Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/082f12-513b-4eb9-a171-c6f6d444915f/1/1-YorL1LlWZ6gKE54N5wQm1QpBL8.roa
File: 1-YorL1LlWZ6gKE54N5wQm1QpBL8.roa (raw, json)
Hash identifier: sPQBn8cLXkGrjjN+oDc5WuNamgnXZ7LggSTsmFeXG2g=
Subject key identifier: F9:8A:2B:2F:52:E5:59:9E:A0:28:4E:78:37:9C:10:9B:54:29:04:BF
Certificate issuer: /CN=cbd942d96ee94a7a5a652ef7ac855dc9401415df
Certificate serial: 0C50972B
Authority key identifier: CB:D9:42:D9:6E:E9:4A:7A:5A:65:2E:F7:AC:85:5D:C9:40:14:15:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9lC2W7pSnpaZS73rIVdyUAUFd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/082f12-513b-4eb9-a171-c6f6d444915f/1/1-YorL1LlWZ6gKE54N5wQm1QpBL8.roa
Signing time: Sat 02 Jul 2022 15:16:26 +0000
ROA not before: Sat 02 Jul 2022 15:16:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64404
IP address blocks: 151.217.0.0/17 maxlen: 17
2001:678:814::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 206608171 (0xc50972b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd942d96ee94a7a5a652ef7ac855dc9401415df
Validity
Not Before: Jul 2 15:16:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f98a2b2f52e5599ea0284e78379c109b542904bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:15:4b:11:48:79:f8:95:ae:c1:f4:3c:95:2a:
f9:3a:b8:5f:bf:a7:58:1b:f8:02:44:cf:1a:c6:6b:
7a:27:25:6f:cf:dd:68:e0:13:34:a0:ad:68:c6:d5:
e6:fc:fd:b8:7d:9c:cb:1b:f6:cc:55:2e:4b:70:d4:
02:92:9c:97:46:a8:9e:d3:b0:ab:d4:e9:12:cb:eb:
ce:ce:4e:a9:35:19:65:c4:d7:c2:a1:42:09:24:66:
a8:0c:50:bc:90:e7:2f:00:dc:f5:e4:5f:a1:0c:55:
51:48:ee:a8:45:5f:fc:8a:a1:20:6c:97:db:e6:a8:
28:18:bb:d1:a3:ba:21:f8:94:7a:5e:84:39:ec:1a:
18:38:64:c7:a1:c6:35:8a:b7:1e:a1:97:28:ce:3f:
a1:47:db:46:6c:3f:23:24:1a:96:50:67:60:65:b2:
fd:ef:5e:fb:1b:20:9a:bc:ce:49:3b:b9:5f:89:9a:
eb:56:f5:29:ae:7f:24:6c:48:fc:1f:15:6c:d4:4f:
38:d2:12:ef:3e:42:68:d1:62:47:39:78:17:64:cf:
cf:8c:32:d9:9a:0a:63:fc:7d:d6:43:eb:d5:fa:ec:
f4:f6:42:7e:b4:cb:63:8c:a6:35:53:90:53:aa:c7:
7b:9a:5d:51:84:aa:24:a4:e8:ff:0b:70:90:b0:62:
7e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:8A:2B:2F:52:E5:59:9E:A0:28:4E:78:37:9C:10:9B:54:29:04:BF
X509v3 Authority Key Identifier:
keyid:CB:D9:42:D9:6E:E9:4A:7A:5A:65:2E:F7:AC:85:5D:C9:40:14:15:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9lC2W7pSnpaZS73rIVdyUAUFd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/082f12-513b-4eb9-a171-c6f6d444915f/1/1-YorL1LlWZ6gKE54N5wQm1QpBL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/082f12-513b-4eb9-a171-c6f6d444915f/1/y9lC2W7pSnpaZS73rIVdyUAUFd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.217.0.0/17
IPv6:
2001:678:814::/48
Signature Algorithm: sha256WithRSAEncryption
6a:42:ef:f7:62:42:07:74:40:ca:82:81:1a:b7:e8:5a:46:d2:
a4:8b:5a:52:03:43:84:c3:27:2a:3c:f3:05:dd:0d:71:73:ff:
fc:bb:2f:a8:ca:01:71:e4:88:a8:da:a2:88:c5:12:17:1e:7f:
a1:a4:0a:12:87:cd:ba:cc:88:4d:b6:1a:fb:1c:16:9d:5e:95:
11:b6:8e:39:e6:93:3c:df:72:3a:e5:55:6d:eb:32:60:4f:58:
cd:ae:35:75:a4:c1:01:1e:c6:a3:1f:af:e5:75:fe:bb:66:eb:
1d:48:5f:a2:0f:38:9b:fb:da:d8:f1:6e:a2:5f:a0:43:4c:4c:
8c:71:90:a5:68:6c:f9:91:dc:b2:6e:a1:c4:45:9d:27:81:03:
95:97:a1:29:27:0d:ca:61:ba:9a:aa:32:2d:b0:74:2c:66:39:
45:b1:8f:be:76:4b:3c:2d:2d:d3:66:6a:e8:4c:60:18:ee:65:
f7:94:08:81:22:c4:87:60:7a:41:87:0f:f1:6b:cc:cf:94:98:
3d:bc:20:1c:f8:0b:17:39:f9:79:ad:5f:92:47:d2:c6:a4:bc:
20:52:37:ac:da:14:ff:c2:5d:cb:db:af:9a:bf:ad:70:3e:5d:
51:7a:e3:80:3a:7e:e9:57:f0:bf:a8:12:ed:1e:3e:0e:e6:2c:
e2:6a:6d:6a
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEDFCXKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YmQ5NDJkOTZlZTk0YTdhNWE2NTJlZjdhYzg1NWRjOTQwMTQxNWRmMB4XDTIyMDcw
MjE1MTYyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjk4YTJiMmY1MmU1
NTk5ZWEwMjg0ZTc4Mzc5YzEwOWI1NDI5MDRiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKEVSxFIefiVrsH0PJUq+Tq4X7+nWBv4AkTPGsZreiclb8/d
aOATNKCtaMbV5vz9uH2cyxv2zFUuS3DUApKcl0aontOwq9TpEsvrzs5OqTUZZcTX
wqFCCSRmqAxQvJDnLwDc9eRfoQxVUUjuqEVf/IqhIGyX2+aoKBi70aO6IfiUel6E
OewaGDhkx6HGNYq3HqGXKM4/oUfbRmw/IyQallBnYGWy/e9e+xsgmrzOSTu5X4ma
61b1Ka5/JGxI/B8VbNRPONIS7z5CaNFiRzl4F2TPz4wy2ZoKY/x91kPr1frs9PZC
frTLY4ymNVOQU6rHe5pdUYSqJKTo/wtwkLBifrECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBT5iisvUuVZnqAoTng3nBCbVCkEvzAfBgNVHSMEGDAWgBTL2ULZbulKelpl
LveshV3JQBQV3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3k5bEMyVzdwU25wYVpTNzNySVZkeVVBVUZkOC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvMDgyZjEyLTUxM2ItNGViOS1hMTcxLWM2ZjZkNDQ0OTE1Zi8x
LzEtWW9yTDFMbFdaNmdLRTU0TjV3UW0xUXBCTDgucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc3
LzA4MmYxMi01MTNiLTRlYjktYTE3MS1jNmY2ZDQ0NDkxNWYvMS95OWxDMlc3cFNu
cGFaUzczcklWZHlVQVVGZDguY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAeX2QAwDwQCAAIwCQMHACABBngI
FDANBgkqhkiG9w0BAQsFAAOCAQEAakLv92JCB3RAyoKBGrfoWkbSpItaUgNDhMMn
KjzzBd0NcXP//LsvqMoBceSIqNqiiMUSFx5/oaQKEofNusyITbYa+xwWnV6VEbaO
OeaTPN9yOuVVbesyYE9Yza41daTBAR7Gox+v5XX+u2brHUhfog84m/va2PFuol+g
Q0xMjHGQpWhs+ZHcsm6hxEWdJ4EDlZehKScNymG6mqoyLbB0LGY5RbGPvnZLPC0t
02Zq6ExgGO5l95QIgSLEh2B6QYcP8WvMz5SYPbwgHPgLFzn5ea1fkkfSxqS8IFI3
rNoU/8Jdy9uvmr+tcD5dUXrjgDp+6Vfwv6gS7R4+DuYs4mptag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:31 2024 by rpki-client on console-ams.rpki-client.org