Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/c14115-8cf8-40c8-87c8-ce82ebe11ac8/1/N25TQsCcgPIXhVcRAqSOWoC4igA.roa
File: N25TQsCcgPIXhVcRAqSOWoC4igA.roa (raw, json)
Hash identifier: mwBkjMXWNlbyztQMqkJ14y4xle16Ukhli/dM5XKarxc=
Subject key identifier: 37:6E:53:42:C0:9C:80:F2:17:85:57:11:02:A4:8E:5A:80:B8:8A:00
Certificate issuer: /CN=1e9a92daf08c20b4691b925cf032e5491fe0acc0
Certificate serial: 02B57C27
Authority key identifier: 1E:9A:92:DA:F0:8C:20:B4:69:1B:92:5C:F0:32:E5:49:1F:E0:AC:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpqS2vCMILRpG5Jc8DLlSR_grMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/c14115-8cf8-40c8-87c8-ce82ebe11ac8/1/N25TQsCcgPIXhVcRAqSOWoC4igA.roa
Signing time: Sat 01 Jan 2022 06:59:37 +0000
ROA not before: Sat 01 Jan 2022 06:59:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 217.144.169.0/24 maxlen: 24
217.144.168.0/24 maxlen: 24
217.144.171.0/24 maxlen: 24
217.144.170.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45448231 (0x2b57c27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9a92daf08c20b4691b925cf032e5491fe0acc0
Validity
Not Before: Jan 1 06:59:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=376e5342c09c80f21785571102a48e5a80b88a00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:69:bb:ef:72:ef:89:3f:71:4d:27:a3:2c:69:
91:86:c2:61:5b:1b:ac:a8:88:cf:11:2e:55:af:b8:
79:94:0a:5c:99:49:49:aa:0e:b9:16:f8:d9:8e:89:
55:32:32:10:96:20:90:80:93:eb:26:53:df:3c:01:
c9:d3:10:5e:fa:b5:e5:24:88:8a:90:0c:c1:21:e1:
2c:a7:97:bc:0c:55:b8:32:32:d6:2f:d3:ae:83:1e:
53:8a:86:a7:09:ca:a4:7a:cd:6a:25:50:82:ae:16:
87:bb:22:a7:1e:50:5d:0b:7a:b6:64:af:0d:87:62:
99:ee:6a:ba:54:13:e4:55:1b:4d:70:90:61:3f:88:
90:47:fa:c5:3a:9a:41:e7:7b:88:c0:a3:bc:6e:6e:
7d:98:81:f5:9c:7a:56:2f:43:5e:f7:8d:53:4a:32:
e6:d9:7b:73:92:a4:69:09:69:0e:2f:37:fd:fa:4e:
cc:85:f0:b9:57:45:31:80:5e:89:e6:7b:52:1f:be:
f8:f1:4e:a7:96:d8:69:61:8e:8a:b9:b1:47:4e:fd:
65:4c:e4:93:e7:d5:1d:ff:f5:73:b1:21:04:66:26:
62:90:8a:94:50:96:b3:39:56:80:f8:4f:75:e8:d7:
24:3e:d1:e9:91:3b:3c:20:ac:5e:a8:f6:14:ce:2e:
ad:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:6E:53:42:C0:9C:80:F2:17:85:57:11:02:A4:8E:5A:80:B8:8A:00
X509v3 Authority Key Identifier:
keyid:1E:9A:92:DA:F0:8C:20:B4:69:1B:92:5C:F0:32:E5:49:1F:E0:AC:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpqS2vCMILRpG5Jc8DLlSR_grMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/c14115-8cf8-40c8-87c8-ce82ebe11ac8/1/N25TQsCcgPIXhVcRAqSOWoC4igA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/c14115-8cf8-40c8-87c8-ce82ebe11ac8/1/HpqS2vCMILRpG5Jc8DLlSR_grMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.144.168.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:36:4d:02:b7:ad:27:16:aa:04:38:e9:82:26:8d:67:6c:05:
44:64:dd:10:2e:66:37:bd:07:f2:15:a5:79:42:b8:af:0b:49:
3c:c4:4a:1a:da:d5:d7:9c:5d:95:08:bd:37:72:bf:97:dd:66:
a1:5f:17:80:65:7c:d9:f6:03:d4:88:72:ee:81:fc:b6:15:31:
96:58:ea:c5:f0:ee:ad:7f:8b:43:f5:99:4c:ab:4f:95:f7:ed:
60:8e:67:77:42:ec:60:f7:59:1a:40:0e:23:f5:a9:9f:7a:61:
49:7b:b6:64:50:46:0c:c8:c0:7e:50:06:68:61:fc:79:d5:2a:
4c:0a:f9:49:7b:75:6f:a3:7b:5e:8f:10:47:d6:69:4b:24:f0:
43:f6:60:d9:d0:b5:89:fc:f9:0a:6e:73:f3:4f:54:cd:f5:52:
ca:e2:13:d5:d5:e5:d5:49:e0:69:78:25:4a:fe:d0:e7:9f:d7:
c8:0a:5e:44:14:cc:45:b4:c1:a6:df:2a:51:0b:a4:9a:a4:bd:
a2:5b:c0:bb:a0:f2:65:ef:a0:30:d3:49:c3:f6:20:78:90:65:
97:de:80:9e:cd:cc:ce:73:73:a5:b1:04:ab:f4:ef:d6:b5:e7:
b5:71:16:5f:37:72:ff:91:02:c2:2e:95:4e:ea:41:79:31:fa:
56:66:56:fe
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEArV8JzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZTlhOTJkYWYwOGMyMGI0NjkxYjkyNWNmMDMyZTU0OTFmZTBhY2MwMB4XDTIyMDEw
MTA2NTkzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzc2ZTUzNDJjMDlj
ODBmMjE3ODU1NzExMDJhNDhlNWE4MGI4OGEwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOBpu+9y74k/cU0noyxpkYbCYVsbrKiIzxEuVa+4eZQKXJlJ
SaoOuRb42Y6JVTIyEJYgkICT6yZT3zwBydMQXvq15SSIipAMwSHhLKeXvAxVuDIy
1i/TroMeU4qGpwnKpHrNaiVQgq4Wh7sipx5QXQt6tmSvDYdime5qulQT5FUbTXCQ
YT+IkEf6xTqaQed7iMCjvG5ufZiB9Zx6Vi9DXveNU0oy5tl7c5KkaQlpDi83/fpO
zIXwuVdFMYBeieZ7Uh+++PFOp5bYaWGOirmxR079ZUzkk+fVHf/1c7EhBGYmYpCK
lFCWszlWgPhPdejXJD7R6ZE7PCCsXqj2FM4urU0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ3blNCwJyA8heFVxECpI5agLiKADAfBgNVHSMEGDAWgBQempLa8IwgtGkb
klzwMuVJH+CswDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hwcVMydkNNSUxScEc1SmM4RExsU1JfZ3JNQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvYzE0MTE1LThjZjgtNDBjOC04N2M4LWNlODJlYmUxMWFjOC8x
L04yNVRRc0NjZ1BJWGhWY1JBcVNPV29DNGlnQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
YzE0MTE1LThjZjgtNDBjOC04N2M4LWNlODJlYmUxMWFjOC8xL0hwcVMydkNNSUxS
cEc1SmM4RExsU1JfZ3JNQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtmQqDANBgkqhkiG9w0BAQsFAAOC
AQEAsjZNAretJxaqBDjpgiaNZ2wFRGTdEC5mN70H8hWleUK4rwtJPMRKGtrV15xd
lQi9N3K/l91moV8XgGV82fYD1Ihy7oH8thUxlljqxfDurX+LQ/WZTKtPlfftYI5n
d0LsYPdZGkAOI/Wpn3phSXu2ZFBGDMjAflAGaGH8edUqTAr5SXt1b6N7Xo8QR9Zp
SyTwQ/Zg2dC1ifz5Cm5z809UzfVSyuIT1dXl1UngaXglSv7Q55/XyApeRBTMRbTB
pt8qUQukmqS9olvAu6DyZe+gMNNJw/YgeJBll96Ans3MznNzpbEEq/Tv1rXntXEW
Xzdy/5ECwi6VTupBeTH6VmZW/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:24 2024 by rpki-client on console-ams.rpki-client.org