Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/qE0nnwHJS2SVPXxIrdTZTSKzm-I.roa
File: qE0nnwHJS2SVPXxIrdTZTSKzm-I.roa (raw, json)
Hash identifier: BH3770So29bsjlrmt7hEgUDo0ZWysbf1EGPjfhQUoNU=
Subject key identifier: A8:4D:27:9F:01:C9:4B:64:95:3D:7C:48:AD:D4:D9:4D:22:B3:9B:E2
Certificate issuer: /CN=10f1d0dbe093c722350618f4045c25ba94317f87
Certificate serial: 0FFF2964
Authority key identifier: 10:F1:D0:DB:E0:93:C7:22:35:06:18:F4:04:5C:25:BA:94:31:7F:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/qE0nnwHJS2SVPXxIrdTZTSKzm-I.roa
Signing time: Wed 29 Jun 2022 09:21:59 +0000
ROA not before: Wed 29 Jun 2022 09:21:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47292
IP address blocks: 217.145.63.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 268380516 (0xfff2964)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10f1d0dbe093c722350618f4045c25ba94317f87
Validity
Not Before: Jun 29 09:21:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a84d279f01c94b64953d7c48add4d94d22b39be2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:28:06:a9:8d:67:06:e2:80:69:31:17:db:b3:
d0:e7:aa:e4:23:2c:20:df:5a:1e:e9:bd:c8:c1:7a:
0c:84:2b:d7:8f:4b:fb:fd:5b:43:0a:d0:2d:2e:92:
47:18:d0:69:ce:f2:38:ab:65:9d:71:3b:31:86:81:
b3:74:7d:da:28:b1:10:5f:ce:d0:f4:75:8c:9d:6f:
f7:67:2c:66:33:df:16:6e:a5:fa:66:d4:fa:ce:b7:
31:93:03:50:a9:4e:8d:6b:ca:43:58:e6:11:6b:39:
00:12:81:48:c6:52:08:da:b5:53:e4:79:e5:fc:52:
c9:14:6d:c6:ed:20:9a:8e:a2:d6:7f:01:e2:e4:84:
8c:ff:f5:2c:90:ae:17:99:0b:ee:0f:96:00:2f:e4:
d2:76:26:9c:6f:f3:cb:7e:36:f4:c8:67:b5:94:8d:
25:b4:ad:5a:6b:92:1e:2f:53:48:99:5a:c7:3e:7e:
d2:b6:d0:c8:ae:8f:c2:c6:46:85:fa:e3:51:fb:ac:
59:20:4e:3e:1c:a3:6e:58:57:88:30:c5:f0:91:40:
78:ec:ef:26:84:64:23:3e:e4:42:81:8c:f4:6f:09:
b9:3f:69:14:cc:c6:77:4e:6b:e0:58:25:89:15:7f:
b6:24:65:a1:c5:2d:66:0a:e2:ad:58:85:c3:1c:25:
e0:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:4D:27:9F:01:C9:4B:64:95:3D:7C:48:AD:D4:D9:4D:22:B3:9B:E2
X509v3 Authority Key Identifier:
keyid:10:F1:D0:DB:E0:93:C7:22:35:06:18:F4:04:5C:25:BA:94:31:7F:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/qE0nnwHJS2SVPXxIrdTZTSKzm-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/605f1c-0d7a-4bd3-88b6-2f0a6bdbbe51/1/EPHQ2-CTxyI1Bhj0BFwlupQxf4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.145.63.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:a1:5f:eb:34:3e:60:e9:d0:0c:61:4d:fb:69:d3:c6:89:09:
14:78:ba:e8:e6:81:c2:af:90:d3:9d:99:e6:c0:4c:2c:7c:1b:
8c:69:d8:6b:73:05:c3:85:1f:c4:80:46:e5:5b:74:f0:e5:47:
4d:ff:d2:f6:ac:dc:95:4d:08:3a:c1:82:29:f5:7a:1c:a0:4f:
9c:2a:9f:76:7f:4d:ae:11:59:21:42:94:89:5c:cd:83:7f:79:
4a:83:ce:2f:6b:bd:ca:7a:7d:8c:fe:f0:40:e1:2d:cd:59:aa:
9b:ae:45:75:f5:fa:97:f5:0c:94:7e:04:29:2b:94:3c:d5:06:
eb:81:94:c3:39:16:e8:a0:9a:41:9c:8b:7e:24:d7:9e:d2:ff:
d6:ec:3b:c6:47:ee:10:66:59:c8:48:9a:e9:16:dd:da:34:79:
b0:3f:06:d2:cf:dc:3e:aa:37:16:eb:c5:3d:f3:8f:87:92:e6:
2a:87:4e:e9:ef:9e:d4:d2:29:a8:b7:5a:33:52:02:36:18:00:
e5:f8:6e:4e:09:de:06:a6:8e:8d:48:cf:19:e0:30:49:aa:54:
e3:56:62:8c:65:21:b7:59:88:e4:88:de:b7:d4:fe:07:3a:6a:
9a:cf:a2:d9:1f:ef:92:0d:8c:07:6b:b5:97:4e:e8:62:45:96:
90:c4:74:3a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIED/8pZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MGYxZDBkYmUwOTNjNzIyMzUwNjE4ZjQwNDVjMjViYTk0MzE3Zjg3MB4XDTIyMDYy
OTA5MjE1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg0ZDI3OWYwMWM5
NGI2NDk1M2Q3YzQ4YWRkNGQ5NGQyMmIzOWJlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIooBqmNZwbigGkxF9uz0Oeq5CMsIN9aHum9yMF6DIQr149L
+/1bQwrQLS6SRxjQac7yOKtlnXE7MYaBs3R92iixEF/O0PR1jJ1v92csZjPfFm6l
+mbU+s63MZMDUKlOjWvKQ1jmEWs5ABKBSMZSCNq1U+R55fxSyRRtxu0gmo6i1n8B
4uSEjP/1LJCuF5kL7g+WAC/k0nYmnG/zy3429MhntZSNJbStWmuSHi9TSJlaxz5+
0rbQyK6PwsZGhfrjUfusWSBOPhyjblhXiDDF8JFAeOzvJoRkIz7kQoGM9G8JuT9p
FMzGd05r4FgliRV/tiRlocUtZgrirViFwxwl4DECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSoTSefAclLZJU9fEit1NlNIrOb4jAfBgNVHSMEGDAWgBQQ8dDb4JPHIjUG
GPQEXCW6lDF/hzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VQSFEyLUNUeHlJMUJoajBCRndsdXBReGY0Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvNjA1ZjFjLTBkN2EtNGJkMy04OGI2LTJmMGE2YmRiYmU1MS8x
L3FFMG5ud0hKUzJTVlBYeElyZFRaVFNLem0tSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
NjA1ZjFjLTBkN2EtNGJkMy04OGI2LTJmMGE2YmRiYmU1MS8xL0VQSFEyLUNUeHlJ
MUJoajBCRndsdXBReGY0Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANmRPzANBgkqhkiG9w0BAQsFAAOC
AQEAeqFf6zQ+YOnQDGFN+2nTxokJFHi66OaBwq+Q052Z5sBMLHwbjGnYa3MFw4Uf
xIBG5Vt08OVHTf/S9qzclU0IOsGCKfV6HKBPnCqfdn9NrhFZIUKUiVzNg395SoPO
L2u9ynp9jP7wQOEtzVmqm65FdfX6l/UMlH4EKSuUPNUG64GUwzkW6KCaQZyLfiTX
ntL/1uw7xkfuEGZZyEia6Rbd2jR5sD8G0s/cPqo3FuvFPfOPh5LmKodO6e+e1NIp
qLdaM1ICNhgA5fhuTgneBqaOjUjPGeAwSapU41ZijGUht1mI5Ijet9T+Bzpqms+i
2R/vkg2MB2u1l07oYkWWkMR0Og==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:16 2023 by rpki-client on console-fra.rpki-client.org