Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/7sL8v3ha38_apE4ShEBpXryDgZU.roa
File: 7sL8v3ha38_apE4ShEBpXryDgZU.roa (raw, json)
Hash identifier: NUcHEvRyUzWSOl+sx6s2rG4fks4RMKJ23UcOGekjdqU=
Subject key identifier: EE:C2:FC:BF:78:5A:DF:CF:DA:A4:4E:12:84:40:69:5E:BC:83:81:95
Certificate issuer: /CN=43668474e7bb3dbdb26adc01838ce7062d70c498
Certificate serial: 093C563E
Authority key identifier: 43:66:84:74:E7:BB:3D:BD:B2:6A:DC:01:83:8C:E7:06:2D:70:C4:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q2aEdOe7Pb2yatwBg4znBi1wxJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/7sL8v3ha38_apE4ShEBpXryDgZU.roa
Signing time: Sat 01 Jan 2022 01:51:42 +0000
ROA not before: Sat 01 Jan 2022 01:51:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209425
IP address blocks: 147.78.163.0/24 maxlen: 24
147.78.160.0/24 maxlen: 24
147.78.161.0/24 maxlen: 24
147.78.162.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154949182 (0x93c563e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43668474e7bb3dbdb26adc01838ce7062d70c498
Validity
Not Before: Jan 1 01:51:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eec2fcbf785adfcfdaa44e128440695ebc838195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b6:d4:5b:39:fd:43:9e:11:0f:39:ae:c8:62:
66:61:73:87:f3:c3:3f:40:69:c6:c9:ca:cb:b4:47:
b3:f7:9f:e7:9f:71:68:54:54:5d:39:2a:30:27:a2:
f8:78:eb:a4:48:e2:55:3e:f0:18:68:b0:a7:9b:e1:
91:2c:ee:42:fb:86:65:1b:e7:69:c7:ff:1e:96:8b:
70:ec:13:19:06:7d:7f:bf:70:c7:17:55:01:4d:6c:
24:84:40:91:1b:69:90:54:94:19:49:6e:a0:bc:f8:
c0:a1:49:e6:1e:ef:37:af:7d:d4:02:a6:5e:fc:fa:
7a:89:72:8b:39:e0:1e:85:7b:b0:85:71:b3:ad:92:
e1:4c:1e:fe:69:5c:d8:1c:a8:de:70:b2:92:7b:df:
1b:55:cd:15:e4:16:fb:94:f0:85:82:10:cf:06:23:
b4:a2:fc:34:83:9b:56:76:55:e6:be:70:14:49:ac:
fa:4c:f9:b9:eb:6a:1f:83:e2:fe:76:60:7b:f6:35:
37:96:93:f3:e5:ed:21:4d:73:8d:3e:da:3f:ce:45:
41:7c:8c:20:ed:ee:a5:ae:94:89:c1:c8:31:4f:8f:
dd:4d:2e:88:39:52:c7:67:23:e1:23:1d:df:9f:3b:
e3:53:88:19:d0:95:2d:35:79:96:a8:3f:28:5a:a5:
68:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C2:FC:BF:78:5A:DF:CF:DA:A4:4E:12:84:40:69:5E:BC:83:81:95
X509v3 Authority Key Identifier:
keyid:43:66:84:74:E7:BB:3D:BD:B2:6A:DC:01:83:8C:E7:06:2D:70:C4:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q2aEdOe7Pb2yatwBg4znBi1wxJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/7sL8v3ha38_apE4ShEBpXryDgZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/Q2aEdOe7Pb2yatwBg4znBi1wxJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.160.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:c1:4c:b3:37:28:0d:94:46:72:9e:ec:f1:45:01:65:b1:97:
58:28:77:7f:be:f5:54:d1:d3:a4:a7:09:87:49:88:ac:53:73:
a6:f7:db:2c:c9:68:31:d5:d2:c5:30:80:37:d4:1a:93:7c:77:
33:a9:e5:a9:c6:8e:e4:a7:0c:ad:87:82:88:b9:e2:62:32:79:
f2:3b:3a:83:da:6c:2c:97:65:46:50:2f:4b:3d:8e:15:15:33:
40:07:d2:d7:6e:9e:90:e7:e4:39:82:1b:43:b0:79:62:3e:05:
1c:d9:2e:53:c4:0f:cc:b2:9a:a0:fa:37:6e:06:64:4d:97:94:
89:af:14:0f:72:32:6a:9e:aa:75:95:d6:51:18:fe:3f:90:ae:
f8:a7:36:9f:1f:6a:89:04:6f:e1:ec:20:d9:5d:50:b1:6e:2d:
5b:36:97:ab:d8:53:6b:74:c1:08:5b:d1:06:e0:79:14:70:44:
c0:8b:7d:fb:12:76:a4:12:2b:5d:71:ef:ca:f9:6f:9b:b5:c2:
f4:46:c6:08:e0:24:52:6d:c6:af:a4:27:39:ce:c5:48:ab:62:
f7:72:96:3d:4b:c6:e2:90:98:72:39:25:3f:a0:0c:54:6a:35:
6d:ea:c9:85:7b:91:cd:d6:47:2f:55:9d:34:c9:a8:5f:c8:18:
8a:2b:dd:f6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECTxWPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MzY2ODQ3NGU3YmIzZGJkYjI2YWRjMDE4MzhjZTcwNjJkNzBjNDk4MB4XDTIyMDEw
MTAxNTE0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWVjMmZjYmY3ODVh
ZGZjZmRhYTQ0ZTEyODQ0MDY5NWViYzgzODE5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+21Fs5/UOeEQ85rshiZmFzh/PDP0BpxsnKy7RHs/ef559x
aFRUXTkqMCei+HjrpEjiVT7wGGiwp5vhkSzuQvuGZRvnacf/HpaLcOwTGQZ9f79w
xxdVAU1sJIRAkRtpkFSUGUluoLz4wKFJ5h7vN6991AKmXvz6eolyizngHoV7sIVx
s62S4Uwe/mlc2Byo3nCyknvfG1XNFeQW+5TwhYIQzwYjtKL8NIObVnZV5r5wFEms
+kz5uetqH4Pi/nZge/Y1N5aT8+XtIU1zjT7aP85FQXyMIO3upa6UicHIMU+P3U0u
iDlSx2cj4SMd358741OIGdCVLTV5lqg/KFqlaDECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTuwvy/eFrfz9qkThKEQGlevIOBlTAfBgNVHSMEGDAWgBRDZoR057s9vbJq
3AGDjOcGLXDEmDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1EyYUVkT2U3UGIyeWF0d0JnNHpuQmkxd3hKZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvYTRhNTc3LTE5MjUtNGRmMy05MjBkLWZhMjA4OGNjNTAxNC8x
LzdzTDh2M2hhMzhfYXBFNFNoRUJwWHJ5RGdaVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
YTRhNTc3LTE5MjUtNGRmMy05MjBkLWZhMjA4OGNjNTAxNC8xL1EyYUVkT2U3UGIy
eWF0d0JnNHpuQmkxd3hKZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEApNOoDANBgkqhkiG9w0BAQsFAAOC
AQEAjMFMszcoDZRGcp7s8UUBZbGXWCh3f771VNHTpKcJh0mIrFNzpvfbLMloMdXS
xTCAN9Qak3x3M6nlqcaO5KcMrYeCiLniYjJ58js6g9psLJdlRlAvSz2OFRUzQAfS
126ekOfkOYIbQ7B5Yj4FHNkuU8QPzLKaoPo3bgZkTZeUia8UD3Iyap6qdZXWURj+
P5Cu+Kc2nx9qiQRv4ewg2V1QsW4tWzaXq9hTa3TBCFvRBuB5FHBEwIt9+xJ2pBIr
XXHvyvlvm7XC9EbGCOAkUm3Gr6QnOc7FSKti93KWPUvG4pCYcjklP6AMVGo1berJ
hXuRzdZHL1WdNMmoX8gYiivd9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:07 2024 by rpki-client on console-ams.rpki-client.org