Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/JuF-Q2NkYL2QyBnqDQyhvBFjGNM.roa
File: JuF-Q2NkYL2QyBnqDQyhvBFjGNM.roa (raw, json)
Hash identifier: WHSQ/Eq/u7C7zjl0bzeR5GbpFIlyRwEB1lN5Fec0NJs=
Subject key identifier: 26:E1:7E:43:63:64:60:BD:90:C8:19:EA:0D:0C:A1:BC:11:63:18:D3
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 018E9F1DA7D0F3DEE3F829D235BE43D2C53C
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/JuF-Q2NkYL2QyBnqDQyhvBFjGNM.roa
Signing time: Tue 02 Apr 2024 14:01:44 +0000
ROA not before: Tue 02 Apr 2024 14:01:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 45.151.29.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9f:1d:a7:d0:f3:de:e3:f8:29:d2:35:be:43:d2:c5:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Apr 2 14:01:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26e17e43636460bd90c819ea0d0ca1bc116318d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2f:d3:4e:13:12:5c:54:9d:f4:fd:59:bf:87:
d6:39:08:38:cd:12:3c:ab:76:3c:7b:04:dc:9d:37:
c2:e9:3a:a7:f1:16:8c:b8:9f:55:63:03:37:df:03:
c0:74:da:4f:23:3b:9d:cd:ee:a4:5b:1b:d8:3f:9f:
50:86:1a:8d:0e:da:92:73:90:90:ed:96:22:0b:fb:
12:ab:fc:8f:09:5e:2b:db:55:5a:b7:82:c6:e5:eb:
2c:8f:a1:a9:ef:2f:25:b2:a3:8f:62:1d:ab:0c:c0:
33:2d:d1:c3:28:84:62:73:8c:38:c5:51:da:55:ae:
c7:b3:08:e1:4b:7d:78:fc:59:fd:d3:12:c0:91:8b:
48:7c:ce:73:02:f1:02:03:e6:38:78:43:10:c5:2a:
53:08:23:0a:fa:1b:d9:48:3e:e1:f7:03:27:96:0f:
6b:66:f4:2d:b5:87:3f:69:f2:99:dd:66:2a:2d:e2:
9c:a3:bb:53:0f:b1:a7:ef:46:66:83:67:ca:39:3c:
8e:42:db:93:8c:08:1f:dd:a8:89:ac:8e:d5:15:2e:
0d:7b:b9:0e:7b:46:42:1c:d1:3c:f4:e6:ea:03:88:
b1:26:3d:c7:47:e9:46:b8:14:f2:d1:68:b0:65:ad:
f0:1c:7f:f1:f8:b8:6b:31:e1:63:c5:c0:9f:3a:55:
ce:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:E1:7E:43:63:64:60:BD:90:C8:19:EA:0D:0C:A1:BC:11:63:18:D3
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/JuF-Q2NkYL2QyBnqDQyhvBFjGNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.29.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:4a:9d:3a:ac:71:19:8f:f8:70:e8:3a:7d:6a:41:b6:45:b1:
b6:1b:6f:c9:55:34:02:49:a9:a1:a9:48:6b:90:54:92:8b:89:
4c:62:ba:3e:2f:e3:1c:5d:2e:33:e0:b2:82:e4:8a:f8:d6:b2:
25:76:3a:79:c2:1d:22:82:ce:c6:5d:d6:06:19:4a:65:0c:3e:
05:9c:67:67:37:f7:20:98:9b:57:bd:32:8e:12:94:61:8c:ca:
6b:0e:4c:8a:ef:cd:cd:64:be:ad:68:00:c0:c0:92:53:07:64:
be:71:9c:0d:6d:22:20:e3:23:ca:d1:68:2c:b6:fa:fe:6d:d3:
f8:8a:e6:5e:34:7c:92:ae:20:e5:72:71:94:f6:a3:e9:ec:58:
4d:23:c4:b0:0d:95:87:e9:4c:4d:de:4e:d4:55:29:7c:5e:94:
3f:48:a1:07:b7:bd:5f:e2:3c:1b:ee:8e:1c:ec:cc:a9:e6:f5:
75:5f:da:fc:0a:5b:ab:ff:c8:1f:87:df:53:8c:24:62:90:f1:
e3:ac:73:05:d0:b0:97:27:15:a1:1a:ec:e3:43:85:e3:5e:b9:
42:0f:db:02:e6:68:28:35:47:82:53:99:14:25:c7:f3:4d:e5:
82:0b:3b:09:74:f6:9c:c2:4d:e7:07:f5:d5:d0:e0:17:4b:11:
e0:99:4b:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6fHafQ897j+CnSNb5D0sU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQwNDAyMTQwMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmUxN2U0MzYzNjQ2MGJkOTBjODE5ZWEwZDBjYTFiYzExNjMxOGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqS/TThMSXFSd9P1Zv4fWOQg4zRI8
q3Y8ewTcnTfC6Tqn8RaMuJ9VYwM33wPAdNpPIzudze6kWxvYP59QhhqNDtqSc5CQ
7ZYiC/sSq/yPCV4r21Vat4LG5essj6Gp7y8lsqOPYh2rDMAzLdHDKIRic4w4xVHa
Va7HswjhS314/Fn90xLAkYtIfM5zAvECA+Y4eEMQxSpTCCMK+hvZSD7h9wMnlg9r
ZvQttYc/afKZ3WYqLeKco7tTD7Gn70Zmg2fKOTyOQtuTjAgf3aiJrI7VFS4Ne7kO
e0ZCHNE89ObqA4ixJj3HR+lGuBTy0WiwZa3wHH/x+LhrMeFjxcCfOlXOmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCbhfkNjZGC9kMgZ6g0MobwRYxjTMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvSnVGLVEyTmtZTDJReUJucURReWh2QkZqR05NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZcdMA0G
CSqGSIb3DQEBCwUAA4IBAQCPSp06rHEZj/hw6Dp9akG2RbG2G2/JVTQCSamhqUhr
kFSSi4lMYro+L+McXS4z4LKC5Ir41rIldjp5wh0igs7GXdYGGUplDD4FnGdnN/cg
mJtXvTKOEpRhjMprDkyK783NZL6taADAwJJTB2S+cZwNbSIg4yPK0Wgstvr+bdP4
iuZeNHySriDlcnGU9qPp7FhNI8SwDZWH6UxN3k7UVSl8XpQ/SKEHt71f4jwb7o4c
7Myp5vV1X9r8Clur/8gfh99TjCRikPHjrHMF0LCXJxWhGuzjQ4XjXrlCD9sC5mgo
NUeCU5kUJcfzTeWCCzsJdPacwk3nB/XV0OAXSxHgmUtw
-----END CERTIFICATE-----
Generated at Wed Aug 21 13:10:08 2024 by rpki-client on console-ams.rpki-client.org