Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Jq-hcKielQoZrUP4tJ7VXOl1ocQ.roa
File: Jq-hcKielQoZrUP4tJ7VXOl1ocQ.roa (raw, json)
Hash identifier: fGu7YsK16aF/52CLoQUlelN1Y/2Z4H9cS5hf6b7r7Ak=
Subject key identifier: 26:AF:A1:70:A8:9E:95:0A:19:AD:43:F8:B4:9E:D5:5C:E9:75:A1:C4
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01832751ED48EBAE02AD30DF2458299EAAEF
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Jq-hcKielQoZrUP4tJ7VXOl1ocQ.roa
Signing time: Sat 10 Sep 2022 12:13:44 +0000
ROA not before: Sat 10 Sep 2022 12:13:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.220.236.0/22 maxlen: 24
185.234.144.0/22 maxlen: 24
91.132.59.0/24 maxlen: 24
193.36.85.0/24 maxlen: 24
185.129.108.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:27:51:ed:48:eb:ae:02:ad:30:df:24:58:29:9e:aa:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Sep 10 12:13:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=26afa170a89e950a19ad43f8b49ed55ce975a1c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:82:02:2f:9c:13:c5:2c:46:d0:55:e7:67:c9:
59:d1:e0:d5:98:0c:b0:5b:57:c0:3e:a6:2b:ba:c7:
b4:85:a8:89:ed:85:2e:c8:b6:90:da:71:2e:fa:ae:
7d:5f:8c:95:60:06:94:95:84:3c:ab:a2:b8:c1:03:
7d:f5:9b:03:69:ac:a7:23:25:b4:6d:53:0e:e3:36:
ce:0f:30:16:ca:8b:81:9f:b8:fc:db:ae:69:e4:e7:
30:6f:b0:6d:c2:8e:be:d4:f7:96:d6:09:b3:4f:d1:
fc:fa:a9:5f:60:50:04:31:9e:e7:aa:ee:19:e6:ca:
f6:34:3f:ab:53:0a:ef:09:b1:18:7b:e5:4c:00:4c:
0f:95:27:1c:8f:b7:03:4c:cc:f3:8a:42:b5:32:47:
5a:02:e9:6f:fe:7f:0a:a6:29:dc:84:22:af:a1:be:
a8:24:18:2f:a9:2c:86:23:13:0f:37:3f:c6:0b:54:
02:25:30:b4:41:d4:f5:3f:1f:a1:6d:be:51:55:1c:
d0:fd:d9:9d:78:e8:e7:8b:9a:61:6e:77:2f:90:f7:
fa:bc:1f:7a:b5:59:2e:2b:d4:ab:34:b0:1f:88:b9:
79:0e:6a:12:cc:cf:10:70:77:6a:27:74:19:a3:f5:
7d:0e:1f:38:8b:43:f8:31:04:56:83:08:e2:63:4e:
f1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:AF:A1:70:A8:9E:95:0A:19:AD:43:F8:B4:9E:D5:5C:E9:75:A1:C4
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Jq-hcKielQoZrUP4tJ7VXOl1ocQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.59.0/24
185.129.108.0/23
185.220.236.0/22
185.234.144.0/22
193.36.85.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:82:18:89:94:88:6b:bb:22:c5:dd:58:79:54:6f:86:02:ed:
8c:5d:12:0f:b6:b1:b0:41:e9:16:1f:74:55:54:c0:3e:e3:8a:
4c:9a:e0:20:20:39:1d:1c:02:33:e9:57:0c:da:b6:30:28:54:
e2:9c:5c:0d:4e:ab:19:62:42:16:a1:49:36:48:c9:fd:ae:6b:
20:96:46:49:67:13:16:fb:71:06:e6:2f:2e:ce:86:e9:83:fa:
67:d7:0f:d0:03:41:e7:56:8b:a1:d7:fa:d9:51:cd:2e:ab:63:
61:5b:a9:02:02:4e:5c:0f:f9:82:d7:b5:15:e7:36:d7:90:8f:
2a:ba:ba:2a:80:0b:79:f4:1c:96:d0:e9:4c:3e:31:03:72:ac:
9d:3d:b9:f0:f4:d4:33:bf:bc:78:fb:87:4a:ca:db:65:19:64:
ef:e0:08:bb:9a:be:df:4c:52:bd:81:e5:81:54:80:14:db:56:
eb:26:e6:30:8d:ac:e0:9f:c9:cf:14:69:ca:aa:9d:a6:5c:6e:
e2:1c:73:a2:0d:f0:5f:91:ef:82:10:3f:04:72:50:c3:60:91:
34:11:1e:7a:2f:4a:15:59:e2:d5:e5:15:5b:92:b6:48:d0:bb:
5f:d7:a5:fd:7b:7d:3d:fd:22:67:cb:2b:dd:59:e4:cd:72:9b:
14:70:bb:69
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYMnUe1I664CrTDfJFgpnqrvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjIwOTEwMTIxMzQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmFmYTE3MGE4OWU5NTBhMTlhZDQzZjhiNDllZDU1Y2U5NzVhMWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4ICL5wTxSxG0FXnZ8lZ0eDVmAyw
W1fAPqYruse0haiJ7YUuyLaQ2nEu+q59X4yVYAaUlYQ8q6K4wQN99ZsDaaynIyW0
bVMO4zbODzAWyouBn7j8265p5Ocwb7Btwo6+1PeW1gmzT9H8+qlfYFAEMZ7nqu4Z
5sr2ND+rUwrvCbEYe+VMAEwPlSccj7cDTMzzikK1MkdaAulv/n8KpinchCKvob6o
JBgvqSyGIxMPNz/GC1QCJTC0QdT1Px+hbb5RVRzQ/dmdeOjni5phbncvkPf6vB96
tVkuK9SrNLAfiLl5DmoSzM8QcHdqJ3QZo/V9Dh84i0P4MQRWgwjiY07xJQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCavoXConpUKGa1D+LSe1VzpdaHEMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvSnEtaGNLaWVsUW9aclVQNHRKN1ZYT2wxb2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAW4Q7AwQB
uYFsAwQCudzsAwQCueqQAwQAwSRVMA0GCSqGSIb3DQEBCwUAA4IBAQAOghiJlIhr
uyLF3Vh5VG+GAu2MXRIPtrGwQekWH3RVVMA+44pMmuAgIDkdHAIz6VcM2rYwKFTi
nFwNTqsZYkIWoUk2SMn9rmsglkZJZxMW+3EG5i8uzobpg/pn1w/QA0HnVouh1/rZ
Uc0uq2NhW6kCAk5cD/mC17UV5zbXkI8quroqgAt59ByW0OlMPjEDcqydPbnw9NQz
v7x4+4dKyttlGWTv4Ai7mr7fTFK9geWBVIAU21brJuYwjazgn8nPFGnKqp2mXG7i
HHOiDfBfke+CED8EclDDYJE0ER56L0oVWeLV5RVbkrZI0Ltf16X9e309/SJnyyvd
WeTNcpsUcLtp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:15 2024 by rpki-client on console-ams.rpki-client.org