlbyio5k+NyZa322aD6OlVyyibv23Ic+YuwhWaWoUhiSB/pwrNBoQ
InLBjgyGNx0W8zVlRDyUBCuKhlAhfranEV3A4oXuAEvShykAD2+iVY1XLMf97vu1
AfOL6MccNHeLjNLqKHpaiX3LHsbslMzJ0FyefH4hCEPMjXx7SPjI/QQhfENIQIT/
BA52WlA9DzNQmhVkeaxQHkZCHm6LxijIpNhKFXH2RxfL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:19 2024 by rpki-client on console-fra.rpki-client.org