Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/jGaKf_Mzo4AOAKEOodRFWrJ6QPw.roa
File: jGaKf_Mzo4AOAKEOodRFWrJ6QPw.roa (raw, json)
Hash identifier: RnO1jDtgZ4V5dO/ofp2XuhwDXWD6aBUfEUU4qIUVs9o=
Subject key identifier: 8C:66:8A:7F:F3:33:A3:80:0E:00:A1:0E:A1:D4:45:5A:B2:7A:40:FC
Certificate issuer: /CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Certificate serial: 018A80F19C3CA729318E3197D4CDF721D626
Authority key identifier: 84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/jGaKf_Mzo4AOAKEOodRFWrJ6QPw.roa
Signing time: Sun 10 Sep 2023 21:13:52 +0000
ROA not before: Sun 10 Sep 2023 21:13:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9087
IP address blocks: 82.206.32.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:80:f1:9c:3c:a7:29:31:8e:31:97:d4:cd:f7:21:d6:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Validity
Not Before: Sep 10 21:13:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c668a7ff333a3800e00a10ea1d4455ab27a40fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:01:93:a4:9f:24:f7:8c:ad:2c:d0:8f:0f:1c:
4f:c1:44:50:45:1a:ee:5f:93:b7:29:00:f2:3f:ce:
4f:c9:36:b6:dd:47:c0:38:41:07:5a:1a:db:38:80:
db:4a:a9:d9:13:93:71:ea:03:37:82:3a:cb:ff:1c:
63:8d:c4:11:4a:03:bf:3f:73:78:f1:e7:fe:f9:9e:
b7:13:48:3f:a7:5e:86:de:62:41:8c:83:d5:70:bc:
17:f4:2a:0f:19:3e:59:6b:be:4a:c5:ae:c8:41:aa:
07:2c:a4:99:db:67:03:d4:a6:99:f8:58:a5:34:8a:
2f:05:19:2e:67:a5:99:ed:e1:cf:a0:19:6c:15:02:
8c:f7:31:da:ba:7a:dc:c8:6a:0c:38:06:71:e0:fa:
22:a6:02:61:08:4a:d2:b1:8a:e3:59:8e:c5:bd:8a:
cb:bf:9a:2f:f6:00:04:33:84:ef:b9:48:4f:79:63:
26:2b:f3:62:ac:ce:9d:b6:28:15:a0:cd:ca:06:29:
97:2e:21:46:da:59:ac:9d:64:26:d8:9d:41:0f:f7:
cc:1c:00:6a:76:00:4b:b1:37:7e:06:2d:9f:ac:71:
45:bd:11:fa:e5:fa:29:79:6a:87:7b:66:74:43:e6:
cd:0e:1a:44:bf:dc:d6:f7:c2:76:fe:3b:e9:f8:9f:
71:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:66:8A:7F:F3:33:A3:80:0E:00:A1:0E:A1:D4:45:5A:B2:7A:40:FC
X509v3 Authority Key Identifier:
keyid:84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/jGaKf_Mzo4AOAKEOodRFWrJ6QPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.32.0/21
Signature Algorithm: sha256WithRSAEncryption
5b:62:c6:d1:9c:36:d9:88:71:39:8c:ca:a9:10:a9:46:17:7e:
0f:ec:86:93:24:ff:98:fa:cd:3b:b1:46:28:ef:6f:97:7f:8f:
b4:23:b9:71:8e:45:7e:c6:74:fc:38:ac:ce:db:3b:0b:54:f2:
86:e7:16:7e:9e:4c:d8:17:7d:2a:e7:66:e2:9c:5d:a0:b9:33:
9f:ce:93:19:c8:1d:43:93:27:ed:b9:d0:d6:d7:3e:1c:89:81:
dd:86:ed:fd:c5:27:06:5e:a1:46:46:6d:70:8d:04:d1:ff:ec:
0e:a1:a1:f7:fc:9d:9d:85:49:04:f3:46:f4:5f:49:50:d6:36:
9b:b0:9c:36:ac:fa:67:e2:ee:06:76:04:b0:de:af:4c:3f:00:
da:84:a6:35:bc:97:22:53:1e:8d:44:c5:7d:02:92:36:90:c6:
39:7d:4c:ce:31:fd:a0:71:d2:7b:1f:64:ee:6d:b0:1f:d0:71:
92:8e:61:5e:b3:56:0f:45:9d:a0:bd:ed:26:a0:08:49:b2:da:
70:10:9c:d6:c0:a9:69:4e:b5:22:f2:c3:2c:54:44:e9:0c:15:
39:82:f9:7c:3f:77:cc:ed:14:9e:86:4c:84:4d:61:f4:73:f2:
06:1f:44:3e:a2:72:17:70:3e:b3:83:e6:a7:f3:bf:71:fa:50:
ab:26:a6:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqA8Zw8pykxjjGX1M33IdYmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDcwYWYwZDg5ZDc4NWJhMThiYTYxN2RjMDllM2Y3MmM1
OTk2ZjMwHhcNMjMwOTEwMjExMzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzY2OGE3ZmYzMzNhMzgwMGUwMGExMGVhMWQ0NDU1YWIyN2E0MGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAGTpJ8k94ytLNCPDxxPwURQRRru
X5O3KQDyP85PyTa23UfAOEEHWhrbOIDbSqnZE5Nx6gM3gjrL/xxjjcQRSgO/P3N4
8ef++Z63E0g/p16G3mJBjIPVcLwX9CoPGT5Za75Kxa7IQaoHLKSZ22cD1KaZ+Fil
NIovBRkuZ6WZ7eHPoBlsFQKM9zHaunrcyGoMOAZx4PoipgJhCErSsYrjWY7FvYrL
v5ov9gAEM4TvuUhPeWMmK/NirM6dtigVoM3KBimXLiFG2lmsnWQm2J1BD/fMHABq
dgBLsTd+Bi2frHFFvRH65fopeWqHe2Z0Q+bNDhpEv9zW98J2/jvp+J9x7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIxmin/zM6OADgChDqHURVqyekD8MB8GA1UdIwQY
MBaAFIRHCvDYnXhboYumF9wJ4/csWZbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDIt
ZTc2ZTNlMjkzZTAyLzEvakdhS2ZfTXpvNEFPQUtFT29kUkZXcko2UVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDItZTc2ZTNlMjkzZTAy
LzEvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUs4gMA0G
CSqGSIb3DQEBCwUAA4IBAQBbYsbRnDbZiHE5jMqpEKlGF34P7IaTJP+Y+s07sUYo
72+Xf4+0I7lxjkV+xnT8OKzO2zsLVPKG5xZ+nkzYF30q52binF2guTOfzpMZyB1D
kyftudDW1z4ciYHdhu39xScGXqFGRm1wjQTR/+wOoaH3/J2dhUkE80b0X0lQ1jab
sJw2rPpn4u4GdgSw3q9MPwDahKY1vJciUx6NRMV9ApI2kMY5fUzOMf2gcdJ7H2Tu
bbAf0HGSjmFes1YPRZ2gve0moAhJstpwEJzWwKlpTrUi8sMsVETpDBU5gvl8P3fM
7RSehkyETWH0c/IGH0Q+onIXcD6zg+an879x+lCrJqY6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:03 2024 by rpki-client on console-ams.rpki-client.org