Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/jKOdULTPi_zuG6rdcAOXL7wpAsE.roa
File: jKOdULTPi_zuG6rdcAOXL7wpAsE.roa (raw, json)
Hash identifier: oiI2eH3laZ2mKsAL1obw20xNbbe6+OX7hg5bXnf99AY=
Subject key identifier: 8C:A3:9D:50:B4:CF:8B:FC:EE:1B:AA:DD:70:03:97:2F:BC:29:02:C1
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 3D52BCF8
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/jKOdULTPi_zuG6rdcAOXL7wpAsE.roa
Signing time: Sat 01 Jan 2022 06:55:14 +0000
ROA not before: Sat 01 Jan 2022 06:55:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34289
IP address blocks: 92.204.0.0/15 maxlen: 24
2a01:7a0::/29 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1028832504 (0x3d52bcf8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 1 06:55:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ca39d50b4cf8bfcee1baadd7003972fbc2902c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:06:ab:2c:7b:dc:0b:76:7d:46:98:da:fc:55:
ba:26:0f:ec:37:36:81:8b:4f:58:dc:cd:7d:1a:bc:
3b:31:28:a9:bd:83:af:2d:76:24:ef:38:83:e2:74:
88:f3:d0:10:8a:3e:a6:2b:d5:30:37:3b:e6:2d:b1:
c5:32:90:1a:b7:fa:d9:a9:bd:f4:32:62:ef:f3:ad:
1b:7b:6e:b2:9c:8c:7f:b7:6d:12:91:16:c7:71:7f:
87:eb:39:bc:2d:c1:dc:23:23:ca:ee:20:ee:e6:ff:
93:42:57:4b:93:a0:8b:43:26:67:92:92:8e:cc:ab:
a7:f9:27:20:04:b1:e8:f5:d2:e7:cd:c6:57:b6:3a:
0e:0b:5e:fc:1d:39:24:4b:b6:40:93:a0:aa:2a:5f:
10:4b:b6:0c:ee:68:d3:2f:34:68:b7:b4:82:4a:8f:
ac:69:ad:cb:6f:54:54:bc:98:a5:7e:e2:d3:b9:f5:
fb:d7:e9:24:fc:b9:64:d4:9c:09:14:c7:54:73:90:
bc:71:66:41:bb:3a:d8:13:65:b6:bf:a5:25:dc:5c:
d8:6f:86:7d:f8:3c:d1:5e:27:64:0d:59:91:47:5f:
64:7d:4b:32:c1:b2:d7:1f:bf:bc:71:eb:96:9e:35:
a0:7e:86:47:91:b7:30:35:b2:68:a3:b4:f4:38:f4:
42:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:A3:9D:50:B4:CF:8B:FC:EE:1B:AA:DD:70:03:97:2F:BC:29:02:C1
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/jKOdULTPi_zuG6rdcAOXL7wpAsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.204.0.0/15
IPv6:
2a01:7a0::/29
Signature Algorithm: sha256WithRSAEncryption
4b:31:fd:52:ae:80:a9:b4:62:d4:f6:ad:5a:65:09:71:bf:b1:
a5:0f:ed:48:d3:59:28:9b:65:e8:04:ac:66:24:1d:b3:4e:84:
59:b3:11:c3:64:49:1c:e0:30:f8:4f:e2:e4:31:32:85:d8:73:
64:c0:71:bd:04:8b:a9:72:d3:2f:a3:d7:9d:65:6b:ee:68:05:
c7:91:4c:62:d1:13:23:db:57:2f:e5:e6:b4:56:3d:bb:c6:d7:
74:46:47:db:ca:97:2a:1b:dc:49:64:d8:d1:2f:a6:f5:1d:57:
5a:0b:03:67:34:cd:9f:0b:f8:92:27:9f:4f:22:27:6b:46:2f:
70:77:fc:63:bd:59:d5:c7:7b:b9:45:d8:ab:70:e2:c8:62:55:
ff:bb:24:e4:78:f6:c8:85:17:40:72:b1:69:eb:80:6d:fe:01:
df:ea:60:d1:b3:b8:5b:ae:f6:3a:b2:c7:45:06:08:48:71:00:
d7:83:df:be:38:b3:f5:c4:42:a9:a0:b9:f2:18:7a:86:40:75:
66:56:62:07:6a:a5:0c:0b:d7:a3:0a:eb:b7:08:07:f7:4e:f3:
d7:aa:64:0c:fb:27:a8:31:4e:7b:89:db:66:93:4e:b8:73:16:
22:ca:bf:e0:8b:d3:74:ec:35:82:a3:c2:78:0d:a0:fb:23:25:
7c:e4:b3:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEPVK8+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTZlZDBmYjdiMzIwODMyYWMxNTgwNTM0YzdiMjYzZjMwNGU5ODFiMB4XDTIyMDEw
MTA2NTUxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGNhMzlkNTBiNGNm
OGJmY2VlMWJhYWRkNzAwMzk3MmZiYzI5MDJjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkGqyx73At2fUaY2vxVuiYP7Dc2gYtPWNzNfRq8OzEoqb2D
ry12JO84g+J0iPPQEIo+pivVMDc75i2xxTKQGrf62am99DJi7/OtG3tuspyMf7dt
EpEWx3F/h+s5vC3B3CMjyu4g7ub/k0JXS5Ogi0MmZ5KSjsyrp/knIASx6PXS583G
V7Y6Dgte/B05JEu2QJOgqipfEEu2DO5o0y80aLe0gkqPrGmty29UVLyYpX7i07n1
+9fpJPy5ZNScCRTHVHOQvHFmQbs62BNltr+lJdxc2G+Gffg80V4nZA1ZkUdfZH1L
MsGy1x+/vHHrlp41oH6GR5G3MDWyaKO09Dj0Ql8CAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBSMo51QtM+L/O4bqt1wA5cvvCkCwTAfBgNVHSMEGDAWgBS6btD7ezIIMqwV
gFNMeyY/ME6YGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VtN1EtM3N5Q0RLc0ZZQlRUSHNtUHpCT21Ccy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvNDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdkMS8x
L2pLT2RVTFRQaV96dUc2cmRjQU9YTDd3cEFzRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
NDIwNDFkLTU5MzEtNDgyNC05MjU0LTE2MWYzNDIzODdkMS8xL3VtN1EtM3N5Q0RL
c0ZZQlRUSHNtUHpCT21Ccy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwCwQCAAEwBQMDAVzMMA0EAgACMAcDBQMqAQegMA0G
CSqGSIb3DQEBCwUAA4IBAQBLMf1SroCptGLU9q1aZQlxv7GlD+1I01kom2XoBKxm
JB2zToRZsxHDZEkc4DD4T+LkMTKF2HNkwHG9BIupctMvo9edZWvuaAXHkUxi0RMj
21cv5ea0Vj27xtd0RkfbypcqG9xJZNjRL6b1HVdaCwNnNM2fC/iSJ59PIidrRi9w
d/xjvVnVx3u5RdircOLIYlX/uyTkePbIhRdAcrFp64Bt/gHf6mDRs7hbrvY6ssdF
BghIcQDXg9++OLP1xEKpoLnyGHqGQHVmVmIHaqUMC9ejCuu3CAf3TvPXqmQM+yeo
MU57idtmk064cxYiyr/gi9N07DWCo8J4DaD7IyV85LNw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:03 2024 by rpki-client on console-fra.rpki-client.org