Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/JxiFS0-1kaT8ytla8ktoRmFgc5w.roa
File: JxiFS0-1kaT8ytla8ktoRmFgc5w.roa (raw, json)
Hash identifier: H5qFmQRShLgtTTR0xW7zw+bGDsLjg9C/taxGmyfHfNo=
Subject key identifier: 27:18:85:4B:4F:B5:91:A4:FC:CA:D9:5A:F2:4B:68:46:61:60:73:9C
Certificate issuer: /CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Certificate serial: 018E3243C343200896A42A7A17881B5447AF
Authority key identifier: C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/JxiFS0-1kaT8ytla8ktoRmFgc5w.roa
Signing time: Tue 12 Mar 2024 10:44:45 +0000
ROA not before: Tue 12 Mar 2024 10:44:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 212.18.120.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c3:43:20:08:96:a4:2a:7a:17:88:1b:54:47:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3abdcc49f7d9033b52904679f3c9b783d8c1358
Validity
Not Before: Mar 12 10:44:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2718854b4fb591a4fccad95af24b68466160739c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:57:2f:cb:df:0f:ee:f0:39:90:d6:8f:0a:7f:
ae:70:73:77:02:da:d6:67:1c:1c:40:db:c4:22:dd:
45:63:1b:b7:43:5b:3a:7f:b4:2b:5e:37:db:55:35:
8d:0e:dd:98:5a:4b:e3:c7:a8:b2:5f:63:79:23:8a:
13:22:43:28:05:5e:c8:5b:f8:73:02:48:1f:43:27:
6a:aa:9a:0f:e1:2e:a5:29:ae:7a:00:74:3e:15:24:
29:ef:ed:26:09:99:5a:7d:5f:3e:17:12:70:cc:5b:
9b:d7:94:ce:b1:64:5d:bf:91:c7:3c:24:56:33:83:
69:99:ee:65:a5:da:f2:7c:28:f7:a9:da:ff:26:fb:
42:6f:07:13:79:14:53:dd:eb:3f:29:9f:bf:aa:ec:
f0:40:e0:0c:ec:cd:b8:5f:a7:15:ff:4b:3d:ae:9c:
4d:fa:58:51:60:9d:4a:ae:de:0a:c0:cc:9c:cf:84:
f6:c8:94:68:f0:14:01:38:86:0a:f9:86:ea:a3:e3:
68:bb:92:57:f5:6f:80:41:68:c2:21:ca:d1:45:91:
35:8f:f2:86:13:09:da:ba:e2:e6:94:58:33:99:a2:
8a:bf:3e:5e:43:54:80:9a:fc:d0:f5:8b:81:69:cb:
42:ff:0e:c2:3a:84:58:12:9b:b7:a3:e3:b0:c0:b8:
44:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:18:85:4B:4F:B5:91:A4:FC:CA:D9:5A:F2:4B:68:46:61:60:73:9C
X509v3 Authority Key Identifier:
keyid:C3:AB:DC:C4:9F:7D:90:33:B5:29:04:67:9F:3C:9B:78:3D:8C:13:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6vcxJ99kDO1KQRnnzybeD2ME1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/JxiFS0-1kaT8ytla8ktoRmFgc5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/672883-feb4-414f-9d00-4d9127fba3ad/1/w6vcxJ99kDO1KQRnnzybeD2ME1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.18.120.0/24
Signature Algorithm: sha256WithRSAEncryption
13:65:95:74:96:b9:88:bb:a7:9e:6b:77:79:d2:27:53:e8:93:
15:f2:5f:56:35:59:a5:c6:94:3a:16:c1:29:25:3f:f4:c4:a1:
4b:af:a6:70:6b:6b:d0:59:9c:d0:4b:ab:a3:aa:c8:c3:2a:9c:
f3:01:5e:16:03:2f:b7:95:b3:f5:b2:d1:dc:15:a3:ae:73:c2:
ff:ed:1c:52:6a:f8:26:ac:11:2f:a9:84:af:e1:f7:72:15:fb:
19:2d:d3:93:23:d3:e1:dc:ec:2e:40:7c:4c:da:79:b5:85:9e:
5e:fb:38:4f:24:9c:e9:45:61:db:8c:cc:ed:8d:42:df:a9:c7:
a1:20:69:da:3b:54:ad:6a:b7:30:e3:9e:a1:ed:03:5d:2f:f3:
a3:0e:1d:a5:86:1b:9e:cf:43:a4:80:53:cd:c2:87:03:b6:72:
e9:0c:05:1e:39:2e:c2:c7:78:2e:17:9a:04:e8:04:e1:54:9f:
f1:03:18:13:8e:8b:1c:12:4a:f3:4a:ac:52:34:e9:2a:52:47:
e2:b4:41:5e:b1:bb:69:6d:8b:b9:07:c4:ab:03:01:df:ee:f5:
c4:64:16:05:0e:6d:41:16:a7:5f:87:e4:70:d7:72:81:c3:da:
bc:20:c8:84:98:61:2c:84:89:0a:c6:b3:bd:52:3f:0d:34:20:
3b:22:6c:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4yQ8NDIAiWpCp6F4gbVEevMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYWJkY2M0OWY3ZDkwMzNiNTI5MDQ2NzlmM2M5Yjc4M2Q4
YzEzNTgwHhcNMjQwMzEyMTA0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzE4ODU0YjRmYjU5MWE0ZmNjYWQ5NWFmMjRiNjg0NjYxNjA3MzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFcvy98P7vA5kNaPCn+ucHN3AtrW
ZxwcQNvEIt1FYxu3Q1s6f7QrXjfbVTWNDt2YWkvjx6iyX2N5I4oTIkMoBV7IW/hz
AkgfQydqqpoP4S6lKa56AHQ+FSQp7+0mCZlafV8+FxJwzFub15TOsWRdv5HHPCRW
M4Npme5lpdryfCj3qdr/JvtCbwcTeRRT3es/KZ+/quzwQOAM7M24X6cV/0s9rpxN
+lhRYJ1Krt4KwMycz4T2yJRo8BQBOIYK+Ybqo+Nou5JX9W+AQWjCIcrRRZE1j/KG
EwnauuLmlFgzmaKKvz5eQ1SAmvzQ9YuBactC/w7COoRYEpu3o+OwwLhE2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCcYhUtPtZGk/MrZWvJLaEZhYHOcMB8GA1UdIwQY
MBaAFMOr3MSffZAztSkEZ588m3g9jBNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAt
NGQ5MTI3ZmJhM2FkLzEvSnhpRlMwLTFrYVQ4eXRsYThrdG9SbUZnYzV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82NzI4ODMtZmViNC00MTRmLTlkMDAtNGQ5MTI3ZmJhM2Fk
LzEvdzZ2Y3hKOTlrRE8xS1FSbm56eWJlRDJNRTFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BJ4MA0G
CSqGSIb3DQEBCwUAA4IBAQATZZV0lrmIu6eea3d50idT6JMV8l9WNVmlxpQ6FsEp
JT/0xKFLr6Zwa2vQWZzQS6ujqsjDKpzzAV4WAy+3lbP1stHcFaOuc8L/7RxSavgm
rBEvqYSv4fdyFfsZLdOTI9Ph3OwuQHxM2nm1hZ5e+zhPJJzpRWHbjMztjULfqceh
IGnaO1Starcw456h7QNdL/OjDh2lhhuez0OkgFPNwocDtnLpDAUeOS7Cx3guF5oE
6AThVJ/xAxgTjoscEkrzSqxSNOkqUkfitEFesbtpbYu5B8SrAwHf7vXEZBYFDm1B
Fqdfh+Rw13KBw9q8IMiEmGEshIkKxrO9Uj8NNCA7Imz+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:35 2024 by rpki-client on console-ams.rpki-client.org