Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/JALKIf72nGDloSHa_pRxhJG4V1k.roa
File: JALKIf72nGDloSHa_pRxhJG4V1k.roa (raw, json)
Hash identifier: BPIDvPs9NJ2D07paZJLIEqfU8YSxRwnwamY6W0PpE9k=
Subject key identifier: 24:02:CA:21:FE:F6:9C:60:E5:A1:21:DA:FE:94:71:84:91:B8:57:59
Certificate issuer: /CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Certificate serial: 018E3243C4BD8960295197185E5EAE702F94
Authority key identifier: CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/JALKIf72nGDloSHa_pRxhJG4V1k.roa
Signing time: Tue 12 Mar 2024 10:44:45 +0000
ROA not before: Tue 12 Mar 2024 10:44:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 5.57.210.0/24 maxlen: 24
31.222.245.0/24 maxlen: 24
77.72.83.0/24 maxlen: 24
146.19.109.0/24 maxlen: 24
176.116.17.0/24 maxlen: 24
193.163.20.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c4:bd:89:60:29:51:97:18:5e:5e:ae:70:2f:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Validity
Not Before: Mar 12 10:44:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2402ca21fef69c60e5a121dafe94718491b85759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:39:ff:51:8f:97:0b:f2:63:b6:8a:27:03:8e:
28:a7:d0:a8:65:38:c5:28:02:eb:9d:7a:d2:41:c5:
33:6c:da:7c:9d:d8:e8:07:b4:db:86:b1:4a:a6:6d:
fb:25:19:a2:ca:c0:78:85:6c:ae:5a:ce:c0:5f:47:
4d:67:38:fc:0b:cf:9f:e7:2b:48:ef:4e:08:f9:63:
7d:36:82:2a:23:b2:b9:8f:1b:a3:c3:22:fc:f7:0a:
4a:5d:ce:06:7a:f2:21:6b:1a:d6:51:a9:2a:e8:8d:
85:07:b4:04:9c:5f:1b:eb:11:9c:49:f5:f3:b3:c2:
ac:25:d7:4d:98:ca:a8:a5:b7:f0:c5:8b:7f:f3:e1:
38:75:07:f3:38:38:c7:24:b8:d4:3a:46:b4:3b:8c:
f9:c8:5f:cd:9e:22:af:95:f5:48:bc:38:d1:52:f8:
d3:b1:f4:c0:ec:f4:7a:11:b6:54:e9:b4:1b:ef:63:
ac:ed:55:e4:77:28:19:20:80:37:ba:45:44:85:e6:
30:04:ba:ab:54:83:e8:cd:d5:52:c4:a5:e2:13:6a:
e4:2c:44:c5:c4:01:b8:60:17:d2:a4:7b:64:3d:a8:
8f:71:6b:b9:0b:27:d5:1b:16:5f:08:61:3c:f8:db:
05:46:e3:e3:bf:e7:87:5e:85:68:d4:f8:c8:45:66:
9b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:02:CA:21:FE:F6:9C:60:E5:A1:21:DA:FE:94:71:84:91:B8:57:59
X509v3 Authority Key Identifier:
keyid:CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/JALKIf72nGDloSHa_pRxhJG4V1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.210.0/24
31.222.245.0/24
77.72.83.0/24
146.19.109.0/24
176.116.17.0/24
193.163.20.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:8f:42:3a:d1:52:39:b1:d1:64:25:a3:12:04:d5:19:83:fb:
ee:b2:c4:a3:71:1e:40:96:09:3f:ab:1a:b0:a4:17:54:c3:6f:
a9:14:04:f4:47:01:c5:a8:7a:65:62:96:97:dd:1f:43:11:9c:
c7:8f:22:57:0d:af:a2:fc:ca:01:66:2d:c9:e0:5a:eb:8c:b5:
bc:cd:00:e2:85:95:58:80:8a:e0:c6:f5:8a:98:2f:bd:7a:25:
a1:0c:9d:ee:9e:f4:0b:61:8a:a2:fd:81:0c:e1:36:67:6a:c7:
46:89:bb:ee:af:c6:e1:ff:95:d5:99:6b:e7:91:21:9f:de:1b:
a5:ae:7c:7b:de:53:d6:69:e8:e3:8c:6e:93:b4:5f:09:c3:7c:
bc:08:4a:f1:06:fc:a5:98:fe:df:48:b7:60:b4:7f:46:35:f5:
bf:21:3d:77:2b:77:f8:af:88:6e:db:c0:5b:75:de:88:e4:e4:
e0:52:66:ec:ad:16:fe:4b:b1:2d:ac:e9:ea:fa:71:c6:28:1c:
4e:8b:96:5f:99:93:d8:f7:cd:93:8c:53:66:c5:5c:85:a2:a5:
c4:73:39:26:65:30:09:d3:48:42:30:be:c8:7f:40:2e:b2:c9:
fa:d0:3e:c1:97:48:95:25:ce:4b:38:63:46:3f:f9:83:46:8a:
d8:26:65:07
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY4yQ8S9iWApUZcYXl6ucC+UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGJlZmJhOGZlM2MxZjY2OGM4NDQ0Mzg0ZmU0YTNhOWY0
ZDg3ZjEwHhcNMjQwMzEyMTA0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDAyY2EyMWZlZjY5YzYwZTVhMTIxZGFmZTk0NzE4NDkxYjg1NzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDn/UY+XC/JjtoonA44op9CoZTjF
KALrnXrSQcUzbNp8ndjoB7TbhrFKpm37JRmiysB4hWyuWs7AX0dNZzj8C8+f5ytI
704I+WN9NoIqI7K5jxujwyL89wpKXc4GevIhaxrWUakq6I2FB7QEnF8b6xGcSfXz
s8KsJddNmMqopbfwxYt/8+E4dQfzODjHJLjUOka0O4z5yF/NniKvlfVIvDjRUvjT
sfTA7PR6EbZU6bQb72Os7VXkdygZIIA3ukVEheYwBLqrVIPozdVSxKXiE2rkLETF
xAG4YBfSpHtkPaiPcWu5CyfVGxZfCGE8+NsFRuPjv+eHXoVo1PjIRWabQQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCQCyiH+9pxg5aEh2v6UcYSRuFdZMB8GA1UdIwQY
MBaAFM3b77qP48H2aMhEQ4T+SjqfTYfxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMt
MWEzOWU2YTZkZTkzLzEvSkFMS0lmNzJuR0Rsb1NIYV9wUnhoSkc0VjFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMtMWEzOWU2YTZkZTkz
LzEvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABTnSAwQA
H971AwQATUhTAwQAkhNtAwQAsHQRAwQAwaMUMA0GCSqGSIb3DQEBCwUAA4IBAQCu
j0I60VI5sdFkJaMSBNUZg/vussSjcR5Algk/qxqwpBdUw2+pFAT0RwHFqHplYpaX
3R9DEZzHjyJXDa+i/MoBZi3J4FrrjLW8zQDihZVYgIrgxvWKmC+9eiWhDJ3unvQL
YYqi/YEM4TZnasdGibvur8bh/5XVmWvnkSGf3hulrnx73lPWaejjjG6TtF8Jw3y8
CErxBvylmP7fSLdgtH9GNfW/IT13K3f4r4hu28Bbdd6I5OTgUmbsrRb+S7EtrOnq
+nHGKBxOi5ZfmZPY982TjFNmxVyFoqXEczkmZTAJ00hCML7If0Aussn60D7Bl0iV
Jc5LOGNGP/mDRorYJmUH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:57 2024 by rpki-client on console-fra.rpki-client.org