Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/f57ca3-4ff1-4064-9df7-3da05388e9ae/1/JiuJ2vNOQMXdR5MAWBZEqsQ-qc0.roa
File: JiuJ2vNOQMXdR5MAWBZEqsQ-qc0.roa (raw, json)
Hash identifier: omcFZ8ZSm15C3aIxLCzTa/HcSH2Zt4RWjyvBD5said4=
Subject key identifier: 26:2B:89:DA:F3:4E:40:C5:DD:47:93:00:58:16:44:AA:C4:3E:A9:CD
Certificate issuer: /CN=07266adfb18b189f3dc4d3be6dc596254be5c9b1
Certificate serial: 0189E413EC2E769EC62059C96FC46AD158D6
Authority key identifier: 07:26:6A:DF:B1:8B:18:9F:3D:C4:D3:BE:6D:C5:96:25:4B:E5:C9:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ByZq37GLGJ89xNO-bcWWJUvlybE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/f57ca3-4ff1-4064-9df7-3da05388e9ae/1/JiuJ2vNOQMXdR5MAWBZEqsQ-qc0.roa
Signing time: Fri 11 Aug 2023 10:10:58 +0000
ROA not before: Fri 11 Aug 2023 10:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204106
IP address blocks: 109.74.72.0/24 maxlen: 24
77.247.198.0/24 maxlen: 24
2a13:1b00:1::/48 maxlen: 48
2a13:1b00::/29 maxlen: 29
2a13:1b00:1000::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e4:13:ec:2e:76:9e:c6:20:59:c9:6f:c4:6a:d1:58:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07266adfb18b189f3dc4d3be6dc596254be5c9b1
Validity
Not Before: Aug 11 10:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=262b89daf34e40c5dd479300581644aac43ea9cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a0:9e:ac:bb:bb:2c:f9:03:8d:5e:8e:cc:10:
6e:94:f8:66:26:f8:f5:1d:f7:be:92:9a:f8:61:6c:
8d:5c:05:ef:23:be:4e:d6:7b:1e:df:2d:85:a2:d6:
19:81:4f:90:d2:b7:c1:a1:d7:a9:97:34:ca:bd:87:
e8:f5:d6:10:8d:5f:06:0c:9a:bc:7b:98:d8:e0:35:
0a:94:22:5d:22:13:cc:9a:de:67:c6:48:d2:76:bb:
00:d7:b3:67:30:a5:95:38:6d:8d:58:fd:59:a4:29:
63:a7:ca:c9:e1:31:6f:3a:c0:32:29:3b:a6:8c:99:
99:28:c9:87:34:63:30:6b:61:20:f9:02:fa:ae:ba:
8a:49:ab:47:bd:80:4b:a6:35:0f:03:ce:3d:52:b0:
fa:50:6d:3a:85:d0:11:f6:94:a6:0e:43:19:ca:af:
2d:30:54:02:87:76:9c:5c:1f:e5:ec:86:5f:c3:66:
10:88:11:a2:69:8a:c0:69:37:a1:af:ad:d1:c8:6c:
6c:7a:b1:1d:d0:f4:0d:1e:de:8d:6f:fe:da:0c:c6:
81:b5:7c:c5:09:dd:ac:71:21:e4:3b:1b:8f:f6:4f:
38:67:5c:ac:5f:c0:5a:3c:3b:65:22:19:df:89:35:
e2:cb:95:51:c1:e9:d3:23:6e:f9:21:e6:cd:e7:05:
41:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:2B:89:DA:F3:4E:40:C5:DD:47:93:00:58:16:44:AA:C4:3E:A9:CD
X509v3 Authority Key Identifier:
keyid:07:26:6A:DF:B1:8B:18:9F:3D:C4:D3:BE:6D:C5:96:25:4B:E5:C9:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ByZq37GLGJ89xNO-bcWWJUvlybE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/f57ca3-4ff1-4064-9df7-3da05388e9ae/1/JiuJ2vNOQMXdR5MAWBZEqsQ-qc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/f57ca3-4ff1-4064-9df7-3da05388e9ae/1/ByZq37GLGJ89xNO-bcWWJUvlybE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.198.0/24
109.74.72.0/24
IPv6:
2a13:1b00::/29
Signature Algorithm: sha256WithRSAEncryption
a4:87:4e:03:c4:b0:89:e5:be:77:f0:f6:1d:d1:b1:5c:40:23:
3b:b6:a8:07:3b:91:13:5f:51:3c:71:21:59:6b:af:d1:ba:18:
0e:e9:1a:8d:45:67:2b:c8:c6:ec:19:7b:02:25:96:a4:9d:c4:
36:16:ba:7c:d2:19:12:c2:7f:ce:0a:30:c3:44:fd:a2:17:ef:
af:8c:e2:6d:c1:88:10:63:34:d6:86:e8:b5:e8:85:2d:ee:ca:
19:98:3b:8d:7e:82:98:66:7d:1e:ac:b8:70:77:67:cb:db:ae:
0c:21:c3:29:c9:4c:5c:c0:c8:b4:66:f7:89:51:f3:65:3d:3a:
01:8d:8c:74:45:eb:d4:d4:c5:32:09:79:1e:08:62:d7:ec:9e:
fc:f7:11:93:b1:1d:12:2d:6d:5e:bb:07:43:55:19:ca:21:2f:
61:eb:18:fa:32:9c:f1:16:1a:9b:03:7a:d4:2a:54:f1:59:35:
ab:7e:75:3f:11:c5:b0:8c:ea:c0:75:1d:e5:0f:19:5c:5b:06:
0d:f6:6c:6b:9b:37:bf:a4:61:8b:19:f4:5f:4e:05:6c:35:51:
23:97:46:ab:6b:d9:92:1e:22:31:a3:9c:3e:1d:a6:82:17:cc:
ad:08:38:ed:0a:eb:98:46:5f:62:41:4c:49:99:5a:57:46:d6:
75:61:87:0f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYnkE+wudp7GIFnJb8Rq0VjWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3MjY2YWRmYjE4YjE4OWYzZGM0ZDNiZTZkYzU5NjI1NGJl
NWM5YjEwHhcNMjMwODExMTAxMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjJiODlkYWYzNGU0MGM1ZGQ0NzkzMDA1ODE2NDRhYWM0M2VhOWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKCerLu7LPkDjV6OzBBulPhmJvj1
Hfe+kpr4YWyNXAXvI75O1nse3y2FotYZgU+Q0rfBodeplzTKvYfo9dYQjV8GDJq8
e5jY4DUKlCJdIhPMmt5nxkjSdrsA17NnMKWVOG2NWP1ZpCljp8rJ4TFvOsAyKTum
jJmZKMmHNGMwa2Eg+QL6rrqKSatHvYBLpjUPA849UrD6UG06hdAR9pSmDkMZyq8t
MFQCh3acXB/l7IZfw2YQiBGiaYrAaTehr63RyGxserEd0PQNHt6Nb/7aDMaBtXzF
Cd2scSHkOxuP9k84Z1ysX8BaPDtlIhnfiTXiy5VRwenTI275IebN5wVB6wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCYridrzTkDF3UeTAFgWRKrEPqnNMB8GA1UdIwQY
MBaAFAcmat+xixifPcTTvm3FliVL5cmxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnlacTM3R0xHSjg5eE5PLWJjV1dKVXZseWJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9mNTdjYTMtNGZmMS00MDY0LTlkZjct
M2RhMDUzODhlOWFlLzEvSml1SjJ2Tk9RTVhkUjVNQVdCWkVxc1EtcWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9mNTdjYTMtNGZmMS00MDY0LTlkZjctM2RhMDUzODhlOWFl
LzEvQnlacTM3R0xHSjg5eE5PLWJjV1dKVXZseWJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQATffGAwQA
bUpIMA0EAgACMAcDBQMqExsAMA0GCSqGSIb3DQEBCwUAA4IBAQCkh04DxLCJ5b53
8PYd0bFcQCM7tqgHO5ETX1E8cSFZa6/RuhgO6RqNRWcryMbsGXsCJZakncQ2Frp8
0hkSwn/OCjDDRP2iF++vjOJtwYgQYzTWhui16IUt7soZmDuNfoKYZn0erLhwd2fL
264MIcMpyUxcwMi0ZveJUfNlPToBjYx0RevU1MUyCXkeCGLX7J789xGTsR0SLW1e
uwdDVRnKIS9h6xj6MpzxFhqbA3rUKlTxWTWrfnU/EcWwjOrAdR3lDxlcWwYN9mxr
mze/pGGLGfRfTgVsNVEjl0ara9mSHiIxo5w+HaaCF8ytCDjtCuuYRl9iQUxJmVpX
RtZ1YYcP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:43 2024 by rpki-client on console-ams.rpki-client.org