Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/JMtsjZ54kXG4QrtvZQlLAr417KU.roa
File: JMtsjZ54kXG4QrtvZQlLAr417KU.roa (raw, json)
Hash identifier: gNQ8iATrdonlrKyGMaa1JZHRAy4ZBa1Z/RTZovuXKGA=
Subject key identifier: 24:CB:6C:8D:9E:78:91:71:B8:42:BB:6F:65:09:4B:02:BE:35:EC:A5
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 14BFEF9D
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/JMtsjZ54kXG4QrtvZQlLAr417KU.roa
Signing time: Wed 20 Apr 2022 09:55:23 +0000
ROA not before: Wed 20 Apr 2022 09:55:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209961
IP address blocks: 2.57.212.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 348123037 (0x14bfef9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Apr 20 09:55:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24cb6c8d9e789171b842bb6f65094b02be35eca5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:16:e1:33:07:63:66:db:be:62:87:9f:d9:d8:
e4:6d:21:25:d2:0f:84:9a:f5:44:76:3a:ef:c7:09:
bd:eb:44:fc:b3:d9:2b:0e:19:a7:9c:34:ba:5c:f4:
b1:2d:a8:31:d2:9e:67:f9:52:aa:c5:82:27:f5:32:
44:a0:cf:7d:c2:a2:fa:53:b2:88:ba:1f:e9:a7:a0:
eb:71:61:cf:d6:0e:c9:96:4e:e1:a3:d6:41:06:cd:
0d:89:fb:c6:75:66:c1:b9:5f:6c:4b:83:ca:68:5e:
0c:3f:60:39:cb:3c:97:26:cd:ad:7e:4c:3e:49:12:
98:b0:b3:7a:ba:d1:84:6e:f2:ec:4a:a6:73:82:b0:
f7:9c:4c:e5:55:07:ab:b0:25:3b:1d:49:16:65:13:
44:10:96:41:55:66:5e:48:2a:fb:3e:d8:63:1a:b2:
e7:b3:54:30:f9:1e:7d:0a:c6:1b:d6:0e:a2:51:c2:
43:56:3e:3f:31:5f:80:f7:82:a3:57:b8:98:f1:8a:
42:78:f2:54:51:ca:21:01:3b:bf:66:33:86:5e:96:
05:ba:59:9f:63:63:4c:82:c4:b6:61:b1:f5:bf:1b:
57:f4:ab:db:62:8f:5a:39:f3:15:db:5a:5c:89:3d:
49:6b:c7:3a:de:07:58:75:7a:5f:6a:75:c1:10:bc:
85:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:CB:6C:8D:9E:78:91:71:B8:42:BB:6F:65:09:4B:02:BE:35:EC:A5
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/JMtsjZ54kXG4QrtvZQlLAr417KU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.212.0/22
Signature Algorithm: sha256WithRSAEncryption
80:cd:e6:e2:c8:73:55:a2:9c:63:97:2e:bc:b7:18:50:56:98:
40:3c:4a:c7:fe:c4:45:68:72:4f:86:cc:43:e3:e3:d2:5e:e6:
de:7a:df:a3:75:d9:55:ea:c9:87:74:8a:17:8a:8b:fe:10:09:
4f:72:11:c5:8d:b0:bb:71:74:27:d5:48:4d:3a:55:d3:f9:bb:
41:6c:e0:dc:e7:b5:55:12:2b:6a:28:a6:f5:1a:9e:b5:6a:32:
b2:68:41:ff:e2:54:77:9e:b9:6d:87:8b:f4:44:c8:35:76:e0:
f3:66:02:c4:7d:df:f2:f8:8d:59:b3:11:49:d7:58:1c:34:57:
87:81:d5:e2:21:98:ed:52:3b:48:7a:25:d2:2a:46:d1:dc:b5:
be:dd:47:90:2d:19:cd:ef:c9:83:2b:0b:cb:07:3a:cb:a1:48:
eb:d8:13:0d:1c:5b:28:29:a1:e7:4d:3d:5d:4a:3c:2e:ef:e4:
1f:be:5c:6f:50:f6:9a:c3:de:d6:10:fb:02:4c:e0:d5:35:35:
47:36:89:f5:11:d1:b6:40:47:8c:03:b5:5e:57:75:7b:55:46:
1c:99:ed:4e:5c:77:cb:bc:5d:ce:e4:d7:f8:58:ad:7c:b3:87:
db:0a:2b:35:74:ac:b4:80:af:a1:ec:f4:5c:ec:97:b2:cc:e2:
42:7b:36:d6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFL/vnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDQy
MDA5NTUyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjRjYjZjOGQ5ZTc4
OTE3MWI4NDJiYjZmNjUwOTRiMDJiZTM1ZWNhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgW4TMHY2bbvmKHn9nY5G0hJdIPhJr1RHY678cJvetE/LPZ
Kw4Zp5w0ulz0sS2oMdKeZ/lSqsWCJ/UyRKDPfcKi+lOyiLof6aeg63Fhz9YOyZZO
4aPWQQbNDYn7xnVmwblfbEuDymheDD9gOcs8lybNrX5MPkkSmLCzerrRhG7y7Eqm
c4Kw95xM5VUHq7AlOx1JFmUTRBCWQVVmXkgq+z7YYxqy57NUMPkefQrGG9YOolHC
Q1Y+PzFfgPeCo1e4mPGKQnjyVFHKIQE7v2Yzhl6WBbpZn2NjTILEtmGx9b8bV/Sr
22KPWjnzFdtaXIk9SWvHOt4HWHV6X2p1wRC8hWECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQky2yNnniRcbhCu29lCUsCvjXspTAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L0pNdHNqWjU0a1hHNFFydHZaUWxMQXI0MTdLVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgI51DANBgkqhkiG9w0BAQsFAAOC
AQEAgM3m4shzVaKcY5cuvLcYUFaYQDxKx/7ERWhyT4bMQ+Pj0l7m3nrfo3XZVerJ
h3SKF4qL/hAJT3IRxY2wu3F0J9VITTpV0/m7QWzg3Oe1VRIraiim9RqetWoysmhB
/+JUd565bYeL9ETINXbg82YCxH3f8viNWbMRSddYHDRXh4HV4iGY7VI7SHol0ipG
0dy1vt1HkC0Zze/JgysLywc6y6FI69gTDRxbKCmh5009XUo8Lu/kH75cb1D2msPe
1hD7Akzg1TU1RzaJ9RHRtkBHjAO1Xld1e1VGHJntTlx3y7xdzuTX+FitfLOH2wor
NXSstICvoez0XOyXssziQns21g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org