Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/JotbWRoOGfC64TK9VcjazBqpwZA.roa
File: JotbWRoOGfC64TK9VcjazBqpwZA.roa (raw, json)
Hash identifier: J+LWm8uCI2akhmlhLaLUOB6TcPyNdSnoosO2x+nZzqk=
Subject key identifier: 26:8B:5B:59:1A:0E:19:F0:BA:E1:32:BD:55:C8:DA:CC:1A:A9:C1:90
Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial: 070E6950
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/JotbWRoOGfC64TK9VcjazBqpwZA.roa
Signing time: Sat 01 Jan 2022 09:58:31 +0000
ROA not before: Sat 01 Jan 2022 09:58:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16200
IP address blocks: 92.118.8.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118384976 (0x70e6950)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Validity
Not Before: Jan 1 09:58:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=268b5b591a0e19f0bae132bd55c8dacc1aa9c190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c5:c5:77:f0:b3:39:52:cb:c5:8b:54:3a:8b:
36:04:6f:9a:7a:e3:d0:95:f4:e3:ed:7a:8c:f4:af:
ad:7d:46:a4:4f:d3:05:d0:72:53:c0:31:3b:b5:89:
b9:52:47:99:91:07:49:50:f1:56:57:e7:89:5b:61:
22:e3:66:f0:75:3f:85:80:e0:b0:de:43:1c:1b:f5:
0d:e8:65:a0:b4:ed:00:52:91:c8:b0:58:04:15:aa:
15:5d:47:62:13:9b:b5:b1:63:f6:80:c0:d7:e4:f1:
d3:48:3d:5c:e9:85:b6:3a:21:2b:fc:9d:92:a6:6f:
a6:d3:6e:b6:af:5b:3b:2f:de:5d:00:6c:0c:8c:e8:
b2:89:70:5b:fb:6e:63:17:34:39:d6:28:35:66:b3:
e3:7b:19:60:7a:93:1e:78:6d:2c:ff:88:f8:1d:a7:
28:73:bd:b3:d3:0a:d6:7c:2d:43:67:ba:b3:7c:da:
f8:74:9a:c5:97:14:b4:0c:20:fb:83:a6:50:24:16:
75:02:65:09:18:30:33:82:37:34:9f:48:38:47:d5:
0e:5b:ff:ff:03:0b:84:e2:d5:49:dd:e7:98:1d:1a:
bd:97:f6:fd:96:6a:ed:3e:72:f2:ab:5d:b5:86:70:
bd:7e:d5:0b:07:e8:35:83:dc:b7:a7:22:23:78:dc:
27:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:8B:5B:59:1A:0E:19:F0:BA:E1:32:BD:55:C8:DA:CC:1A:A9:C1:90
X509v3 Authority Key Identifier:
keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/JotbWRoOGfC64TK9VcjazBqpwZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.8.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:59:7f:26:89:bd:91:6b:0d:b6:17:cf:83:d5:56:68:77:d6:
f9:6d:d0:bf:62:80:3f:af:ac:97:4a:81:93:0e:8a:98:d4:0c:
88:74:9e:08:db:5b:bc:a3:50:83:14:8f:43:61:ad:93:52:ba:
66:cf:79:2d:9c:16:9a:2e:12:38:98:5e:1e:63:43:a8:ad:ca:
1f:a8:da:95:80:22:b4:85:9c:ed:e2:45:d3:f8:57:db:a8:e9:
48:6e:24:29:5f:27:3a:97:f3:fc:52:4b:5f:62:9e:7b:20:6b:
9c:94:65:19:e2:eb:79:12:b9:93:6d:f3:47:d9:da:b2:a2:7c:
ca:34:98:9e:f5:1f:7d:f1:24:e2:e6:5f:12:b4:ac:a2:8a:65:
cd:64:37:ea:42:81:96:a0:e1:3f:df:32:1f:26:63:c9:75:7e:
b5:74:36:2d:fe:db:c9:b5:23:9b:4c:7f:1a:a5:93:28:48:4a:
a0:01:47:eb:78:38:f7:18:ba:33:81:93:fa:a6:71:bb:e7:99:
8a:ae:0c:24:19:0b:d0:9e:47:e4:df:0d:d1:82:56:38:0b:fb:
2f:d8:90:1b:26:4c:0e:fa:97:50:ac:fd:ac:b7:1c:77:1e:e6:
72:24:2f:17:5c:ed:44:27:9f:5c:e3:6f:91:f2:87:f0:5b:dd:
f0:f0:21:2a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBw5pUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Zjg3ZTBhYjAzMmIwYzA1ZWI1ZTc0Y2MyYzA4Njk4ZGQzMjRkOTYzMB4XDTIyMDEw
MTA5NTgzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjY4YjViNTkxYTBl
MTlmMGJhZTEzMmJkNTVjOGRhY2MxYWE5YzE5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKfFxXfwszlSy8WLVDqLNgRvmnrj0JX04+16jPSvrX1GpE/T
BdByU8AxO7WJuVJHmZEHSVDxVlfniVthIuNm8HU/hYDgsN5DHBv1DehloLTtAFKR
yLBYBBWqFV1HYhObtbFj9oDA1+Tx00g9XOmFtjohK/ydkqZvptNutq9bOy/eXQBs
DIzosolwW/tuYxc0OdYoNWaz43sZYHqTHnhtLP+I+B2nKHO9s9MK1nwtQ2e6s3za
+HSaxZcUtAwg+4OmUCQWdQJlCRgwM4I3NJ9IOEfVDlv//wMLhOLVSd3nmB0avZf2
/ZZq7T5y8qtdtYZwvX7VCwfoNYPct6ciI3jcJ5cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQmi1tZGg4Z8LrhMr1VyNrMGqnBkDAfBgNVHSMEGDAWgBT/h+CrAysMBete
dMwsCGmN0yTZYzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L180Zmdxd01yREFYclhuVE1MQWhwamRNazJXTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvMWRmMThlLTZjNGQtNDM0Yi04ZTMxLTcxZWI5NWY1MGU1Yi8x
L0pvdGJXUm9PR2ZDNjRUSzlWY2phekJxcHdaQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
MWRmMThlLTZjNGQtNDM0Yi04ZTMxLTcxZWI5NWY1MGU1Yi8xL180Zmdxd01yREFY
clhuVE1MQWhwamRNazJXTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlx2CDANBgkqhkiG9w0BAQsFAAOC
AQEAKll/Jom9kWsNthfPg9VWaHfW+W3Qv2KAP6+sl0qBkw6KmNQMiHSeCNtbvKNQ
gxSPQ2Gtk1K6Zs95LZwWmi4SOJheHmNDqK3KH6jalYAitIWc7eJF0/hX26jpSG4k
KV8nOpfz/FJLX2KeeyBrnJRlGeLreRK5k23zR9nasqJ8yjSYnvUfffEk4uZfErSs
ooplzWQ36kKBlqDhP98yHyZjyXV+tXQ2Lf7bybUjm0x/GqWTKEhKoAFH63g49xi6
M4GT+qZxu+eZiq4MJBkL0J5H5N8N0YJWOAv7L9iQGyZMDvqXUKz9rLccdx7mciQv
F1ztRCefXONvkfKH8Fvd8PAhKg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:39 2025 by rpki-client