Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/JjSvu9q1g9DdtMrcTG0qiYGNnno.roa
File: JjSvu9q1g9DdtMrcTG0qiYGNnno.roa (raw, json)
Hash identifier: Rp8AmQ/KIbNzVhsGsfzfprFfU7EeurIJBqoOFjYY0tw=
Subject key identifier: 26:34:AF:BB:DA:B5:83:D0:DD:B4:CA:DC:4C:6D:2A:89:81:8D:9E:7A
Certificate issuer: /CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Certificate serial: 018508D1A00B6C44BF3F246BFD7408E33557
Authority key identifier: FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/JjSvu9q1g9DdtMrcTG0qiYGNnno.roa
Signing time: Tue 13 Dec 2022 00:10:33 +0000
ROA not before: Tue 13 Dec 2022 00:10:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48265
IP address blocks: 91.210.137.0/24 maxlen: 24
91.210.138.0/24 maxlen: 24
91.210.136.0/24 maxlen: 24
91.210.139.0/24 maxlen: 24
109.104.132.0/24 maxlen: 24
109.104.129.0/24 maxlen: 24
109.104.130.0/24 maxlen: 24
109.104.128.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.136.0/24 maxlen: 24
109.104.133.0/24 maxlen: 24
109.104.145.0/24 maxlen: 24
109.104.144.0/24 maxlen: 24
109.104.159.0/24 maxlen: 24
109.104.157.0/24 maxlen: 24
109.104.158.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:08:d1:a0:0b:6c:44:bf:3f:24:6b:fd:74:08:e3:35:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Validity
Not Before: Dec 13 00:10:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2634afbbdab583d0ddb4cadc4c6d2a89818d9e7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:09:0c:74:bb:81:3e:a7:5b:e1:04:06:c0:6e:
bd:75:76:62:b9:df:08:4b:5d:60:43:bc:46:c9:9f:
9b:b2:93:e7:8b:02:e7:f6:2d:cc:15:de:f1:2d:63:
f9:e2:da:02:91:7d:df:4b:8d:7e:50:ec:21:ea:95:
41:8b:69:85:29:10:e5:5f:fe:70:f2:49:5c:f8:25:
f2:73:ba:0e:1d:7e:89:5e:f8:2a:e3:3c:56:b0:b2:
db:b7:53:cf:48:4d:3a:8d:9e:bb:e5:4d:84:15:09:
40:f2:bb:c4:14:bf:d3:25:be:b0:54:17:48:6a:3f:
c7:2c:b8:72:1a:35:48:74:e2:11:b0:20:94:5d:e2:
2f:92:cb:74:b3:27:6c:08:67:93:8c:b6:34:f5:40:
f4:b7:9b:0c:e3:ef:cb:bc:25:b7:06:9d:87:b9:13:
4c:88:76:2e:47:89:62:46:10:df:60:71:eb:68:27:
f7:2f:76:67:d5:8c:01:a0:96:4a:2f:cc:4f:9e:40:
be:ff:cc:1d:1b:3b:3a:59:4e:f2:dd:40:36:40:6c:
c2:28:ec:d2:ad:44:44:c3:65:bf:b4:a0:4e:a4:9e:
5c:ed:8c:1e:38:7b:49:11:a4:7f:11:50:c4:f8:d6:
fb:37:91:de:e8:10:f2:e2:bf:98:5f:43:2d:71:bb:
42:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:34:AF:BB:DA:B5:83:D0:DD:B4:CA:DC:4C:6D:2A:89:81:8D:9E:7A
X509v3 Authority Key Identifier:
keyid:FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/JjSvu9q1g9DdtMrcTG0qiYGNnno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/1-_YvdgYnP0GmzMjilWB288Ch61Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.136.0/22
109.104.128.0-109.104.130.255
109.104.132.0/23
109.104.136.0/24
109.104.138.0/24
109.104.144.0/23
109.104.155.0/24
109.104.157.0-109.104.159.255
Signature Algorithm: sha256WithRSAEncryption
4a:ec:79:4a:19:a6:2d:b6:07:04:25:13:41:0d:91:35:20:8a:
e0:ea:1f:4a:cb:8c:84:ee:81:e2:74:53:3e:20:af:fb:27:10:
45:ff:66:70:3d:4c:5b:9e:09:7c:59:66:e9:12:86:9a:ae:96:
8b:23:d1:8b:fb:e1:70:b1:5b:bd:f3:8e:28:76:a7:01:e2:f0:
e3:d2:96:ba:32:1b:ba:74:2b:bb:29:2d:1b:82:2f:f2:d9:d7:
c8:55:46:ab:3c:ed:56:dd:ad:a6:95:87:0d:37:70:00:93:30:
16:c8:3d:3e:43:49:5c:58:7d:b6:11:2a:cc:00:5f:e1:6d:77:
ae:0c:6e:06:65:c2:cd:b4:ca:20:d7:ae:c4:70:c8:3c:06:e1:
39:b9:e7:25:54:c4:ef:1a:8c:e3:3a:a2:a5:9a:9e:41:4a:11:
48:19:3c:2d:d0:d6:47:ff:99:7a:b5:fc:c5:80:9c:3a:26:31:
17:59:b5:de:74:bc:ac:34:cf:37:af:05:d1:35:1f:1b:33:dc:
d6:e9:4a:b1:7d:8f:ac:9b:fe:8d:6c:00:67:2b:1e:44:7b:33:
df:1c:e5:07:a1:17:f9:b5:33:32:8b:56:a0:ed:0c:43:eb:c7:
f3:b6:77:2e:83:d8:48:62:5a:37:a0:2d:01:51:9f:3e:1a:c3:
31:6a:c0:14
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYUI0aALbES/PyRr/XQI4zVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZjYyZjc2MDYyNzNmNDFhNmNjYzhlMjk1NjA3NmYzYzBh
MWViNTQwHhcNMjIxMjEzMDAxMDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjM0YWZiYmRhYjU4M2QwZGRiNGNhZGM0YzZkMmE4OTgxOGQ5ZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAkMdLuBPqdb4QQGwG69dXZiud8I
S11gQ7xGyZ+bspPniwLn9i3MFd7xLWP54toCkX3fS41+UOwh6pVBi2mFKRDlX/5w
8klc+CXyc7oOHX6JXvgq4zxWsLLbt1PPSE06jZ675U2EFQlA8rvEFL/TJb6wVBdI
aj/HLLhyGjVIdOIRsCCUXeIvkst0sydsCGeTjLY09UD0t5sM4+/LvCW3Bp2HuRNM
iHYuR4liRhDfYHHraCf3L3Zn1YwBoJZKL8xPnkC+/8wdGzs6WU7y3UA2QGzCKOzS
rUREw2W/tKBOpJ5c7YweOHtJEaR/EVDE+Nb7N5He6BDy4r+YX0MtcbtCLQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFCY0r7vatYPQ3bTK3ExtKomBjZ56MB8GA1UdIwQY
MBaAFPv2L3YGJz9BpszI4pVgdvPAoetUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1fWXZkZ1luUDBHbXpNamlsV0IyODhDaDYxUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMvOTVlZWJiLTBhOWQtNGY3MS1iM2Y5
LTU2NDllMWIxOTJiYi8xL0pqU3Z1OXExZzlEZHRNcmNURzBxaVlHTm5uby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjMvOTVlZWJiLTBhOWQtNGY3MS1iM2Y5LTU2NDllMWIxOTJi
Yi8xLzEtX1l2ZGdZblAwR216TWppbFdCMjg4Q2g2MVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwWQYIKwYBBQUHAQcBAf8ESjBIMEYEAgABMEADBAJb0ogw
DAMEB21ogAMEAG1oggMEAW1ohAMEAG1oiAMEAG1oigMEAW1okAMEAG1omzAMAwQA
bWidAwQFbWiAMA0GCSqGSIb3DQEBCwUAA4IBAQBK7HlKGaYttgcEJRNBDZE1IIrg
6h9Ky4yE7oHidFM+IK/7JxBF/2ZwPUxbngl8WWbpEoaarpaLI9GL++FwsVu9844o
dqcB4vDj0pa6Mhu6dCu7KS0bgi/y2dfIVUarPO1W3a2mlYcNN3AAkzAWyD0+Q0lc
WH22ESrMAF/hbXeuDG4GZcLNtMog167EcMg8BuE5ueclVMTvGozjOqKlmp5BShFI
GTwt0NZH/5l6tfzFgJw6JjEXWbXedLysNM83rwXRNR8bM9zW6UqxfY+sm/6NbABn
Kx5EezPfHOUHoRf5tTMyi1ag7QxD68fztncug9hIYlo3oC0BUZ8+GsMxasAU
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:46 2025 by rpki-client