Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/PJGH4ho7X6XMkVkHKa7vZtkxw10.roa
File: PJGH4ho7X6XMkVkHKa7vZtkxw10.roa (raw, json)
Hash identifier: YcHfaVUBjiZeDMKGtKxbMWbsExEG0fD1tSPLnA+gf0Q=
Subject key identifier: 3C:91:87:E2:1A:3B:5F:A5:CC:91:59:07:29:AE:EF:66:D9:31:C3:5D
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 053DEF71
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/PJGH4ho7X6XMkVkHKa7vZtkxw10.roa
Signing time: Fri 14 Jan 2022 10:26:45 +0000
ROA not before: Fri 14 Jan 2022 10:26:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 192.144.12.0/22 maxlen: 24
37.44.192.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87945073 (0x53def71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jan 14 10:26:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c9187e21a3b5fa5cc91590729aeef66d931c35d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:99:12:4d:03:f7:87:66:77:0b:a7:66:55:af:
df:96:96:ae:34:71:93:98:14:75:29:1b:9f:bd:03:
a6:e0:95:57:96:c4:b5:bd:d7:e6:29:0d:2c:92:43:
ee:80:ef:7e:0d:36:34:10:ab:a5:52:c3:a4:d0:ba:
ed:2e:a8:4f:3a:12:77:27:cd:00:2d:ab:da:21:bb:
d4:5e:9e:f5:b8:17:f0:d0:15:df:26:46:60:c8:ef:
49:94:22:5e:c1:12:3c:b9:66:85:b6:8d:da:b6:13:
5a:a1:37:9b:3d:1e:c6:02:74:de:9b:dd:6f:45:38:
02:77:c3:f1:c4:d1:c6:27:14:23:12:7b:7c:b4:35:
34:13:d9:8d:1f:a9:45:fa:d7:41:be:66:8e:ae:e2:
9f:6f:50:65:e6:03:07:b0:63:42:b0:f1:2b:a2:08:
5a:af:7e:09:80:a3:3d:57:55:fa:8c:f8:88:bf:da:
53:c0:0d:bc:00:72:5f:81:b8:cc:a1:63:68:32:b6:
07:62:a5:c4:10:0a:af:84:70:19:24:8e:0a:ca:78:
af:fb:5d:41:31:2f:99:a8:ce:d1:48:0e:93:dc:c0:
57:62:7c:08:f0:17:57:89:2d:f1:df:dc:1a:57:76:
26:d2:97:4e:72:9c:08:43:e0:87:27:dc:be:3c:e3:
d8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:91:87:E2:1A:3B:5F:A5:CC:91:59:07:29:AE:EF:66:D9:31:C3:5D
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/PJGH4ho7X6XMkVkHKa7vZtkxw10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.192.0/22
192.144.12.0/22
Signature Algorithm: sha256WithRSAEncryption
52:8a:c5:18:69:20:68:ee:c4:c2:e6:64:7a:cf:03:10:e4:d9:
0e:55:80:f3:79:47:6a:df:30:a0:ce:46:29:c2:33:57:84:07:
92:f4:ba:74:00:84:f2:c7:3d:0a:85:21:d7:81:f4:46:7f:5c:
8a:62:1a:1c:8e:88:aa:6d:c0:e5:ba:81:0e:a6:2a:f6:cb:62:
e6:77:7b:15:cb:23:df:64:49:b1:1f:e9:03:34:e6:bd:5b:5a:
94:9c:ce:d4:ea:3b:3e:f1:9b:45:f0:0f:d9:84:d0:c4:b8:b8:
b2:58:bd:fd:75:3d:25:bc:f2:b2:65:bd:98:d5:55:38:b1:83:
cc:45:8e:41:4b:f8:77:0c:67:26:e4:98:1a:34:a6:31:c6:9d:
b7:86:cb:90:85:15:8d:a0:0d:27:f9:16:3f:a5:22:81:b9:29:
56:f2:f3:35:3d:12:d2:ea:24:4c:e8:ab:7a:bd:7f:81:68:86:
d8:4a:98:68:2e:33:c1:29:58:b4:00:39:05:34:48:97:39:3b:
b8:2d:1a:d5:43:97:9e:0b:c9:e9:69:98:77:e6:6e:86:d8:16:
db:de:36:02:ed:6f:3e:5f:c7:a5:e2:ae:2d:2e:33:2a:65:58:
97:f9:39:99:bf:26:e9:cb:07:fe:13:9d:a9:a5:62:e2:12:fb:
ed:ca:07:2b
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBT3vcTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDIwZGRkMzk4ZGFjOGY2MmNjMTI1MjYzMjVmMTgyMWZiNzI0Zjc1MB4XDTIyMDEx
NDEwMjY0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2M5MTg3ZTIxYTNi
NWZhNWNjOTE1OTA3MjlhZWVmNjZkOTMxYzM1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJOZEk0D94dmdwunZlWv35aWrjRxk5gUdSkbn70DpuCVV5bE
tb3X5ikNLJJD7oDvfg02NBCrpVLDpNC67S6oTzoSdyfNAC2r2iG71F6e9bgX8NAV
3yZGYMjvSZQiXsESPLlmhbaN2rYTWqE3mz0exgJ03pvdb0U4AnfD8cTRxicUIxJ7
fLQ1NBPZjR+pRfrXQb5mjq7in29QZeYDB7BjQrDxK6IIWq9+CYCjPVdV+oz4iL/a
U8ANvAByX4G4zKFjaDK2B2KlxBAKr4RwGSSOCsp4r/tdQTEvmajO0UgOk9zAV2J8
CPAXV4kt8d/cGld2JtKXTnKcCEPghyfcvjzj2J0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQ8kYfiGjtfpcyRWQcpru9m2THDXTAfBgNVHSMEGDAWgBRtIN3TmNrI9izB
JSYyXxgh+3JPdTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JTRGQwNWpheVBZc3dTVW1NbDhZSWZ0eVQzVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvYTFhODhmLTFkZmYtNGVmZi04MjZiLTM2ZGU2NTcyMzJiZS8x
L1BKR0g0aG83WDZYTWtWa0hLYTd2WnRreHcxMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
YTFhODhmLTFkZmYtNGVmZi04MjZiLTM2ZGU2NTcyMzJiZS8xL2JTRGQwNWpheVBZ
c3dTVW1NbDhZSWZ0eVQzVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAiUswAMEAsCQDDANBgkqhkiG9w0B
AQsFAAOCAQEAUorFGGkgaO7EwuZkes8DEOTZDlWA83lHat8woM5GKcIzV4QHkvS6
dACE8sc9CoUh14H0Rn9cimIaHI6Iqm3A5bqBDqYq9sti5nd7Fcsj32RJsR/pAzTm
vVtalJzO1Oo7PvGbRfAP2YTQxLi4sli9/XU9JbzysmW9mNVVOLGDzEWOQUv4dwxn
JuSYGjSmMcadt4bLkIUVjaANJ/kWP6UigbkpVvLzNT0S0uokTOirer1/gWiG2EqY
aC4zwSlYtAA5BTRIlzk7uC0a1UOXngvJ6WmYd+ZuhtgW2942Au1vPl/HpeKuLS4z
KmVYl/k5mb8m6csH/hOdqaVi4hL77coHKw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org