Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/8c9aa8-c10a-4e2d-9b64-227302d59572/1/fjAL2LAK4yk0BS9ksXj77gO4mTA.roa
File: fjAL2LAK4yk0BS9ksXj77gO4mTA.roa (raw, json)
Hash identifier: aRcjo7HMgCgjMXAZf0XHasbaxh53LS7jGAZIriQ7BIQ=
Subject key identifier: 7E:30:0B:D8:B0:0A:E3:29:34:05:2F:64:B1:78:FB:EE:03:B8:99:30
Certificate issuer: /CN=0462e00564a9340ff4739d3951216c46a8efc64f
Certificate serial: 32371B11
Authority key identifier: 04:62:E0:05:64:A9:34:0F:F4:73:9D:39:51:21:6C:46:A8:EF:C6:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BGLgBWSpNA_0c505USFsRqjvxk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/8c9aa8-c10a-4e2d-9b64-227302d59572/1/fjAL2LAK4yk0BS9ksXj77gO4mTA.roa
Signing time: Mon 03 Jan 2022 11:27:33 +0000
ROA not before: Mon 03 Jan 2022 11:27:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60398
IP address blocks: 217.150.80.0/24 maxlen: 24
217.150.84.0/24 maxlen: 24
217.150.80.0/21 maxlen: 21
217.150.83.0/24 maxlen: 24
217.150.85.0/24 maxlen: 24
217.150.82.0/24 maxlen: 24
217.150.81.0/24 maxlen: 24
217.150.87.0/24 maxlen: 24
217.150.86.0/24 maxlen: 24
2a02:65c0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 842472209 (0x32371b11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0462e00564a9340ff4739d3951216c46a8efc64f
Validity
Not Before: Jan 3 11:27:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e300bd8b00ae32934052f64b178fbee03b89930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:df:85:92:6d:88:7a:93:6a:59:9e:06:d5:11:
6b:a0:3b:e7:21:a3:85:d0:0b:e8:d1:2f:14:7d:a2:
fd:fe:a7:94:a0:47:cd:f8:7f:e8:f4:36:74:50:5f:
44:be:4a:e9:7d:50:d9:1e:8d:42:0a:b2:6d:cd:82:
34:32:51:06:4c:09:b3:81:b7:ba:de:ce:64:14:08:
24:c2:71:09:ef:59:51:24:64:4c:99:a2:81:cb:4b:
e2:35:cd:ca:9a:47:69:ac:cc:00:cd:88:b1:a0:46:
38:ba:29:7b:64:d0:19:cf:1f:56:66:f9:8e:fc:52:
10:27:42:60:f5:49:d8:75:6f:2f:d3:42:7c:fb:eb:
1f:99:b0:b6:1a:2e:ef:ad:3f:cd:8a:ff:82:be:a9:
14:24:d3:7a:3d:8f:48:fd:06:31:74:1a:f2:07:80:
99:91:75:8d:4d:b3:ac:f2:f0:ac:07:dc:87:f7:8c:
3f:fb:8c:4f:f5:3a:c7:79:64:0c:28:04:cc:a9:ae:
0f:93:fe:b9:e1:34:20:29:93:63:b2:a4:49:b5:4d:
8b:67:9e:a8:31:07:95:6e:44:7e:44:f9:34:40:12:
d5:80:52:2b:cf:0d:2d:48:c6:ca:eb:4a:d1:1c:ea:
7b:d2:7e:de:02:79:ac:61:77:f3:e3:e9:23:26:dd:
13:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:30:0B:D8:B0:0A:E3:29:34:05:2F:64:B1:78:FB:EE:03:B8:99:30
X509v3 Authority Key Identifier:
keyid:04:62:E0:05:64:A9:34:0F:F4:73:9D:39:51:21:6C:46:A8:EF:C6:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BGLgBWSpNA_0c505USFsRqjvxk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/8c9aa8-c10a-4e2d-9b64-227302d59572/1/fjAL2LAK4yk0BS9ksXj77gO4mTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/8c9aa8-c10a-4e2d-9b64-227302d59572/1/BGLgBWSpNA_0c505USFsRqjvxk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.150.80.0/21
IPv6:
2a02:65c0::/32
Signature Algorithm: sha256WithRSAEncryption
76:e8:9a:48:bf:f6:e5:90:a7:88:01:36:81:41:4f:1c:ff:35:
37:eb:ee:55:79:a5:c3:4b:15:02:56:7e:89:82:39:d8:35:a6:
e7:71:73:7e:47:16:7f:e0:4d:3b:17:42:b6:63:5b:15:c0:70:
1c:f6:e5:3f:18:96:10:67:8e:46:e7:c2:08:d0:3d:f8:a4:5e:
e8:35:fc:67:11:0d:23:70:47:07:d6:63:a5:e9:a5:86:a9:2b:
ee:0b:53:4f:8c:60:f0:06:52:25:f1:65:fe:a4:d5:44:39:79:
09:19:31:2a:32:39:a1:f8:ca:a5:7d:45:0a:0d:07:23:a5:01:
95:29:10:d1:0d:b7:96:9d:94:c7:58:6e:0f:97:bf:09:67:a1:
90:0f:b7:5e:86:93:a4:53:e1:53:a5:39:c0:32:ef:e4:43:bc:
bc:e8:cd:0a:f0:05:34:bd:29:01:4e:ad:8b:47:32:98:3a:23:
32:af:ae:2b:a9:c8:eb:75:63:ea:f4:b9:a7:56:d2:af:d8:82:
52:ba:b2:ca:97:b2:16:ef:00:a3:ba:e7:05:3c:56:f5:04:86:
24:42:90:76:37:5a:7f:21:d8:3a:a9:3c:67:ee:d2:ba:2b:7b:
7c:c8:89:4e:20:b1:26:7e:b8:31:11:86:f1:b0:5b:3d:6d:01:
63:68:00:5e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEMjcbETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NDYyZTAwNTY0YTkzNDBmZjQ3MzlkMzk1MTIxNmM0NmE4ZWZjNjRmMB4XDTIyMDEw
MzExMjczM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2UzMDBiZDhiMDBh
ZTMyOTM0MDUyZjY0YjE3OGZiZWUwM2I4OTkzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXfhZJtiHqTalmeBtURa6A75yGjhdAL6NEvFH2i/f6nlKBH
zfh/6PQ2dFBfRL5K6X1Q2R6NQgqybc2CNDJRBkwJs4G3ut7OZBQIJMJxCe9ZUSRk
TJmigctL4jXNyppHaazMAM2IsaBGOLope2TQGc8fVmb5jvxSECdCYPVJ2HVvL9NC
fPvrH5mwthou760/zYr/gr6pFCTTej2PSP0GMXQa8geAmZF1jU2zrPLwrAfch/eM
P/uMT/U6x3lkDCgEzKmuD5P+ueE0ICmTY7KkSbVNi2eeqDEHlW5EfkT5NEAS1YBS
K88NLUjGyutK0Rzqe9J+3gJ5rGF38+PpIybdExkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBR+MAvYsArjKTQFL2SxePvuA7iZMDAfBgNVHSMEGDAWgBQEYuAFZKk0D/Rz
nTlRIWxGqO/GTzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JHTGdCV1NwTkFfMGM1MDVVU0ZzUnFqdnhrOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvOGM5YWE4LWMxMGEtNGUyZC05YjY0LTIyNzMwMmQ1OTU3Mi8x
L2ZqQUwyTEFLNHlrMEJTOWtzWGo3N2dPNG1UQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
OGM5YWE4LWMxMGEtNGUyZC05YjY0LTIyNzMwMmQ1OTU3Mi8xL0JHTGdCV1NwTkFf
MGM1MDVVU0ZzUnFqdnhrOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA9mWUDANBAIAAjAHAwUAKgJlwDAN
BgkqhkiG9w0BAQsFAAOCAQEAduiaSL/25ZCniAE2gUFPHP81N+vuVXmlw0sVAlZ+
iYI52DWm53FzfkcWf+BNOxdCtmNbFcBwHPblPxiWEGeORufCCNA9+KRe6DX8ZxEN
I3BHB9Zjpemlhqkr7gtTT4xg8AZSJfFl/qTVRDl5CRkxKjI5ofjKpX1FCg0HI6UB
lSkQ0Q23lp2Ux1huD5e/CWehkA+3XoaTpFPhU6U5wDLv5EO8vOjNCvAFNL0pAU6t
i0cymDojMq+uK6nI63Vj6vS5p1bSr9iCUrqyypeyFu8Ao7rnBTxW9QSGJEKQdjda
fyHYOqk8Z+7Suit7fMiJTiCxJn64MRGG8bBbPW0BY2gAXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:49 2024 by rpki-client on console-ams.rpki-client.org