Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/J_RypWNYdwkOY2RAAN9ic7s396A.roa
File: J_RypWNYdwkOY2RAAN9ic7s396A.roa (raw, json)
Hash identifier: zCU3NDGZJHmx3CyfUGN6mc89sSDNzk16bYbhUOiq/es=
Subject key identifier: 27:F4:72:A5:63:58:77:09:0E:63:64:40:00:DF:62:73:BB:37:F7:A0
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0186776697B8CB0B26760D0A97F76BBD425E
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/J_RypWNYdwkOY2RAAN9ic7s396A.roa
Signing time: Wed 22 Feb 2023 04:34:17 +0000
ROA not before: Wed 22 Feb 2023 04:34:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64267
IP address blocks: 185.129.108.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:77:66:97:b8:cb:0b:26:76:0d:0a:97:f7:6b:bd:42:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Feb 22 04:34:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27f472a5635877090e63644000df6273bb37f7a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:28:1e:d7:c9:47:1f:c7:27:79:b7:ee:be:72:
96:fb:cc:c5:6d:b4:06:47:90:f9:98:88:ba:5c:09:
dc:32:87:0a:63:06:bf:c9:76:af:46:3e:f9:02:b2:
17:7e:fd:75:9a:6d:41:75:8b:2d:aa:94:15:a0:ba:
78:70:d3:c4:cb:3d:9f:9b:88:85:96:f0:22:b1:e2:
8e:53:a5:ab:d8:01:74:c3:e9:9f:e2:74:2a:81:e3:
38:65:97:13:cc:1e:95:ad:8e:ef:b0:0a:a3:cf:49:
2a:13:c3:33:b1:09:d7:38:f3:db:4c:01:1b:8e:09:
a8:4d:df:1a:f7:de:97:2e:a8:2a:04:f9:03:6d:41:
4b:43:90:13:ca:9d:73:4c:04:83:19:ff:cc:be:53:
49:a2:78:d2:10:f2:c3:be:b3:5d:9d:5f:b2:96:41:
a8:c4:ac:c6:69:09:d2:6e:2c:5f:ec:5d:56:db:ff:
de:2e:42:82:11:3e:4a:96:aa:a0:03:90:77:a9:60:
87:6a:9e:44:38:10:f4:dc:2e:75:40:c1:76:bd:24:
ff:80:39:91:1a:dc:c9:f7:80:99:2d:45:59:d4:38:
d7:bc:72:87:a9:5a:46:65:d2:7f:d1:97:6d:b1:bf:
ee:bd:b7:b6:ff:a1:7f:03:4f:ce:78:36:34:11:86:
4c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:F4:72:A5:63:58:77:09:0E:63:64:40:00:DF:62:73:BB:37:F7:A0
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/J_RypWNYdwkOY2RAAN9ic7s396A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.108.0/23
Signature Algorithm: sha256WithRSAEncryption
c6:53:50:5c:5b:24:be:e3:e3:e2:64:90:1e:99:5c:a9:12:b1:
0f:20:8a:ff:72:2e:37:cf:a1:79:d5:2e:29:77:85:ad:de:e5:
1a:2a:dc:76:0f:af:21:bc:9f:bc:b7:d8:cf:a8:d6:61:23:5d:
8d:3d:1a:72:65:d7:85:2a:9c:73:c1:c7:c6:d3:a6:40:e0:3d:
a6:7d:f4:3b:46:e4:00:3f:f4:36:f7:b9:ea:77:5f:2f:07:c6:
e4:3f:2e:59:32:52:58:e9:10:f2:36:d2:45:1e:d9:a2:d0:dd:
a6:a3:97:4a:4d:ba:02:fd:2b:ca:c1:82:32:5f:5b:ed:74:6e:
cd:e8:40:e0:df:e3:eb:6a:3a:6c:65:c2:e0:f9:4d:ba:c7:e0:
fe:65:ea:02:0f:d3:45:93:5a:a7:93:50:50:e8:8e:a7:97:f0:
ab:67:25:2c:35:9f:e2:12:7e:fc:04:5f:4d:cf:eb:f5:27:86:
b8:4f:85:30:87:44:c6:bb:0d:9a:1d:ca:1c:47:70:a0:93:67:
a6:4a:25:4c:5b:25:5d:c8:02:4f:2c:7d:18:39:bf:2f:0d:62:
59:ff:27:5e:e6:46:30:7a:30:01:3d:3d:0e:24:f5:81:38:13:
c4:b0:76:80:8b:42:ff:9c:25:8f:b6:e3:61:32:27:22:4d:f2:
b8:2d:fc:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ3Zpe4ywsmdg0Kl/drvUJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMjIyMDQzNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2Y0NzJhNTYzNTg3NzA5MGU2MzY0NDAwMGRmNjI3M2JiMzdmN2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyge18lHH8cnebfuvnKW+8zFbbQG
R5D5mIi6XAncMocKYwa/yXavRj75ArIXfv11mm1BdYstqpQVoLp4cNPEyz2fm4iF
lvAiseKOU6Wr2AF0w+mf4nQqgeM4ZZcTzB6VrY7vsAqjz0kqE8MzsQnXOPPbTAEb
jgmoTd8a996XLqgqBPkDbUFLQ5ATyp1zTASDGf/MvlNJonjSEPLDvrNdnV+ylkGo
xKzGaQnSbixf7F1W2//eLkKCET5KlqqgA5B3qWCHap5EOBD03C51QMF2vST/gDmR
GtzJ94CZLUVZ1DjXvHKHqVpGZdJ/0Zdtsb/uvbe2/6F/A0/OeDY0EYZMOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCf0cqVjWHcJDmNkQADfYnO7N/egMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvSl9SeXBXTllkd2tPWTJSQUFOOWljN3MzOTZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYFsMA0G
CSqGSIb3DQEBCwUAA4IBAQDGU1BcWyS+4+PiZJAemVypErEPIIr/ci43z6F51S4p
d4Wt3uUaKtx2D68hvJ+8t9jPqNZhI12NPRpyZdeFKpxzwcfG06ZA4D2mffQ7RuQA
P/Q297nqd18vB8bkPy5ZMlJY6RDyNtJFHtmi0N2mo5dKTboC/SvKwYIyX1vtdG7N
6EDg3+PrajpsZcLg+U26x+D+ZeoCD9NFk1qnk1BQ6I6nl/CrZyUsNZ/iEn78BF9N
z+v1J4a4T4Uwh0TGuw2aHcocR3Cgk2emSiVMWyVdyAJPLH0YOb8vDWJZ/yde5kYw
ejABPT0OJPWBOBPEsHaAi0L/nCWPtuNhMiciTfK4Lfwr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:34 2024 by rpki-client on console-fra.rpki-client.org