Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/jvIRA59XHZ7w0BZrMnhBSAidGdc.roa
File: jvIRA59XHZ7w0BZrMnhBSAidGdc.roa (raw, json)
Hash identifier: gp8AXhKpIFDvvJskYcct4g82Mqqy5cs911hZ7j8siiA=
Subject key identifier: 8E:F2:11:03:9F:57:1D:9E:F0:D0:16:6B:32:78:41:48:08:9D:19:D7
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 018FB9FFD6E672B3CA951B2B2C4F7F0B6278
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/jvIRA59XHZ7w0BZrMnhBSAidGdc.roa
Signing time: Mon 27 May 2024 12:21:42 +0000
ROA not before: Mon 27 May 2024 12:21:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61354
IP address blocks: 193.107.21.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b9:ff:d6:e6:72:b3:ca:95:1b:2b:2c:4f:7f:0b:62:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: May 27 12:21:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ef211039f571d9ef0d0166b32784148089d19d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c7:bd:24:4b:c7:5d:77:3e:10:12:67:64:1e:
d7:44:ce:69:80:4a:33:86:77:c3:aa:e7:c0:6b:17:
51:e3:b3:a1:f2:0f:1c:42:6b:5a:dd:2e:d4:4a:ac:
0d:c8:d5:9e:04:6b:a2:78:96:12:d9:8e:cb:b8:52:
4a:31:dc:01:91:6f:00:b1:bd:15:ad:70:b6:d6:90:
e2:1f:3e:9e:72:ac:77:ee:99:a3:92:30:ce:3d:04:
4f:ba:19:d8:32:f7:f3:e9:95:e0:c8:e3:68:5e:cb:
6e:b3:9c:28:2e:58:ee:98:cf:9e:be:fb:fe:75:a8:
81:e7:c0:cf:53:4b:cb:ff:35:3d:ba:65:1e:07:8c:
1d:e1:1c:a5:c8:80:32:7d:b0:10:e2:32:5a:ae:a4:
37:21:14:5c:96:78:ae:21:5f:9e:e7:3b:8c:44:0b:
fd:f5:c0:18:93:07:ca:56:78:93:cd:4e:f5:9e:65:
8d:e8:3b:46:01:25:1a:c0:4e:cd:50:1f:ed:c7:1f:
c2:ed:1a:6d:f3:49:5f:bf:41:67:c5:ec:1c:34:a3:
f0:e2:36:01:2c:2c:80:d1:06:26:96:9d:32:6f:a2:
e9:5e:19:62:1f:49:70:58:57:2c:fe:54:fc:38:c2:
f1:a6:b1:79:4f:d3:50:6f:08:21:f7:1f:c3:ff:45:
bd:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:F2:11:03:9F:57:1D:9E:F0:D0:16:6B:32:78:41:48:08:9D:19:D7
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/jvIRA59XHZ7w0BZrMnhBSAidGdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.107.21.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:0b:a3:2f:be:fc:55:60:0a:3a:04:05:15:a1:6e:f4:dc:df:
b3:80:89:da:4c:66:f8:90:16:d8:58:be:ac:af:17:79:82:fc:
70:7d:17:10:6c:a5:83:f8:40:11:18:fe:e6:31:8b:4c:6a:e1:
0a:9a:c0:f3:41:da:8b:84:02:e6:29:08:b8:2f:a0:7d:48:84:
61:ab:ce:ca:9f:e9:4d:95:ee:84:4f:b4:dd:54:77:95:5d:3d:
7f:5f:7a:09:10:fe:6c:b5:a2:bf:e4:5e:87:f3:d2:eb:09:cf:
42:61:0c:16:4c:51:c1:44:da:57:db:b2:4b:61:00:01:84:fe:
f4:ff:88:cb:b0:62:51:fd:dd:45:29:d5:c2:d8:cb:9a:8b:b9:
a2:51:b1:50:c2:21:34:63:3d:5a:65:f6:9d:64:32:39:5f:42:
ac:0c:46:5f:99:a5:1c:e2:cb:ec:39:02:90:48:58:44:5d:bb:
2b:dd:83:a2:d0:6a:3e:a4:25:7f:e3:9f:99:e7:4a:87:31:62:
bf:dc:0d:21:7f:af:80:0c:5a:b7:e1:0c:68:26:8d:43:46:e7:
e5:1c:f3:21:f5:e6:c0:53:7e:69:4e:1f:e7:5f:60:45:d4:f1:
9a:d8:94:b3:6e:4e:71:24:17:72:00:ba:91:a8:80:92:b9:31:
f3:2a:78:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+5/9bmcrPKlRsrLE9/C2J4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjQwNTI3MTIyMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWYyMTEwMzlmNTcxZDllZjBkMDE2NmIzMjc4NDE0ODA4OWQxOWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8e9JEvHXXc+EBJnZB7XRM5pgEoz
hnfDqufAaxdR47Oh8g8cQmta3S7USqwNyNWeBGuieJYS2Y7LuFJKMdwBkW8Asb0V
rXC21pDiHz6ecqx37pmjkjDOPQRPuhnYMvfz6ZXgyONoXstus5woLljumM+evvv+
daiB58DPU0vL/zU9umUeB4wd4RylyIAyfbAQ4jJarqQ3IRRclniuIV+e5zuMRAv9
9cAYkwfKVniTzU71nmWN6DtGASUawE7NUB/txx/C7Rpt80lfv0FnxewcNKPw4jYB
LCyA0QYmlp0yb6LpXhliH0lwWFcs/lT8OMLxprF5T9NQbwgh9x/D/0W9MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI7yEQOfVx2e8NAWazJ4QUgInRnXMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvanZJUkE1OVhIWjd3MEJack1uaEJTQWlkR2RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWsVMA0G
CSqGSIb3DQEBCwUAA4IBAQCkC6MvvvxVYAo6BAUVoW703N+zgInaTGb4kBbYWL6s
rxd5gvxwfRcQbKWD+EARGP7mMYtMauEKmsDzQdqLhALmKQi4L6B9SIRhq87Kn+lN
le6ET7TdVHeVXT1/X3oJEP5staK/5F6H89LrCc9CYQwWTFHBRNpX27JLYQABhP70
/4jLsGJR/d1FKdXC2Muai7miUbFQwiE0Yz1aZfadZDI5X0KsDEZfmaUc4svsOQKQ
SFhEXbsr3YOi0Go+pCV/45+Z50qHMWK/3A0hf6+ADFq34QxoJo1DRuflHPMh9ebA
U35pTh/nX2BF1PGa2JSzbk5xJBdyALqRqICSuTHzKnhN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:24 2024 by rpki-client on console-fra.rpki-client.org