Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/sQxkq-IUPabpUc2sK1YxKsYqYp4.roa
File: sQxkq-IUPabpUc2sK1YxKsYqYp4.roa (raw, json)
Hash identifier: Hb3LHKBx/K2UMdHo/GHi0BLACraYp7AN5iM615a00nQ=
Subject key identifier: B1:0C:64:AB:E2:14:3D:A6:E9:51:CD:AC:2B:56:31:2A:C6:2A:62:9E
Certificate issuer: /CN=9a393ef16027fc03bc5c045ff9289d4bbb7ff364
Certificate serial: 0333389D
Authority key identifier: 9A:39:3E:F1:60:27:FC:03:BC:5C:04:5F:F9:28:9D:4B:BB:7F:F3:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mjk-8WAn_AO8XARf-SidS7t_82Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/sQxkq-IUPabpUc2sK1YxKsYqYp4.roa
Signing time: Sat 01 Jan 2022 14:58:56 +0000
ROA not before: Sat 01 Jan 2022 14:58:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2269
IP address blocks: 160.228.0.0/16 maxlen: 16
138.195.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53688477 (0x333389d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a393ef16027fc03bc5c045ff9289d4bbb7ff364
Validity
Not Before: Jan 1 14:58:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b10c64abe2143da6e951cdac2b56312ac62a629e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:54:a9:ea:e4:17:e7:47:bb:2b:2d:76:e7:54:
dd:65:64:3f:4a:76:01:d1:15:1c:0c:7d:87:11:67:
f9:c9:b3:83:7d:21:50:e2:5b:c9:b2:69:ac:c1:c7:
bb:01:fc:c3:06:04:6b:d1:d3:3e:8c:00:22:4c:36:
37:68:d1:ad:bb:59:9b:8f:02:27:28:34:2b:42:f8:
80:4e:2b:b9:2e:48:71:42:fd:f9:e7:88:90:a3:5e:
65:35:8a:a6:45:f4:17:50:02:be:37:b5:ef:5b:4e:
a3:8a:dd:cf:51:20:4a:b9:5f:93:8c:bb:77:9c:ec:
a8:13:af:d4:71:e0:a3:00:24:98:ca:2a:78:0c:e2:
e5:53:65:4a:bd:a7:2e:ba:33:65:c6:83:01:c7:5a:
dc:18:4e:5a:38:69:ba:91:65:f5:92:e3:44:13:e1:
51:32:73:2d:49:58:29:56:a5:92:5d:b8:4b:ce:e2:
b1:8e:2b:ce:c5:69:72:c3:22:e4:5d:42:57:da:46:
31:fd:69:ed:19:1d:55:e7:c3:ae:3e:80:d9:c1:32:
22:77:2f:00:c5:2e:43:c3:70:28:4e:1d:31:fd:54:
e7:7c:c5:eb:33:ed:bb:3e:40:10:69:0c:2a:e8:e8:
ac:4b:27:00:91:8a:51:d8:0c:f1:d9:cd:64:c4:93:
47:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:0C:64:AB:E2:14:3D:A6:E9:51:CD:AC:2B:56:31:2A:C6:2A:62:9E
X509v3 Authority Key Identifier:
keyid:9A:39:3E:F1:60:27:FC:03:BC:5C:04:5F:F9:28:9D:4B:BB:7F:F3:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mjk-8WAn_AO8XARf-SidS7t_82Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/sQxkq-IUPabpUc2sK1YxKsYqYp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c6d984-6bfc-4602-9d58-ab2d5e7d4a7b/1/mjk-8WAn_AO8XARf-SidS7t_82Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.195.0.0/16
160.228.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d2:8f:ad:1b:28:d2:24:fc:49:f0:c5:00:61:39:a6:de:55:94:
63:c5:b7:9a:77:a2:ed:70:e5:1e:e4:9a:78:b9:8a:91:1e:bb:
af:96:76:f8:64:bb:34:0c:0b:03:49:c7:f8:c9:6c:64:93:18:
62:ee:f5:ce:a9:49:af:48:15:3c:4a:78:8f:4f:03:e5:70:0e:
5f:ef:b8:5d:43:04:e6:83:78:f7:e3:3f:f0:c7:7d:1e:b1:ff:
e3:67:7d:03:90:ff:11:45:4c:c2:df:48:e1:46:f5:9f:c2:dc:
70:ea:b1:6c:8d:c5:cf:57:7a:80:21:b3:8b:0a:f1:41:78:01:
d6:24:f2:9c:4e:fe:6f:1f:b4:46:68:f2:10:13:8b:21:5f:f2:
45:f1:19:1b:49:7a:f3:01:c3:6a:1e:82:1b:a8:56:96:a4:48:
78:7f:8f:42:ff:21:cd:32:91:98:da:11:6d:57:ed:72:07:82:
ea:50:22:d5:5c:1e:99:97:cf:77:e0:f5:95:38:3a:a7:cc:1f:
1c:df:83:8d:e0:90:8a:a8:0e:b8:d0:dc:d8:db:4d:e7:59:54:
88:42:ac:78:25:c7:e5:1f:12:5b:65:54:a9:7f:64:2d:60:23:
ee:d8:23:bb:ce:23:67:d3:80:41:0d:2d:2f:33:e1:a6:8e:ac:
0a:1a:7a:8e
-----BEGIN CERTIFICATE-----
MIIE8zCCA9ugAwIBAgIEAzM4nTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTM5M2VmMTYwMjdmYzAzYmM1YzA0NWZmOTI4OWQ0YmJiN2ZmMzY0MB4XDTIyMDEw
MTE0NTg1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjEwYzY0YWJlMjE0
M2RhNmU5NTFjZGFjMmI1NjMxMmFjNjJhNjI5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9UqerkF+dHuystdudU3WVkP0p2AdEVHAx9hxFn+cmzg30h
UOJbybJprMHHuwH8wwYEa9HTPowAIkw2N2jRrbtZm48CJyg0K0L4gE4ruS5IcUL9
+eeIkKNeZTWKpkX0F1ACvje171tOo4rdz1EgSrlfk4y7d5zsqBOv1HHgowAkmMoq
eAzi5VNlSr2nLrozZcaDAcda3BhOWjhpupFl9ZLjRBPhUTJzLUlYKValkl24S87i
sY4rzsVpcsMi5F1CV9pGMf1p7RkdVefDrj6A2cEyIncvAMUuQ8NwKE4dMf1U53zF
6zPtuz5AEGkMKujorEsnAJGKUdgM8dnNZMSTR08CAwEAAaOCAg0wggIJMB0GA1Ud
DgQWBBSxDGSr4hQ9pulRzawrVjEqxipinjAfBgNVHSMEGDAWgBSaOT7xYCf8A7xc
BF/5KJ1Lu3/zZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21qay04V0FuX0FPOFhBUmYtU2lkUzd0XzgyUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvYzZkOTg0LTZiZmMtNDYwMi05ZDU4LWFiMmQ1ZTdkNGE3Yi8x
L3NReGtxLUlVUGFicFVjMnNLMVl4S3NZcVlwNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
YzZkOTg0LTZiZmMtNDYwMi05ZDU4LWFiMmQ1ZTdkNGE3Yi8xL21qay04V0FuX0FP
OFhBUmYtU2lkUzd0XzgyUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAj
BggrBgEFBQcBBwEB/wQUMBIwEAQCAAEwCgMDAIrDAwMAoOQwDQYJKoZIhvcNAQEL
BQADggEBANKPrRso0iT8SfDFAGE5pt5VlGPFt5p3ou1w5R7kmni5ipEeu6+Wdvhk
uzQMCwNJx/jJbGSTGGLu9c6pSa9IFTxKeI9PA+VwDl/vuF1DBOaDePfjP/DHfR6x
/+NnfQOQ/xFFTMLfSOFG9Z/C3HDqsWyNxc9XeoAhs4sK8UF4AdYk8pxO/m8ftEZo
8hATiyFf8kXxGRtJevMBw2oeghuoVpakSHh/j0L/Ic0ykZjaEW1X7XIHgupQItVc
HpmXz3fg9ZU4OqfMHxzfg43gkIqoDrjQ3NjbTedZVIhCrHglx+UfEltlVKl/ZC1g
I+7YI7vOI2fTgEENLS8z4aaOrAoaeo4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:21 2024 by rpki-client on console-fra.rpki-client.org