Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/9_Y50vJRl4cLLAEsCAqn0RzknUk.roa
File: 9_Y50vJRl4cLLAEsCAqn0RzknUk.roa (raw, json)
Hash identifier: ayYbwaYeiHd1it5QXJ3j3yzpE0nJJOfiLKhcG0Tv50U=
Subject key identifier: F7:F6:39:D2:F2:51:97:87:0B:2C:01:2C:08:0A:A7:D1:1C:E4:9D:49
Certificate issuer: /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial: 04586919
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/9_Y50vJRl4cLLAEsCAqn0RzknUk.roa
Signing time: Tue 01 Mar 2022 06:45:03 +0000
ROA not before: Tue 01 Mar 2022 06:45:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209588
IP address blocks: 45.129.136.0/24 maxlen: 24
147.78.47.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72902937 (0x4586919)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Validity
Not Before: Mar 1 06:45:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7f639d2f25197870b2c012c080aa7d11ce49d49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3b:47:0c:15:8f:12:ee:7f:f0:b0:c9:7c:14:
75:e5:d4:3e:37:bc:2f:bf:b9:4a:96:1e:12:a1:b4:
7c:5f:f5:ed:49:01:b6:4e:fb:a8:e5:ce:90:05:3a:
d1:87:da:99:1e:12:56:6a:d5:5f:5d:db:48:ee:d5:
e1:2d:9d:b5:e5:31:53:64:99:73:65:d8:bc:05:d8:
79:34:c5:17:8c:08:c2:87:a7:51:74:6d:79:7e:d9:
35:b1:15:d1:14:1b:ed:8f:b3:d7:3b:94:d7:ef:a1:
43:e3:a8:ce:47:2b:7c:f2:b0:16:f7:7a:ae:e2:df:
b2:e1:c2:b4:4c:2f:14:e6:bb:93:86:f8:29:ea:97:
e8:91:75:f8:27:5f:fe:33:51:fd:74:2d:03:11:f9:
60:8f:fc:46:ab:21:f8:b9:4c:36:29:70:88:bf:f0:
d5:19:cc:d1:65:8f:cc:b7:96:43:d0:08:c3:55:2c:
26:80:cf:bc:3e:e1:ff:89:06:b1:dd:61:d4:67:91:
26:d0:06:f1:12:22:e0:47:7a:5c:60:a8:48:50:81:
d2:29:d1:ff:d2:a2:db:70:70:10:da:cd:a0:50:bf:
e9:4f:59:34:88:ab:ef:19:f7:f7:7f:15:c7:78:9f:
3a:06:ee:2a:bb:ec:54:c3:79:22:50:12:ea:59:d1:
1a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:F6:39:D2:F2:51:97:87:0B:2C:01:2C:08:0A:A7:D1:1C:E4:9D:49
X509v3 Authority Key Identifier:
keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/9_Y50vJRl4cLLAEsCAqn0RzknUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.136.0/24
147.78.47.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:96:1f:ab:a2:63:ff:db:15:52:97:a2:97:2c:f7:75:fa:aa:
c2:78:f0:95:16:b0:46:f8:9e:24:64:0c:ea:9a:82:94:b7:01:
67:6f:1f:e0:67:2b:e6:92:c2:40:a0:85:0e:11:c3:74:a8:e8:
4c:3d:a3:10:b6:94:83:c1:92:08:06:de:95:fd:19:15:3d:ee:
16:33:8a:76:06:c7:7d:20:04:f6:73:44:32:0d:41:41:9d:3f:
31:b4:2d:9a:46:d4:75:84:84:34:92:b0:e2:89:df:df:6f:4f:
59:01:ad:03:7f:18:7b:92:56:7f:04:0f:19:e8:1d:e4:f9:f4:
42:51:78:24:5a:da:47:81:cc:1e:13:3a:f4:1b:d8:eb:52:70:
f4:20:d4:cb:8a:f5:d0:17:d5:13:84:c2:80:4f:08:0b:ca:2f:
0a:d0:2d:f7:4b:78:83:25:cc:f5:d4:40:8d:a3:66:8c:ea:ad:
54:ab:b3:b1:59:83:11:fd:f0:af:dd:a4:e5:d6:b5:16:50:eb:
7f:85:29:7d:69:3d:3b:d3:98:cf:8a:2f:1f:41:92:b2:9f:eb:
6b:dd:58:ca:29:11:9e:68:c9:be:c7:22:c8:38:a8:38:dc:2c:
d3:b6:b0:fa:42:54:8a:f2:55:d5:8c:1f:b4:9a:f8:dd:64:22:
d8:99:4c:99
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBFhpGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NDU1ZDdmZWU0YTQ5OWVjYWYxMWQyZDNkYThlMzg5ZGUzMjM0MTJmMB4XDTIyMDMw
MTA2NDUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjdmNjM5ZDJmMjUx
OTc4NzBiMmMwMTJjMDgwYWE3ZDExY2U0OWQ0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK87RwwVjxLuf/CwyXwUdeXUPje8L7+5SpYeEqG0fF/17UkB
tk77qOXOkAU60YfamR4SVmrVX13bSO7V4S2dteUxU2SZc2XYvAXYeTTFF4wIwoen
UXRteX7ZNbEV0RQb7Y+z1zuU1++hQ+OozkcrfPKwFvd6ruLfsuHCtEwvFOa7k4b4
KeqX6JF1+Cdf/jNR/XQtAxH5YI/8Rqsh+LlMNilwiL/w1RnM0WWPzLeWQ9AIw1Us
JoDPvD7h/4kGsd1h1GeRJtAG8RIi4Ed6XGCoSFCB0inR/9Ki23BwENrNoFC/6U9Z
NIir7xn3938Vx3ifOgbuKrvsVMN5IlAS6lnRGsUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBT39jnS8lGXhwssASwICqfRHOSdSTAfBgNVHSMEGDAWgBQkVdf+5KSZ7K8R
0tPajjid4yNBLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pGWFhfdVNrbWV5dkVkTFQybzQ0bmVNalFTOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvM2ZmYjc2LTk5MzEtNDk0Mi05ZGExLTFlMDQ2NTUxM2I2My8x
LzlfWTUwdkpSbDRjTExBRXNDQXFuMFJ6a25Vay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
M2ZmYjc2LTk5MzEtNDk0Mi05ZGExLTFlMDQ2NTUxM2I2My8xL0pGWFhfdVNrbWV5
dkVkTFQybzQ0bmVNalFTOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC2BiAMEAJNOLzANBgkqhkiG9w0B
AQsFAAOCAQEAt5Yfq6Jj/9sVUpeilyz3dfqqwnjwlRawRvieJGQM6pqClLcBZ28f
4Gcr5pLCQKCFDhHDdKjoTD2jELaUg8GSCAbelf0ZFT3uFjOKdgbHfSAE9nNEMg1B
QZ0/MbQtmkbUdYSENJKw4onf329PWQGtA38Ye5JWfwQPGegd5Pn0QlF4JFraR4HM
HhM69BvY61Jw9CDUy4r10BfVE4TCgE8IC8ovCtAt90t4gyXM9dRAjaNmjOqtVKuz
sVmDEf3wr92k5da1FlDrf4UpfWk9O9OYz4ovH0GSsp/ra91YyikRnmjJvsciyDio
ONws07aw+kJUivJV1YwftJr43WQi2JlMmQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:27 2023 by rpki-client on console-ams.rpki-client.org