Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/J_pv41AjaAxrqxV5M-yq6goWdF8.roa
File: J_pv41AjaAxrqxV5M-yq6goWdF8.roa (raw, json)
Hash identifier: BUsXBQoJLv6gD7ktwwwqNDOTubq9MDvhf5CKRlU9w9c=
Subject key identifier: 27:FA:6F:E3:50:23:68:0C:6B:AB:15:79:33:EC:AA:EA:0A:16:74:5F
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 02565232
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/J_pv41AjaAxrqxV5M-yq6goWdF8.roa
Signing time: Sat 01 Jan 2022 11:01:39 +0000
ROA not before: Sat 01 Jan 2022 11:01:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60557
IP address blocks: 176.119.215.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39211570 (0x2565232)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 1 11:01:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=27fa6fe35023680c6bab157933ecaaea0a16745f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a5:c6:9e:38:40:94:77:fe:d3:e3:8f:24:0c:
14:dc:6f:00:b8:f9:c7:05:a5:f3:17:67:56:1f:a8:
85:70:f0:a5:1c:dc:37:ba:e9:a4:b6:8f:6d:50:1a:
28:2d:52:95:50:07:f0:08:df:5f:91:7d:c1:0d:c2:
e6:6b:f0:e2:72:fc:c0:64:24:ee:69:ed:09:cd:34:
9a:d9:97:4a:e8:6a:23:61:1c:86:c1:6a:b5:2a:e3:
a8:7d:fd:d9:e3:e6:8d:df:84:d6:c9:aa:9d:5c:bc:
0c:6b:44:8a:3b:d3:23:2d:fb:9d:eb:d6:79:c6:c0:
02:f5:1e:c8:de:a0:e3:a1:8f:4a:09:a6:57:84:75:
33:28:00:38:0b:e4:c5:70:d9:a4:63:eb:33:9c:7a:
35:50:12:a5:e3:a2:84:a9:a6:f9:36:b1:25:1c:cc:
54:53:a4:cd:e4:7a:a8:90:80:a3:c5:b2:5a:da:02:
c6:ac:19:c8:18:10:d5:d2:3b:2c:c6:c8:1d:6c:e2:
b5:9f:be:29:e7:44:40:41:6a:40:2a:13:ec:e6:a0:
c3:61:65:fb:60:d8:98:63:7d:13:b8:8c:2f:0c:81:
db:90:b6:3e:5f:96:b4:93:f0:79:14:90:10:e8:58:
04:2c:98:03:ee:d6:dc:a7:9f:a9:86:a9:44:5b:25:
07:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:FA:6F:E3:50:23:68:0C:6B:AB:15:79:33:EC:AA:EA:0A:16:74:5F
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/J_pv41AjaAxrqxV5M-yq6goWdF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.215.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:de:57:18:4b:c1:8c:9e:bc:3c:0f:94:fd:7e:5e:10:17:03:
88:14:87:0b:8c:90:52:e2:52:06:ec:b9:c3:d3:37:6b:d5:21:
a9:15:95:aa:71:de:77:b9:d9:f4:45:97:05:b3:52:62:e9:e7:
da:7f:c0:cb:b5:e7:f0:94:e9:9e:c9:3a:7d:8a:03:fe:4b:f6:
1b:99:d5:64:11:03:12:b3:36:7d:2d:df:29:8c:65:fc:c0:7b:
5b:b0:ce:79:95:14:72:2b:73:d2:e4:37:6b:17:7d:b4:b0:6c:
ae:49:70:e3:7c:87:3e:2a:c0:6f:26:9d:fa:85:22:e1:15:59:
84:4d:1b:77:b6:9b:cf:83:41:15:77:a0:ce:58:b5:96:cb:1b:
23:11:b1:0e:8f:e4:3a:c2:c5:15:46:9e:b1:e4:1d:af:5f:dc:
bc:79:54:2c:bf:04:9b:c5:3c:46:92:3b:75:e1:2a:9a:f3:03:
4d:e4:45:59:7d:11:4d:a3:73:7d:2a:bf:b1:b0:d3:8d:9e:12:
ed:6d:3c:03:79:d3:15:eb:3c:d8:bc:d3:9e:cc:51:64:77:eb:
29:67:2e:4a:b6:cb:9a:66:40:18:ab:5a:77:ae:93:24:65:94:
a6:49:4c:56:00:05:b8:51:6f:1a:6d:3e:72:7c:ae:51:8a:0b:
72:88:48:09
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAlZSMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzRjNjBhZGViMGNkNTc2OGNmNzU2ZjU2MmIxYjVjYzViOWMxODBhMB4XDTIyMDEw
MTExMDEzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjdmYTZmZTM1MDIz
NjgwYzZiYWIxNTc5MzNlY2FhZWEwYTE2NzQ1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6lxp44QJR3/tPjjyQMFNxvALj5xwWl8xdnVh+ohXDwpRzc
N7rppLaPbVAaKC1SlVAH8AjfX5F9wQ3C5mvw4nL8wGQk7mntCc00mtmXSuhqI2Ec
hsFqtSrjqH392ePmjd+E1smqnVy8DGtEijvTIy37nevWecbAAvUeyN6g46GPSgmm
V4R1MygAOAvkxXDZpGPrM5x6NVASpeOihKmm+TaxJRzMVFOkzeR6qJCAo8WyWtoC
xqwZyBgQ1dI7LMbIHWzitZ++KedEQEFqQCoT7Oagw2Fl+2DYmGN9E7iMLwyB25C2
Pl+WtJPweRSQEOhYBCyYA+7W3KefqYapRFslBzUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQn+m/jUCNoDGurFXkz7KrqChZ0XzAfBgNVHSMEGDAWgBTHTGCt6wzVdoz3
VvVisbXMW5wYCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gweGdyZXNNMVhhTTkxYjFZckcxekZ1Y0dBby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWYvYWRiNjVjLWY2ZjctNDQ5NS1iYTIzLTg4NWU4NGU3NTEyZS8x
L0pfcHY0MUFqYUF4cnF4VjVNLXlxNmdvV2RGOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYv
YWRiNjVjLWY2ZjctNDQ5NS1iYTIzLTg4NWU4NGU3NTEyZS8xL3gweGdyZXNNMVhh
TTkxYjFZckcxekZ1Y0dBby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALB31zANBgkqhkiG9w0BAQsFAAOC
AQEAfN5XGEvBjJ68PA+U/X5eEBcDiBSHC4yQUuJSBuy5w9M3a9UhqRWVqnHed7nZ
9EWXBbNSYunn2n/Ay7Xn8JTpnsk6fYoD/kv2G5nVZBEDErM2fS3fKYxl/MB7W7DO
eZUUcitz0uQ3axd9tLBsrklw43yHPirAbyad+oUi4RVZhE0bd7abz4NBFXegzli1
lssbIxGxDo/kOsLFFUaeseQdr1/cvHlULL8Em8U8RpI7deEqmvMDTeRFWX0RTaNz
fSq/sbDTjZ4S7W08A3nTFes82LzTnsxRZHfrKWcuSrbLmmZAGKtad66TJGWUpklM
VgAFuFFvGm0+cnyuUYoLcohICQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:06 2023 by rpki-client on console-fra.rpki-client.org