Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/JLR_Kep5-xm_0YFVB50LAped5G4.roa
File: JLR_Kep5-xm_0YFVB50LAped5G4.roa (raw, json)
Hash identifier: Kmk1ReI/RsqFI0a08HLfJC25Ra2kTevAXS+SM4z9mIw=
Subject key identifier: 24:B4:7F:29:EA:79:FB:19:BF:D1:81:55:07:9D:0B:02:97:9D:E4:6E
Certificate issuer: /CN=992b86095ce558d2e9618728a44228a27be9098f
Certificate serial: 01828BFA23048AA75F5A8255D1B7A128DE90
Authority key identifier: 99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/JLR_Kep5-xm_0YFVB50LAped5G4.roa
Signing time: Thu 11 Aug 2022 08:16:42 +0000
ROA not before: Thu 11 Aug 2022 08:16:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 166.108.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8b:fa:23:04:8a:a7:5f:5a:82:55:d1:b7:a1:28:de:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=992b86095ce558d2e9618728a44228a27be9098f
Validity
Not Before: Aug 11 08:16:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24b47f29ea79fb19bfd18155079d0b02979de46e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:cb:66:e5:4f:19:b2:0a:dc:bb:df:56:09:e9:
df:fd:ac:ea:f2:06:12:53:95:7e:ea:d5:07:78:17:
86:19:e1:b5:d3:86:b8:7a:7c:54:35:2e:5f:71:65:
a5:0d:71:a0:7b:fc:b2:ff:41:c4:4d:dd:0d:ab:ea:
7c:25:93:71:ce:39:95:3d:4d:3e:97:b8:77:3f:62:
2c:e7:79:72:71:7b:dd:d4:42:8c:92:6c:7a:46:c4:
aa:91:22:ee:c8:5e:b4:35:9a:4a:f4:31:86:34:4d:
07:66:33:17:25:7f:6d:25:05:19:0d:ce:8e:d0:6f:
54:8b:d6:39:ba:bf:3a:55:fd:52:13:82:7d:1c:96:
a6:c6:89:52:fc:bc:be:5a:93:81:98:25:c2:26:0e:
5d:d7:b8:a5:41:26:79:e0:00:9d:26:a9:72:07:b2:
ba:1f:c5:78:2a:f6:92:34:db:66:45:1e:17:14:b7:
ad:e0:8e:17:05:19:5c:a8:20:3b:c4:73:6a:8b:37:
4b:d9:34:95:df:29:76:f4:60:38:0f:72:bc:7d:13:
fc:42:fc:64:3c:46:cd:d0:cf:4d:25:3f:74:4a:5d:
a7:b4:a7:6a:2d:a1:29:29:e8:b1:3c:16:a9:d5:bf:
74:b9:05:ef:85:04:f0:7f:ab:b6:24:6b:f1:22:5c:
e4:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:B4:7F:29:EA:79:FB:19:BF:D1:81:55:07:9D:0B:02:97:9D:E4:6E
X509v3 Authority Key Identifier:
keyid:99:2B:86:09:5C:E5:58:D2:E9:61:87:28:A4:42:28:A2:7B:E9:09:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSuGCVzlWNLpYYcopEIoonvpCY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/JLR_Kep5-xm_0YFVB50LAped5G4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/8ea9b9-3b6e-4fdf-b5d1-f04fdcc09e51/1/mSuGCVzlWNLpYYcopEIoonvpCY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
166.108.255.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:cd:70:77:dd:72:22:d1:df:19:23:fe:9e:a8:1f:7e:5a:e0:
57:4e:59:b4:36:3a:bf:02:ea:3b:4b:3b:bf:66:24:92:90:bb:
4e:39:76:75:71:5e:c2:f8:87:c9:53:21:9f:88:6a:a8:79:9b:
a5:63:d4:bd:73:81:02:19:f5:ed:10:7a:52:63:66:5f:bc:c2:
83:66:02:23:22:52:36:87:e9:f1:ae:28:2d:a7:f7:3f:1e:1b:
f9:2b:9e:97:2f:da:47:8b:27:a8:b4:46:a2:dd:a6:5c:4b:5e:
07:73:86:66:3f:f0:73:02:31:ff:84:1b:44:17:9e:a5:fc:f6:
1d:75:6d:b1:42:54:0e:18:9d:10:a3:53:e6:87:28:0e:fe:d2:
f1:21:ca:d9:ac:a8:ae:92:a6:cf:9d:16:dc:ed:82:f4:08:e7:
b2:24:42:8c:62:fb:2e:9b:17:01:d3:43:36:d0:fe:78:11:2c:
6d:d7:57:6f:7f:d7:35:20:ee:dd:5e:ae:1f:f2:13:1b:54:d8:
9b:b7:b6:4b:1e:e9:40:9f:8f:31:4a:78:c2:eb:66:be:91:4a:
d0:e7:87:28:1c:bd:c3:c0:45:01:f8:7f:9b:70:38:95:d1:f3:
80:39:ac:08:c7:31:0b:43:92:7e:ad:68:60:bd:a9:dd:3b:83:
2c:42:9b:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKL+iMEiqdfWoJV0behKN6QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MmI4NjA5NWNlNTU4ZDJlOTYxODcyOGE0NDIyOGEyN2Jl
OTA5OGYwHhcNMjIwODExMDgxNjQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGI0N2YyOWVhNzlmYjE5YmZkMTgxNTUwNzlkMGIwMjk3OWRlNDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlstm5U8Zsgrcu99WCenf/azq8gYS
U5V+6tUHeBeGGeG104a4enxUNS5fcWWlDXGge/yy/0HETd0Nq+p8JZNxzjmVPU0+
l7h3P2Is53lycXvd1EKMkmx6RsSqkSLuyF60NZpK9DGGNE0HZjMXJX9tJQUZDc6O
0G9Ui9Y5ur86Vf1SE4J9HJamxolS/Ly+WpOBmCXCJg5d17ilQSZ54ACdJqlyB7K6
H8V4KvaSNNtmRR4XFLet4I4XBRlcqCA7xHNqizdL2TSV3yl29GA4D3K8fRP8Qvxk
PEbN0M9NJT90Sl2ntKdqLaEpKeixPBap1b90uQXvhQTwf6u2JGvxIlzkzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCS0fynqefsZv9GBVQedCwKXneRuMB8GA1UdIwQY
MBaAFJkrhglc5VjS6WGHKKRCKKJ76QmPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEt
ZjA0ZmRjYzA5ZTUxLzEvSkxSX0tlcDUteG1fMFlGVkI1MExBcGVkNUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS84ZWE5YjktM2I2ZS00ZmRmLWI1ZDEtZjA0ZmRjYzA5ZTUx
LzEvbVN1R0NWemxXTkxwWVljb3BFSW9vbnZwQ1k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApmz/MA0G
CSqGSIb3DQEBCwUAA4IBAQAdzXB33XIi0d8ZI/6eqB9+WuBXTlm0Njq/Auo7Szu/
ZiSSkLtOOXZ1cV7C+IfJUyGfiGqoeZulY9S9c4ECGfXtEHpSY2ZfvMKDZgIjIlI2
h+nxrigtp/c/Hhv5K56XL9pHiyeotEai3aZcS14Hc4ZmP/BzAjH/hBtEF56l/PYd
dW2xQlQOGJ0Qo1PmhygO/tLxIcrZrKiukqbPnRbc7YL0COeyJEKMYvsumxcB00M2
0P54ESxt11dvf9c1IO7dXq4f8hMbVNibt7ZLHulAn48xSnjC62a+kUrQ54coHL3D
wEUB+H+bcDiV0fOAOawIxzELQ5J+rWhgvandO4MsQpvj
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:40:47 2025 by rpki-client