Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/9wHD8FqTVR-P-ZzEKQ63nGiSc3o.roa
File: 9wHD8FqTVR-P-ZzEKQ63nGiSc3o.roa (raw, json)
Hash identifier: tg6XqPTPkYeQg3AlR26zwOXdVvmH7o9phYPAEBugVsw=
Subject key identifier: F7:01:C3:F0:5A:93:55:1F:8F:F9:9C:C4:29:0E:B7:9C:68:92:73:7A
Certificate issuer: /CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Certificate serial: 0186B8D5BCB0569E11314538B503A5DFC69F
Authority key identifier: 2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/9wHD8FqTVR-P-ZzEKQ63nGiSc3o.roa
Signing time: Mon 06 Mar 2023 21:31:00 +0000
ROA not before: Mon 06 Mar 2023 21:31:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 217.197.174.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b8:d5:bc:b0:56:9e:11:31:45:38:b5:03:a5:df:c6:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Validity
Not Before: Mar 6 21:31:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f701c3f05a93551f8ff99cc4290eb79c6892737a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:76:ae:d3:21:ad:6c:0f:98:95:c8:7d:81:96:
6b:61:5d:5a:ad:d9:48:a3:74:b2:ca:08:3f:21:d5:
ff:93:b4:3e:f1:81:a7:45:9b:0a:0d:f5:22:16:19:
dc:0f:4d:c5:10:ca:26:27:85:6e:60:fd:2e:a3:b6:
79:b8:0a:1b:aa:19:1e:2e:51:18:ba:45:ab:4d:54:
cd:7d:91:93:05:6d:7f:1b:02:ba:6f:bd:ee:83:91:
71:a8:1e:03:c5:bc:7e:ac:0b:d3:65:d7:c2:8f:a3:
0d:d8:f3:d6:73:49:fb:d2:25:1f:40:3a:b3:dd:24:
32:00:c3:ef:0f:27:b3:64:db:a8:28:0e:95:bd:bf:
b0:22:ea:d2:58:4a:ea:3b:aa:22:52:c4:83:38:dd:
af:03:a7:3d:e8:c3:37:99:2f:bc:cf:2c:2c:eb:cf:
5b:ed:9c:f4:d9:a8:f2:8c:f7:42:ca:a2:f2:d2:ac:
48:18:47:b5:32:92:50:66:ac:1d:f3:19:8f:5a:3d:
d5:bf:71:90:29:b7:19:01:b0:31:d2:c9:3a:69:37:
ef:82:c1:91:96:6e:41:e0:b9:9c:25:5c:99:ef:9b:
eb:8f:c1:83:db:a4:32:0a:bb:e7:8f:62:31:75:aa:
07:80:3e:fa:f2:f8:0e:4b:01:3b:c9:6f:7c:ee:d3:
1b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:01:C3:F0:5A:93:55:1F:8F:F9:9C:C4:29:0E:B7:9C:68:92:73:7A
X509v3 Authority Key Identifier:
keyid:2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/9wHD8FqTVR-P-ZzEKQ63nGiSc3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/L1yrigmp_eI8ljX44WSu8J4XlIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.197.174.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:c4:bb:c5:15:83:4e:fe:a3:7e:52:81:df:46:77:ef:9f:79:
2a:7c:65:39:7f:72:dc:95:ef:9a:86:e7:fa:02:7e:96:93:b8:
cc:8b:e8:00:16:b7:d4:a5:64:dc:99:bb:fe:a3:30:ce:e0:06:
41:11:9a:cb:2e:83:d4:98:95:0e:00:44:75:d7:36:8f:e7:22:
77:ef:7a:12:1f:86:6a:31:b1:e1:ba:2a:be:f8:41:81:8b:e8:
0b:84:6b:f1:04:86:1e:c0:98:30:93:e9:53:63:8f:65:2d:b9:
63:7c:1f:a1:7a:ef:71:79:64:43:04:cb:fd:fe:53:f7:ad:40:
f1:bd:e7:0d:07:ce:8c:53:fe:e0:87:7f:6c:d5:f3:24:ef:29:
88:42:4b:9d:cc:22:bd:70:10:6f:3c:26:d4:42:e5:fc:e8:4e:
5e:dc:58:e8:29:ba:82:24:2b:f4:fa:5f:5b:39:39:c3:91:61:
22:d5:f0:cc:8a:f6:fe:0e:cd:2c:b3:09:31:60:67:f7:51:ed:
97:01:da:b0:92:02:9f:26:a6:87:2a:73:51:db:f3:6f:d5:3f:
4e:89:14:a3:ba:a4:fe:b4:8f:77:bf:67:e9:3c:28:8e:c7:87:
86:94:98:0e:86:1c:d4:0e:ee:0c:f4:df:73:9d:ed:81:6f:3b:
62:fc:60:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa41bywVp4RMUU4tQOl38afMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNWNhYjhhMDlhOWZkZTIzYzk2MzVmOGUxNjRhZWYwOWUx
Nzk0OGMwHhcNMjMwMzA2MjEzMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzAxYzNmMDVhOTM1NTFmOGZmOTljYzQyOTBlYjc5YzY4OTI3MzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXau0yGtbA+Ylch9gZZrYV1ardlI
o3Syygg/IdX/k7Q+8YGnRZsKDfUiFhncD03FEMomJ4VuYP0uo7Z5uAobqhkeLlEY
ukWrTVTNfZGTBW1/GwK6b73ug5FxqB4Dxbx+rAvTZdfCj6MN2PPWc0n70iUfQDqz
3SQyAMPvDyezZNuoKA6Vvb+wIurSWErqO6oiUsSDON2vA6c96MM3mS+8zyws689b
7Zz02ajyjPdCyqLy0qxIGEe1MpJQZqwd8xmPWj3Vv3GQKbcZAbAx0sk6aTfvgsGR
lm5B4LmcJVyZ75vrj8GD26QyCrvnj2IxdaoHgD768vgOSwE7yW987tMbTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPcBw/Bak1Ufj/mcxCkOt5xoknN6MB8GA1UdIwQY
MBaAFC9cq4oJqf3iPJY1+OFkrvCeF5SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUt
MDAyZjI2ZTNiODk4LzEvOXdIRDhGcVRWUi1QLVp6RUtRNjNuR2lTYzNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUtMDAyZjI2ZTNiODk4
LzEvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2cWuMA0G
CSqGSIb3DQEBCwUAA4IBAQCqxLvFFYNO/qN+UoHfRnfvn3kqfGU5f3Lcle+ahuf6
An6Wk7jMi+gAFrfUpWTcmbv+ozDO4AZBEZrLLoPUmJUOAER11zaP5yJ373oSH4Zq
MbHhuiq++EGBi+gLhGvxBIYewJgwk+lTY49lLbljfB+heu9xeWRDBMv9/lP3rUDx
vecNB86MU/7gh39s1fMk7ymIQkudzCK9cBBvPCbUQuX86E5e3FjoKbqCJCv0+l9b
OTnDkWEi1fDMivb+Ds0sswkxYGf3Ue2XAdqwkgKfJqaHKnNR2/Nv1T9OiRSjuqT+
tI93v2fpPCiOx4eGlJgOhhzUDu4M9N9zne2Bbzti/GDj
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:32 2023 by rpki-client on console-ams.rpki-client.org