Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jmr_3H_qIBI2Gcrc-ZD1WdH4uS0.roa
File: jmr_3H_qIBI2Gcrc-ZD1WdH4uS0.roa (raw, json)
Hash identifier: 7pHj70i/+dK6s/AVE5SWkfUPnRPC6oprpi6+E21LAD4=
Subject key identifier: 8E:6A:FF:DC:7F:EA:20:12:36:19:CA:DC:F9:90:F5:59:D1:F8:B9:2D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0193DD9A1A920FA4F4FBD3E411ACF4F5E4EC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jmr_3H_qIBI2Gcrc-ZD1WdH4uS0.roa
Signing time: Thu 19 Dec 2024 06:28:04 +0000
ROA not before: Thu 19 Dec 2024 06:28:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215224
IP address blocks: 193.124.227.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.135.46.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:dd:9a:1a:92:0f:a4:f4:fb:d3:e4:11:ac:f4:f5:e4:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 19 06:28:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e6affdc7fea20123619cadcf990f559d1f8b92d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e9:a5:fd:47:85:fb:ce:85:3a:98:04:23:07:
7b:7d:22:43:9d:e8:f7:6f:64:87:12:02:4c:28:8c:
86:08:30:cd:07:80:4e:89:bf:f0:4b:96:ad:3b:96:
ca:a9:3d:f3:7f:8e:4e:0d:66:21:c6:ab:4e:cf:e7:
0d:17:51:13:a8:36:76:78:f2:6d:ef:07:3d:f4:38:
f2:d3:f1:58:a4:e5:02:e9:6f:3f:5f:56:7e:70:c6:
61:66:55:bb:20:32:b9:6d:43:cc:31:71:a7:b3:a7:
6e:ee:fc:1f:ec:5a:c7:29:85:07:1c:9d:c1:76:c2:
74:34:79:8e:c8:16:ac:4e:37:57:d1:e2:f2:26:42:
ab:40:b6:47:12:e9:b4:c1:9b:9d:43:ef:29:ee:98:
19:97:7a:c4:82:3e:f4:d1:bf:cc:2c:20:ac:5e:37:
d7:d8:c2:95:7d:1c:0c:01:51:20:00:cb:b7:68:99:
0d:bc:48:25:98:1d:a5:49:7e:f2:48:2f:fe:dc:18:
d3:98:df:2a:f8:d4:fc:ba:26:d8:a2:d7:d9:9e:fe:
b8:a9:5c:99:aa:a0:a8:15:5f:4a:88:db:24:7c:a7:
f5:9e:41:43:d9:c3:ea:5e:7e:f4:d3:ac:39:8a:c5:
86:c0:d4:46:36:71:0a:a2:2d:1b:cb:13:5a:9b:b2:
8e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:6A:FF:DC:7F:EA:20:12:36:19:CA:DC:F9:90:F5:59:D1:F8:B9:2D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jmr_3H_qIBI2Gcrc-ZD1WdH4uS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.227.0/24
194.87.53.0/24
194.135.46.0/24
195.133.55.0/24
195.133.59.0/24
Signature Algorithm: sha256WithRSAEncryption
99:9a:5a:3e:8e:ca:9c:ce:b0:f1:9f:c0:05:9d:73:fd:bf:1e:
69:3d:5f:a3:37:4e:de:cb:b3:13:1b:09:3d:27:f2:60:b3:02:
e3:c7:fc:6f:65:2b:26:38:2c:1e:b1:d0:b9:bd:16:72:a7:28:
aa:9d:2b:5e:90:7d:23:63:19:1d:83:01:3c:a0:e6:6a:5e:d7:
5b:0e:7b:91:91:84:20:4e:62:7d:75:ac:c2:45:ef:af:88:e4:
bc:8b:dd:49:5a:42:40:4b:af:09:c8:cd:38:ba:5a:f4:e8:5c:
74:74:5b:1c:a5:7b:60:d5:9b:16:dc:83:c6:76:db:ce:3a:d4:
39:02:06:1a:82:e0:58:1a:59:c4:fd:84:4d:05:dd:55:10:cc:
be:f6:b7:99:40:b8:d8:c9:2c:31:1b:49:6a:df:b4:b9:34:11:
47:13:f9:46:79:2f:2b:51:36:52:68:71:5a:49:38:ec:b9:d1:
f4:d8:d6:0e:2e:06:4f:52:b1:f5:18:bb:35:71:f2:51:a6:98:
39:b5:c7:2b:74:01:94:c5:a9:15:f0:98:3c:1f:03:5c:f3:9f:
61:08:f2:1c:72:6e:dd:79:79:de:68:7a:b1:fc:74:df:c8:94:
89:5a:5d:d3:54:7d:28:d4:40:ee:4f:e6:82:b9:e4:47:a4:f0:
71:53:73:a0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZPdmhqSD6T0+9PkEaz09eTsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMjE5MDYyODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTZhZmZkYzdmZWEyMDEyMzYxOWNhZGNmOTkwZjU1OWQxZjhiOTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+ml/UeF+86FOpgEIwd7fSJDnej3
b2SHEgJMKIyGCDDNB4BOib/wS5atO5bKqT3zf45ODWYhxqtOz+cNF1ETqDZ2ePJt
7wc99Djy0/FYpOUC6W8/X1Z+cMZhZlW7IDK5bUPMMXGns6du7vwf7FrHKYUHHJ3B
dsJ0NHmOyBasTjdX0eLyJkKrQLZHEum0wZudQ+8p7pgZl3rEgj700b/MLCCsXjfX
2MKVfRwMAVEgAMu3aJkNvEglmB2lSX7ySC/+3BjTmN8q+NT8uibYotfZnv64qVyZ
qqCoFV9KiNskfKf1nkFD2cPqXn7006w5isWGwNRGNnEKoi0byxNam7KOJQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFI5q/9x/6iASNhnK3PmQ9VnR+LktMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvam1yXzNIX3FJQkkyR2NyYy1aRDFXZEg0dVMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXzjAwQA
wlc1AwQAwocuAwQAw4U3AwQAw4U7MA0GCSqGSIb3DQEBCwUAA4IBAQCZmlo+jsqc
zrDxn8AFnXP9vx5pPV+jN07ey7MTGwk9J/JgswLjx/xvZSsmOCwesdC5vRZypyiq
nStekH0jYxkdgwE8oOZqXtdbDnuRkYQgTmJ9dazCRe+viOS8i91JWkJAS68JyM04
ulr06Fx0dFscpXtg1ZsW3IPGdtvOOtQ5AgYaguBYGlnE/YRNBd1VEMy+9reZQLjY
ySwxG0lq37S5NBFHE/lGeS8rUTZSaHFaSTjsudH02NYOLgZPUrH1GLs1cfJRppg5
tccrdAGUxakV8Jg8HwNc859hCPIccm7deXneaHqx/HTfyJSJWl3TVH0o1EDuT+aC
ueRHpPBxU3Og
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:20:49 2025 by rpki-client