Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/JP8ZQiRYPJNf0X_le6eE2l5fQG4.roa
File: JP8ZQiRYPJNf0X_le6eE2l5fQG4.roa (raw, json)
Hash identifier: C23ifw0XOZ18sNQ/3onGjhjMFheLDgt1DaWHvlcfVMI=
Subject key identifier: 24:FF:19:42:24:58:3C:93:5F:D1:7F:E5:7B:A7:84:DA:5E:5F:40:6E
Certificate issuer: /CN=94846741139263388d984db1e97e031669c6486e
Certificate serial: 02BD29C9
Authority key identifier: 94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/JP8ZQiRYPJNf0X_le6eE2l5fQG4.roa
Signing time: Sun 17 Apr 2022 13:22:45 +0000
ROA not before: Sun 17 Apr 2022 13:22:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39650
IP address blocks: 195.190.139.0/24 maxlen: 24
195.190.144.0/24 maxlen: 24
195.190.130.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45951433 (0x2bd29c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94846741139263388d984db1e97e031669c6486e
Validity
Not Before: Apr 17 13:22:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24ff194224583c935fd17fe57ba784da5e5f406e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8d:02:06:e0:e9:fa:39:5c:50:5f:9b:e4:ab:
ee:96:bb:11:50:5a:54:3f:dc:24:14:6f:68:43:37:
4a:67:06:ce:3b:8e:73:fb:28:eb:82:3c:a3:a2:af:
cb:b5:c5:dd:73:a2:9b:42:ed:ba:22:bd:f0:7b:06:
08:78:ca:76:93:9f:5d:26:76:59:31:d8:cd:30:3c:
a9:15:9a:9e:cc:cc:bb:a8:18:b1:b1:34:f5:8a:22:
de:d0:9e:56:e2:fa:56:53:c5:ed:06:70:c8:47:39:
f7:17:b6:01:60:38:ae:33:2a:f5:fe:23:a1:87:2c:
4d:7b:e9:98:88:0d:88:4b:f0:ef:ea:f9:8e:58:b4:
5b:15:25:8d:a4:9a:c9:f6:27:f4:ae:3d:48:95:58:
8e:b6:4d:8b:65:69:34:ff:88:02:5f:94:f6:00:fe:
61:7e:cd:35:96:6f:66:23:26:3a:0a:9d:5c:3f:b9:
40:39:44:8b:91:37:cd:d1:f1:d1:54:22:e3:a7:ba:
ad:9d:bd:ae:06:cf:23:d3:e2:f2:75:06:62:47:cf:
2c:37:47:31:fe:da:49:15:63:5b:45:f0:bf:fe:82:
f2:5c:87:ef:95:01:6c:fc:6f:39:4d:27:c1:0e:99:
84:93:81:4e:e3:27:06:57:72:42:6a:38:f1:1d:4c:
ae:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:FF:19:42:24:58:3C:93:5F:D1:7F:E5:7B:A7:84:DA:5E:5F:40:6E
X509v3 Authority Key Identifier:
keyid:94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/JP8ZQiRYPJNf0X_le6eE2l5fQG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/lIRnQROSYziNmE2x6X4DFmnGSG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.190.130.0/24
195.190.139.0/24
195.190.144.0/24
Signature Algorithm: sha256WithRSAEncryption
64:3f:54:64:87:2a:81:47:37:11:d6:cd:ec:22:36:12:6c:2c:
29:5d:c8:2b:52:c7:72:52:eb:16:33:5b:82:fa:a9:42:84:65:
62:2e:69:23:ff:77:a5:dc:23:ec:89:e2:23:9b:b5:f9:c0:21:
c5:49:6a:6f:1d:dc:be:86:1e:a0:68:58:f1:59:5a:19:21:00:
6c:a9:61:ae:45:39:c2:55:78:bf:18:81:a5:6e:b8:3d:9d:12:
ec:ff:81:6b:3d:7f:e7:ed:54:11:22:77:f6:19:5d:ad:65:a5:
df:e5:c7:9a:fc:91:21:53:2b:6f:76:39:c8:0a:47:02:03:c5:
79:9b:9e:82:e7:02:d3:42:77:76:1c:d8:6f:08:94:e6:fb:ae:
cb:c7:b1:03:9d:95:0b:92:80:3c:c9:40:5a:5e:31:f1:a1:a1:
c8:d4:76:f3:5b:84:4b:29:66:9c:bf:ea:b0:3c:7c:0d:e8:f0:
57:18:71:89:44:e5:25:7c:3e:8b:87:fd:10:c7:f9:dd:e7:bc:
7d:a9:30:04:c5:30:94:f9:4c:bb:5f:f0:42:7a:0b:8c:37:78:
23:ee:87:eb:48:80:d3:57:66:d1:1f:0d:8a:82:83:a9:11:25:
e0:c0:ba:22:1d:94:54:1c:5c:6a:e7:ac:06:6f:c0:bf:81:d7:
fe:11:67:de
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAr0pyTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDg0Njc0MTEzOTI2MzM4OGQ5ODRkYjFlOTdlMDMxNjY5YzY0ODZlMB4XDTIyMDQx
NzEzMjI0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjRmZjE5NDIyNDU4
M2M5MzVmZDE3ZmU1N2JhNzg0ZGE1ZTVmNDA2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALyNAgbg6fo5XFBfm+Sr7pa7EVBaVD/cJBRvaEM3SmcGzjuO
c/so64I8o6Kvy7XF3XOim0LtuiK98HsGCHjKdpOfXSZ2WTHYzTA8qRWanszMu6gY
sbE09Yoi3tCeVuL6VlPF7QZwyEc59xe2AWA4rjMq9f4joYcsTXvpmIgNiEvw7+r5
jli0WxUljaSayfYn9K49SJVYjrZNi2VpNP+IAl+U9gD+YX7NNZZvZiMmOgqdXD+5
QDlEi5E3zdHx0VQi46e6rZ29rgbPI9Pi8nUGYkfPLDdHMf7aSRVjW0Xwv/6C8lyH
75UBbPxvOU0nwQ6ZhJOBTuMnBldyQmo48R1Mrj8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQk/xlCJFg8k1/Rf+V7p4TaXl9AbjAfBgNVHSMEGDAWgBSUhGdBE5JjOI2Y
TbHpfgMWacZIbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xJUm5RUk9TWXppTm1FMng2WDRERm1uR1NHNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvYTQ5MTAyLTA2MTItNDdhMC04MTE3LWNiMTEyNTAwN2RmYi8x
L0pQOFpRaVJZUEpOZjBYX2xlNmVFMmw1ZlFHNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
YTQ5MTAyLTA2MTItNDdhMC04MTE3LWNiMTEyNTAwN2RmYi8xL2xJUm5RUk9TWXpp
Tm1FMng2WDRERm1uR1NHNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAMO+ggMEAMO+iwMEAMO+kDANBgkq
hkiG9w0BAQsFAAOCAQEAZD9UZIcqgUc3EdbN7CI2EmwsKV3IK1LHclLrFjNbgvqp
QoRlYi5pI/93pdwj7IniI5u1+cAhxUlqbx3cvoYeoGhY8VlaGSEAbKlhrkU5wlV4
vxiBpW64PZ0S7P+Baz1/5+1UESJ39hldrWWl3+XHmvyRIVMrb3Y5yApHAgPFeZue
gucC00J3dhzYbwiU5vuuy8exA52VC5KAPMlAWl4x8aGhyNR281uESylmnL/qsDx8
DejwVxhxiUTlJXw+i4f9EMf53ee8fakwBMUwlPlMu1/wQnoLjDd4I+6H60iA01dm
0R8NioKDqREl4MC6Ih2UVBxcauesBm/Av4HX/hFn3g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:05 2024 by rpki-client on console-ams.rpki-client.org