Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/39qd4MSJmXoo9594_NO_eHjEDPU.roa
File: 39qd4MSJmXoo9594_NO_eHjEDPU.roa (raw, json)
Hash identifier: v09m2eZLnKfQETj7eBOiYoLdzlCr0HVNlVfE068fFZw=
Subject key identifier: DF:DA:9D:E0:C4:89:99:7A:28:F7:9F:78:FC:D3:BF:78:78:C4:0C:F5
Certificate issuer: /CN=9a393ef16027fc03bc5c045ff9289d4bbb7ff364
Certificate serial: 018CC6B92BB223C7CE839A5A8D635DFE8862
Authority key identifier: 9A:39:3E:F1:60:27:FC:03:BC:5C:04:5F:F9:28:9D:4B:BB:7F:F3:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mjk-8WAn_AO8XARf-SidS7t_82Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/39qd4MSJmXoo9594_NO_eHjEDPU.roa
Signing time: Mon 01 Jan 2024 20:31:13 +0000
ROA not before: Mon 01 Jan 2024 20:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2200
IP address blocks: 160.228.0.0/16 maxlen: 16
138.195.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:2b:b2:23:c7:ce:83:9a:5a:8d:63:5d:fe:88:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a393ef16027fc03bc5c045ff9289d4bbb7ff364
Validity
Not Before: Jan 1 20:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfda9de0c489997a28f79f78fcd3bf7878c40cf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:95:96:0d:fe:29:10:5c:a8:53:26:60:39:0c:
c5:96:ce:30:12:e1:8d:e3:1c:5a:5f:f6:60:65:ad:
bf:cd:81:30:cf:09:a1:97:cc:22:00:15:39:d4:55:
2f:fb:43:31:cb:8d:d7:1e:7c:e9:b5:8b:c5:46:1b:
06:66:b8:20:0c:ee:e8:52:a1:98:12:97:2c:28:ce:
62:51:89:1f:90:a5:71:bb:98:f4:72:21:d3:45:9f:
dc:b6:b5:4c:87:51:25:12:ad:74:09:70:e9:c7:37:
45:4d:b7:d0:4a:a7:8b:c1:dd:4e:86:13:11:df:71:
c0:5c:23:95:f7:be:38:01:5c:74:d5:1c:8a:56:79:
45:24:db:bd:1c:43:69:32:e9:2a:c1:67:14:a3:80:
bb:e7:8c:1e:19:69:49:e2:f2:a9:28:83:f5:53:e2:
7f:eb:32:17:ec:0a:ff:b6:14:54:d7:5e:46:7c:e7:
aa:e6:71:e8:1c:08:4a:d1:f2:5e:3d:82:a8:2f:60:
43:20:38:d8:45:51:75:5a:79:e2:cb:ac:3d:65:58:
0f:e5:51:dc:be:66:be:12:ca:17:a4:5a:4a:e6:2f:
79:d3:6c:f9:90:f6:d8:d0:cd:07:98:9f:4a:ab:59:
76:f3:94:04:90:f5:a1:3d:ec:74:ec:da:a3:81:a3:
87:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:DA:9D:E0:C4:89:99:7A:28:F7:9F:78:FC:D3:BF:78:78:C4:0C:F5
X509v3 Authority Key Identifier:
keyid:9A:39:3E:F1:60:27:FC:03:BC:5C:04:5F:F9:28:9D:4B:BB:7F:F3:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mjk-8WAn_AO8XARf-SidS7t_82Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/39qd4MSJmXoo9594_NO_eHjEDPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/mjk-8WAn_AO8XARf-SidS7t_82Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.195.0.0/16
160.228.0.0/16
Signature Algorithm: sha256WithRSAEncryption
e4:22:dd:04:b3:e6:9f:bf:0c:2b:67:f8:3c:e6:a5:0a:b9:5c:
a7:b1:62:b2:1b:84:83:63:ac:b0:a1:c0:c1:a0:6e:bf:64:60:
42:38:5f:7b:c7:25:60:f5:fe:00:5d:8c:e5:ba:cc:a2:d0:c8:
a8:33:2a:f5:f7:6d:41:2c:8e:e0:46:ef:01:99:ba:65:1f:0d:
db:b6:05:75:11:45:1d:6b:3a:32:bc:8e:db:85:7f:8f:1e:be:
14:78:1b:cc:c3:60:57:3c:db:85:88:83:c2:e4:54:78:59:ef:
78:8a:ed:9f:39:2e:a4:16:15:f5:0b:27:9c:0f:8a:b6:9e:aa:
e7:fc:5c:ad:83:5d:41:9a:3a:1b:f7:4c:07:46:18:81:55:a5:
eb:01:a4:a0:9d:b9:92:df:3a:fa:67:22:ce:31:f3:10:ab:18:
8f:a9:d0:ed:fe:97:0e:90:de:41:41:06:09:f6:35:d8:78:f6:
a1:81:01:fa:54:7b:2a:d0:fa:08:ee:2e:6f:ef:c7:7d:74:5a:
b1:a6:4a:a2:02:9f:35:1c:4f:65:88:45:66:34:26:95:66:88:
08:0f:7b:76:59:f8:6c:48:41:b1:73:1f:52:3a:2f:29:c2:f1:
ad:76:27:71:e0:d0:b3:81:17:97:f9:40:0a:ae:40:fc:b6:af:
4f:4c:64:e0
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYzGuSuyI8fOg5pajWNd/ohiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMzkzZWYxNjAyN2ZjMDNiYzVjMDQ1ZmY5Mjg5ZDRiYmI3
ZmYzNjQwHhcNMjQwMTAxMjAzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmRhOWRlMGM0ODk5OTdhMjhmNzlmNzhmY2QzYmY3ODc4YzQwY2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJWWDf4pEFyoUyZgOQzFls4wEuGN
4xxaX/ZgZa2/zYEwzwmhl8wiABU51FUv+0Mxy43XHnzptYvFRhsGZrggDO7oUqGY
EpcsKM5iUYkfkKVxu5j0ciHTRZ/ctrVMh1ElEq10CXDpxzdFTbfQSqeLwd1OhhMR
33HAXCOV9744AVx01RyKVnlFJNu9HENpMukqwWcUo4C754weGWlJ4vKpKIP1U+J/
6zIX7Ar/thRU115GfOeq5nHoHAhK0fJePYKoL2BDIDjYRVF1Wnniy6w9ZVgP5VHc
vma+EsoXpFpK5i9502z5kPbY0M0HmJ9Kq1l285QEkPWhPex07NqjgaOH0wIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFN/aneDEiZl6KPefePzTv3h4xAz1MB8GA1UdIwQY
MBaAFJo5PvFgJ/wDvFwEX/konUu7f/NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWprLThXQW5fQU84WEFSZi1TaWRTN3RfODJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jNmQ5ODQtNmJmYy00NjAyLTlkNTgt
YWIyZDVlN2Q0YTdiLzEvMzlxZDRNU0ptWG9vOTU5NF9OT19lSGpFRFBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jNmQ5ODQtNmJmYy00NjAyLTlkNTgtYWIyZDVlN2Q0YTdi
LzEvbWprLThXQW5fQU84WEFSZi1TaWRTN3RfODJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMAisMDAwCg
5DANBgkqhkiG9w0BAQsFAAOCAQEA5CLdBLPmn78MK2f4POalCrlcp7FishuEg2Os
sKHAwaBuv2RgQjhfe8clYPX+AF2M5brMotDIqDMq9fdtQSyO4EbvAZm6ZR8N27YF
dRFFHWs6MryO24V/jx6+FHgbzMNgVzzbhYiDwuRUeFnveIrtnzkupBYV9QsnnA+K
tp6q5/xcrYNdQZo6G/dMB0YYgVWl6wGkoJ25kt86+mcizjHzEKsYj6nQ7f6XDpDe
QUEGCfY12Hj2oYEB+lR7KtD6CO4ub+/HfXRasaZKogKfNRxPZYhFZjQmlWaICA97
dln4bEhBsXMfUjovKcLxrXYnceDQs4EXl/lACq5A/LavT0xk4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:31 2024 by rpki-client on console-ams.rpki-client.org