Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/jap9uQW2YPkFsV14VtWpfr4kKNs.roa
File: jap9uQW2YPkFsV14VtWpfr4kKNs.roa (raw, json)
Hash identifier: t9/ZYcMf/4chZ7y1dhVPTY2Btisacv72o5e9dZZXD7A=
Subject key identifier: 8D:AA:7D:B9:05:B6:60:F9:05:B1:5D:78:56:D5:A9:7E:BE:24:28:DB
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 0181D86BFB4AB6D873ADAF6D79FFD901E7A3
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/jap9uQW2YPkFsV14VtWpfr4kKNs.roa
Signing time: Thu 07 Jul 2022 11:29:24 +0000
ROA not before: Thu 07 Jul 2022 11:29:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16157
IP address blocks: 89.44.76.0/24 maxlen: 24
93.119.195.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d8:6b:fb:4a:b6:d8:73:ad:af:6d:79:ff:d9:01:e7:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jul 7 11:29:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8daa7db905b660f905b15d7856d5a97ebe2428db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4f:ca:35:fe:a5:b1:b4:c7:94:87:c4:c5:de:
6b:15:0d:cf:c5:cb:ca:e5:5f:d1:15:61:21:a3:81:
9f:fe:e0:33:43:40:4c:26:51:5f:4a:e7:75:9c:53:
9f:d6:f3:bd:c6:48:32:ea:42:a6:69:fe:a1:a1:5b:
2e:69:46:86:ad:d1:c9:35:a4:98:7f:66:f5:54:42:
5e:d3:00:c1:ca:56:c1:4d:23:7a:89:60:53:89:f1:
c0:33:2d:2b:46:17:6b:02:60:a0:89:6e:61:3c:3d:
14:db:42:bd:5c:10:71:5d:6d:4c:49:e4:b0:dc:ce:
7e:f2:a3:e3:f9:2b:35:6c:af:ad:ea:9b:19:52:db:
85:ca:db:76:1f:d3:19:78:a8:b9:76:6b:ac:9c:7e:
0e:15:8b:22:fb:cf:5b:a9:8a:19:9d:9e:d8:98:a4:
c6:f6:15:5d:d3:39:68:41:ec:0b:94:70:3f:34:72:
a9:c8:c5:55:c6:52:54:e0:bc:d4:26:46:83:c2:91:
87:cd:45:b3:0a:cf:d0:70:c7:23:73:a0:06:ca:1f:
81:0c:c5:92:db:f2:db:47:59:1a:a1:ea:55:be:37:
1c:5b:06:d5:dd:5e:99:a5:ee:c6:d5:2d:cc:d6:bc:
6a:b1:9f:f8:12:46:73:76:5d:a3:e2:ea:8a:de:34:
a1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:AA:7D:B9:05:B6:60:F9:05:B1:5D:78:56:D5:A9:7E:BE:24:28:DB
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/jap9uQW2YPkFsV14VtWpfr4kKNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.76.0/24
93.119.195.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:53:41:d6:7a:28:cf:16:d6:54:ea:c9:91:ff:78:03:ef:97:
3b:c0:10:7e:92:d6:ca:23:a1:00:b7:98:9f:79:08:b1:da:ee:
02:76:7c:7f:ff:e7:98:51:48:dc:d8:ef:e2:0d:27:5b:03:6c:
6b:73:d6:1d:6a:ad:b7:6c:70:5a:45:27:c4:6f:c7:de:42:50:
94:6d:88:05:94:e4:ad:58:b5:a2:5e:41:e8:5a:8c:b2:37:88:
1e:2c:93:b3:43:68:1b:bf:b6:b2:3f:38:28:c6:11:7a:9f:e0:
96:ac:65:bf:03:97:3a:6d:48:b5:e7:86:99:1a:db:69:18:ae:
17:9c:99:35:4c:82:8b:66:fe:03:44:1a:da:66:b6:6e:42:09:
d4:10:70:58:38:9b:63:c4:81:d9:51:6b:93:60:57:88:43:5b:
b4:0d:24:9c:a9:d4:d3:b6:46:97:37:c8:b1:63:9e:eb:14:f9:
62:53:b3:7b:63:a3:d8:ca:e7:a2:50:53:97:19:bf:44:7c:bb:
01:11:b1:c8:07:13:dd:69:f4:e3:89:33:c7:09:64:8f:d6:a7:
98:8d:ad:85:10:fc:8a:b9:3f:5a:f1:83:e2:fc:f1:1e:7e:6b:
38:c8:2f:82:f5:c9:ea:16:3c:ff:d3:64:7b:05:09:43:3f:02:
72:2e:9d:55
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYHYa/tKtthzra9tef/ZAeejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjIwNzA3MTEyOTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGFhN2RiOTA1YjY2MGY5MDViMTVkNzg1NmQ1YTk3ZWJlMjQyOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2k/KNf6lsbTHlIfExd5rFQ3PxcvK
5V/RFWEho4Gf/uAzQ0BMJlFfSud1nFOf1vO9xkgy6kKmaf6hoVsuaUaGrdHJNaSY
f2b1VEJe0wDBylbBTSN6iWBTifHAMy0rRhdrAmCgiW5hPD0U20K9XBBxXW1MSeSw
3M5+8qPj+Ss1bK+t6psZUtuFytt2H9MZeKi5dmusnH4OFYsi+89bqYoZnZ7YmKTG
9hVd0zloQewLlHA/NHKpyMVVxlJU4LzUJkaDwpGHzUWzCs/QcMcjc6AGyh+BDMWS
2/LbR1kaoepVvjccWwbV3V6Zpe7G1S3M1rxqsZ/4EkZzdl2j4uqK3jShYwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFI2qfbkFtmD5BbFdeFbVqX6+JCjbMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL2phcDl1UVcyWVBrRnNWMTRWdFdwZnI0a0tOcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABZLEwD
BABdd8MwDQYJKoZIhvcNAQELBQADggEBAG5TQdZ6KM8W1lTqyZH/eAPvlzvAEH6S
1sojoQC3mJ95CLHa7gJ2fH//55hRSNzY7+INJ1sDbGtz1h1qrbdscFpFJ8Rvx95C
UJRtiAWU5K1YtaJeQehajLI3iB4sk7NDaBu/trI/OCjGEXqf4JasZb8DlzptSLXn
hpka22kYrhecmTVMgotm/gNEGtpmtm5CCdQQcFg4m2PEgdlRa5NgV4hDW7QNJJyp
1NO2Rpc3yLFjnusU+WJTs3tjo9jK56JQU5cZv0R8uwERscgHE91p9OOJM8cJZI/W
p5iNrYUQ/Iq5P1rxg+L88R5+azjIL4L1yeoWPP/TZHsFCUM/AnIunVU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:42 2024 by rpki-client on console-fra.rpki-client.org