Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/Jr-km9-FEUDqsxNXHQQihU1B7sY.roa
File: Jr-km9-FEUDqsxNXHQQihU1B7sY.roa (raw, json)
Hash identifier: 7Joz7BWajKrSCZRL6GgAs485StvKUoSlgzDHjZ8eojs=
Subject key identifier: 26:BF:A4:9B:DF:85:11:40:EA:B3:13:57:1D:04:22:85:4D:41:EE:C6
Certificate issuer: /CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Certificate serial: 091B541D
Authority key identifier: A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/Jr-km9-FEUDqsxNXHQQihU1B7sY.roa
Signing time: Tue 22 Mar 2022 12:51:35 +0000
ROA not before: Tue 22 Mar 2022 12:51:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206184
IP address blocks: 45.131.32.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152785949 (0x91b541d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a811a2c9fc8de9679bb158581b10ceaee91ff791
Validity
Not Before: Mar 22 12:51:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=26bfa49bdf851140eab313571d0422854d41eec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:3a:7c:d2:d5:e4:31:18:d2:6e:34:83:f7:78:
c4:28:3b:83:4b:fa:ee:1c:02:3b:99:d1:f7:a5:e1:
34:29:d0:43:98:d6:bd:04:50:ec:95:db:70:0c:83:
be:7d:9f:cb:43:ab:bf:dc:ff:f6:bc:6d:94:e3:ed:
36:ce:7e:f8:e9:01:63:dc:79:ca:bd:1a:2f:15:6c:
3e:5a:21:71:28:0a:56:58:eb:4d:a7:17:09:ca:a9:
ed:7f:fd:af:7d:20:b6:c8:98:e0:40:ee:3d:d4:ae:
59:8a:d4:ea:85:89:8b:0b:fd:42:b1:f4:78:e9:01:
bf:ce:15:be:95:bd:47:0b:48:79:1f:9f:21:7c:a1:
b7:3f:cf:07:2e:63:61:88:ee:86:5b:d1:3a:61:08:
71:0f:48:88:44:8a:36:dd:ad:61:82:fb:46:ff:da:
f8:79:73:10:c2:f7:6b:d6:55:49:16:23:91:32:20:
bd:b4:79:d1:9f:b9:3c:c3:18:04:05:b2:8e:b7:92:
3e:d6:16:fb:e4:4d:68:af:6c:84:80:b0:99:ce:6f:
d4:70:f6:2f:58:2f:5c:ec:10:d8:03:3f:2e:5e:68:
00:0e:f3:11:d0:70:3a:bf:bb:16:7b:6c:95:71:38:
32:21:7f:6e:fc:f2:57:de:43:0e:05:d7:01:df:bf:
d7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:BF:A4:9B:DF:85:11:40:EA:B3:13:57:1D:04:22:85:4D:41:EE:C6
X509v3 Authority Key Identifier:
keyid:A8:11:A2:C9:FC:8D:E9:67:9B:B1:58:58:1B:10:CE:AE:E9:1F:F7:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBGiyfyN6WebsVhYGxDOrukf95E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/Jr-km9-FEUDqsxNXHQQihU1B7sY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/1decb3-1593-45db-af56-0cc4c0000858/1/qBGiyfyN6WebsVhYGxDOrukf95E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.32.0/24
Signature Algorithm: sha256WithRSAEncryption
00:66:69:d5:d1:aa:9a:2b:b9:71:a8:c1:54:80:16:85:b1:00:
d3:17:2c:23:71:17:08:9d:66:d1:40:c7:e5:15:26:83:17:f9:
36:d9:51:6d:21:23:98:0d:8d:02:5b:fd:44:e6:8c:7e:ff:71:
50:b9:f5:38:c9:37:a3:ce:41:5d:13:46:be:21:98:03:3d:f9:
01:38:af:86:07:f1:17:fd:d3:85:30:cf:a4:5b:a4:f2:88:7c:
6f:7c:71:f8:7e:5c:56:fe:d4:0e:04:f2:3f:38:1e:3a:3f:ba:
d8:4c:ef:14:6a:26:cd:11:f1:5e:1b:bb:03:2f:1c:c1:30:e2:
81:01:95:20:f0:58:e5:d1:cd:ff:3d:1f:b3:a4:43:d7:43:05:
29:8d:80:7c:4f:91:ec:f3:8a:61:04:32:a9:2b:67:ca:de:c5:
55:89:d2:5d:ce:79:4e:d6:cf:f5:b9:33:a3:65:b7:7c:c7:29:
a6:bc:48:ee:2c:1e:ff:be:57:ee:0c:34:de:e2:9a:29:07:44:
5f:8f:e1:eb:42:d2:f0:88:d7:81:ab:fc:99:ee:d2:f7:49:1a:
9b:c6:13:15:3a:a3:cc:17:d2:74:4c:d5:5a:7d:74:3d:ae:59:
90:c5:b2:59:11:26:30:12:34:55:9c:0c:fb:55:e2:fa:c9:22:
2e:51:91:e0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECRtUHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODExYTJjOWZjOGRlOTY3OWJiMTU4NTgxYjEwY2VhZWU5MWZmNzkxMB4XDTIyMDMy
MjEyNTEzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjZiZmE0OWJkZjg1
MTE0MGVhYjMxMzU3MWQwNDIyODU0ZDQxZWVjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPs6fNLV5DEY0m40g/d4xCg7g0v67hwCO5nR96XhNCnQQ5jW
vQRQ7JXbcAyDvn2fy0Orv9z/9rxtlOPtNs5++OkBY9x5yr0aLxVsPlohcSgKVljr
TacXCcqp7X/9r30gtsiY4EDuPdSuWYrU6oWJiwv9QrH0eOkBv84VvpW9RwtIeR+f
IXyhtz/PBy5jYYjuhlvROmEIcQ9IiESKNt2tYYL7Rv/a+HlzEML3a9ZVSRYjkTIg
vbR50Z+5PMMYBAWyjreSPtYW++RNaK9shICwmc5v1HD2L1gvXOwQ2AM/Ll5oAA7z
EdBwOr+7FntslXE4MiF/bvzyV95DDgXXAd+/1+0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQmv6Sb34URQOqzE1cdBCKFTUHuxjAfBgNVHSMEGDAWgBSoEaLJ/I3pZ5ux
WFgbEM6u6R/3kTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FCR2l5ZnlONldlYnNWaFlHeERPcnVrZjk1RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvMWRlY2IzLTE1OTMtNDVkYi1hZjU2LTBjYzRjMDAwMDg1OC8x
L0pyLWttOS1GRVVEcXN4TlhIUVFpaFUxQjdzWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
MWRlY2IzLTE1OTMtNDVkYi1hZjU2LTBjYzRjMDAwMDg1OC8xL3FCR2l5ZnlONldl
YnNWaFlHeERPcnVrZjk1RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2DIDANBgkqhkiG9w0BAQsFAAOC
AQEAAGZp1dGqmiu5cajBVIAWhbEA0xcsI3EXCJ1m0UDH5RUmgxf5NtlRbSEjmA2N
Alv9ROaMfv9xULn1OMk3o85BXRNGviGYAz35ATivhgfxF/3ThTDPpFuk8oh8b3xx
+H5cVv7UDgTyPzgeOj+62EzvFGomzRHxXhu7Ay8cwTDigQGVIPBY5dHN/z0fs6RD
10MFKY2AfE+R7POKYQQyqStnyt7FVYnSXc55TtbP9bkzo2W3fMcpprxI7iwe/75X
7gw03uKaKQdEX4/h60LS8IjXgav8me7S90kam8YTFTqjzBfSdEzVWn10Pa5ZkMWy
WREmMBI0VZwM+1Xi+skiLlGR4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:59 2024 by rpki-client on console-fra.rpki-client.org