Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/JLbNYBuPxWl69OJLPoXmicWbMWg.roa
File: JLbNYBuPxWl69OJLPoXmicWbMWg.roa (raw, json)
Hash identifier: TpRdxnizrOrEgz3EYASPctDv8SKtAEu0eBfqjoRLA6I=
Subject key identifier: 24:B6:CD:60:1B:8F:C5:69:7A:F4:E2:4B:3E:85:E6:89:C5:9B:31:68
Certificate issuer: /CN=537f9bf84b69a09042432dae8377ee0ac8ff1c61
Certificate serial: 0373DB
Authority key identifier: 53:7F:9B:F8:4B:69:A0:90:42:43:2D:AE:83:77:EE:0A:C8:FF:1C:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U3-b-EtpoJBCQy2ug3fuCsj_HGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/JLbNYBuPxWl69OJLPoXmicWbMWg.roa
Signing time: Wed 05 Jan 2022 06:18:49 +0000
ROA not before: Wed 05 Jan 2022 06:18:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 193.218.0.0/24 maxlen: 24
185.1.226.0/23 maxlen: 23
2001:67c:29f0::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 226267 (0x373db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=537f9bf84b69a09042432dae8377ee0ac8ff1c61
Validity
Not Before: Jan 5 06:18:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24b6cd601b8fc5697af4e24b3e85e689c59b3168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:20:f0:72:bb:8c:e2:65:82:02:44:6a:66:fb:
4a:a7:12:c0:85:2a:5f:17:21:f2:e4:21:f5:35:5c:
59:e9:eb:3e:21:cd:ac:09:b9:ae:00:7b:50:63:51:
51:b5:71:73:2b:8e:43:f8:29:29:c0:97:2d:54:46:
9e:93:5b:69:2c:11:54:42:d2:68:99:1e:f5:33:11:
e6:99:45:63:89:04:74:67:de:20:43:05:72:06:a0:
de:22:b3:87:53:36:e8:2d:a2:f2:9a:f7:32:f3:40:
f5:dd:0c:56:d8:d6:db:c7:f4:a3:17:84:ca:4b:24:
28:5c:aa:1a:13:70:fa:c6:28:21:03:ab:03:4e:21:
53:f2:41:5a:66:99:dd:94:f7:74:ff:48:6e:5e:44:
7a:23:6f:d9:7f:9f:61:b6:4f:7f:b3:b6:f0:49:ba:
56:b0:1e:10:f6:7b:74:0c:ce:29:03:4d:7b:ba:5c:
bd:05:7d:18:c5:97:39:3f:2e:97:b8:45:34:13:9d:
e5:d7:67:3e:21:ff:27:b4:b2:59:aa:cb:f7:4c:3c:
c2:60:db:5d:af:b4:43:df:0c:62:dc:a5:a8:96:ba:
61:9a:6a:1e:e0:2a:52:11:5c:ff:19:a6:89:3e:fc:
2d:a6:75:e5:86:14:29:e9:22:b3:77:4b:12:c2:ae:
c8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:B6:CD:60:1B:8F:C5:69:7A:F4:E2:4B:3E:85:E6:89:C5:9B:31:68
X509v3 Authority Key Identifier:
keyid:53:7F:9B:F8:4B:69:A0:90:42:43:2D:AE:83:77:EE:0A:C8:FF:1C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3-b-EtpoJBCQy2ug3fuCsj_HGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/JLbNYBuPxWl69OJLPoXmicWbMWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/U3-b-EtpoJBCQy2ug3fuCsj_HGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.226.0/23
193.218.0.0/24
IPv6:
2001:67c:29f0::/48
Signature Algorithm: sha256WithRSAEncryption
05:6a:9e:69:7e:f6:43:e4:00:9d:23:83:1c:14:7f:7d:2c:22:
70:a3:02:85:6c:9f:86:50:51:91:ad:6a:ac:61:e7:28:55:88:
94:8b:ba:32:cc:f9:b4:f3:12:d1:05:86:33:bf:fb:e8:4d:83:
32:af:7a:d2:af:17:2e:74:9c:4f:0e:1b:a8:fc:6a:e7:50:d1:
bd:14:e3:8f:9b:09:2d:4e:20:74:0f:30:c7:ae:97:ad:d9:75:
18:b9:92:3e:74:70:52:c5:c6:98:97:fc:f3:45:ce:32:98:58:
46:45:63:45:8a:e1:5c:33:7c:b5:5f:42:fd:bc:f8:bb:c6:0b:
ae:97:b2:3c:a4:d0:7c:de:36:d6:95:1c:3d:c0:cd:e3:f1:96:
f4:10:45:18:d2:43:00:6b:f4:eb:06:2f:cd:c8:67:bc:50:bf:
95:b4:07:b1:b2:10:b7:67:f6:a7:c6:6c:c5:bf:fc:de:5d:02:
99:b0:27:18:19:d5:b5:17:60:79:82:bd:c8:ab:19:bc:e6:2b:
9e:bf:52:3e:37:42:c7:7f:f8:a3:ce:fe:71:91:fa:a5:a0:a7:
ec:a5:38:ec:97:d9:1f:cb:85:92:06:a4:7a:e8:2e:d1:b0:98:
5e:c1:11:63:1f:b1:d0:89:9a:a4:34:c6:42:16:65:3e:81:bd:
87:ba:2f:eb
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIDA3PbMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDUz
N2Y5YmY4NGI2OWEwOTA0MjQzMmRhZTgzNzdlZTBhYzhmZjFjNjEwHhcNMjIwMTA1
MDYxODQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyNGI2Y2Q2MDFiOGZj
NTY5N2FmNGUyNGIzZTg1ZTY4OWM1OWIzMTY4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA8iDwcruM4mWCAkRqZvtKpxLAhSpfFyHy5CH1NVxZ6es+Ic2s
CbmuAHtQY1FRtXFzK45D+CkpwJctVEaek1tpLBFUQtJomR71MxHmmUVjiQR0Z94g
QwVyBqDeIrOHUzboLaLymvcy80D13QxW2Nbbx/SjF4TKSyQoXKoaE3D6xighA6sD
TiFT8kFaZpndlPd0/0huXkR6I2/Zf59htk9/s7bwSbpWsB4Q9nt0DM4pA017uly9
BX0YxZc5Py6XuEU0E53l12c+If8ntLJZqsv3TDzCYNtdr7RD3wxi3KWolrphmmoe
4CpSEVz/GaaJPvwtpnXlhhQp6SKzd0sSwq7IuQIDAQABo4ICIDCCAhwwHQYDVR0O
BBYEFCS2zWAbj8VpevTiSz6F5onFmzFoMB8GA1UdIwQYMBaAFFN/m/hLaaCQQkMt
roN37grI/xxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VTMtYi1FdHBvSkJDUXkydWczZnVDc2pfSEdFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80NC9jYmM3NDYtNDE2Yi00ZGE5LTkyMjUtODkyZWM2ZmY0NzcxLzEv
SkxiTllCdVB4V2w2OU9KTFBvWG1pY1diTVdnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9j
YmM3NDYtNDE2Yi00ZGE5LTkyMjUtODkyZWM2ZmY0NzcxLzEvVTMtYi1FdHBvSkJD
UXkydWczZnVDc2pfSEdFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDYG
CCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBuQHiAwQAwdoAMA8EAgACMAkDBwAg
AQZ8KfAwDQYJKoZIhvcNAQELBQADggEBAAVqnml+9kPkAJ0jgxwUf30sInCjAoVs
n4ZQUZGtaqxh5yhViJSLujLM+bTzEtEFhjO/++hNgzKvetKvFy50nE8OG6j8audQ
0b0U44+bCS1OIHQPMMeul63ZdRi5kj50cFLFxpiX/PNFzjKYWEZFY0WK4VwzfLVf
Qv28+LvGC66Xsjyk0HzeNtaVHD3AzePxlvQQRRjSQwBr9OsGL83IZ7xQv5W0B7Gy
ELdn9qfGbMW//N5dApmwJxgZ1bUXYHmCvcirGbzmK56/Uj43Qsd/+KPO/nGR+qWg
p+ylOOyX2R/LhZIGpHroLtGwmF7BEWMfsdCJmqQ0xkIWZT6BvYe6L+s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:49 2024 by rpki-client on console-ams.rpki-client.org