Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/Jd00MS9Bxa5MqKesvsqNLi2W8F4.roa
File: Jd00MS9Bxa5MqKesvsqNLi2W8F4.roa (raw, json)
Hash identifier: mcuOletPHPjUMi6ajYxZhZxXCUb6h5RcDrtRB7AWneE=
Subject key identifier: 25:DD:34:31:2F:41:C5:AE:4C:A8:A7:AC:BE:CA:8D:2E:2D:96:F0:5E
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018C3EDEC0187A5E4EABF443BD01E1E47422
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/Jd00MS9Bxa5MqKesvsqNLi2W8F4.roa
Signing time: Wed 06 Dec 2023 11:23:54 +0000
ROA not before: Wed 06 Dec 2023 11:23:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 95.82.0.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:de:c0:18:7a:5e:4e:ab:f4:43:bd:01:e1:e4:74:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Dec 6 11:23:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25dd34312f41c5ae4ca8a7acbeca8d2e2d96f05e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:34:76:6b:77:be:98:42:b9:d8:24:92:2b:f9:
c5:97:50:1d:ad:73:23:e3:e5:0e:8b:8b:1a:b7:ab:
e9:91:6f:a9:ae:ff:17:de:16:fd:e3:dc:f9:be:46:
59:c2:8f:9c:47:dc:0f:b7:ea:f1:b5:88:ba:de:1f:
29:86:47:1d:d5:60:31:40:60:62:56:a1:fd:6a:d3:
77:fe:82:43:9f:fa:e9:dd:69:0d:8c:36:7e:83:b0:
77:06:b3:d5:57:f8:b5:34:e7:6b:ed:fe:42:99:0e:
4c:3c:a3:39:7c:5b:fc:a6:ec:ec:92:dc:c5:b7:6a:
b1:c2:0b:6e:30:af:6f:2f:36:78:c9:7d:be:9e:e7:
a2:97:ee:93:8e:21:63:c0:1d:0f:db:ba:a3:70:e1:
f0:14:94:ce:06:d6:99:71:98:39:63:de:0e:4a:53:
76:9a:08:29:77:39:57:ee:18:f7:f7:5e:dd:cb:6c:
51:46:54:cd:12:b5:8b:ea:94:74:6b:89:41:cf:d7:
72:a2:2c:44:68:be:ae:52:29:2d:7c:e8:be:21:49:
f6:2f:46:7a:74:8b:fb:65:5c:30:af:8c:c6:b1:f7:
b0:4c:4a:a2:f3:26:1d:68:fc:84:ab:63:b5:b3:dd:
da:4e:ad:dc:18:1e:a7:0a:71:46:6b:eb:8b:93:fb:
9d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:DD:34:31:2F:41:C5:AE:4C:A8:A7:AC:BE:CA:8D:2E:2D:96:F0:5E
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/Jd00MS9Bxa5MqKesvsqNLi2W8F4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.82.0.0/21
Signature Algorithm: sha256WithRSAEncryption
77:68:9c:04:d4:a2:68:f9:e5:6c:46:b2:20:44:f1:48:ed:14:
28:f1:79:31:fb:e7:4d:9f:9a:24:57:ea:cf:95:4b:75:6e:61:
2d:da:10:39:a5:7f:08:cd:7f:0d:13:d8:9d:f6:40:25:ec:53:
92:a9:d5:c1:c6:92:fa:7e:bd:5d:dc:e2:ee:f6:9c:d3:4b:86:
60:9a:f1:0c:8a:e8:a4:88:f3:7c:a8:0f:89:74:a8:46:2e:e8:
d6:9c:ad:a1:5d:c5:f6:e5:a3:ad:01:c9:86:c5:eb:d9:96:61:
aa:66:85:51:f5:16:00:86:c2:df:59:35:64:9b:50:82:25:ef:
93:f8:8e:fc:a4:f7:1f:15:50:94:41:29:cb:9c:01:65:42:14:
25:a7:c9:80:88:ae:26:aa:23:2a:a0:49:37:72:d7:5b:da:cd:
63:53:3c:f6:a9:0c:99:11:2f:6a:71:d9:ca:ae:29:10:b6:91:
5a:eb:66:90:89:59:b4:6f:02:d0:14:12:4b:72:6f:07:d6:77:
15:51:51:16:0d:ac:46:49:45:05:02:f5:d4:68:c2:51:02:dc:
0e:6e:4d:35:64:6f:95:94:c1:3c:31:22:5c:13:6e:18:af:5a:
56:82:2d:d9:5f:df:4c:bc:38:ac:76:91:86:32:fd:8d:02:cd:
2c:d2:12:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw+3sAYel5Oq/RDvQHh5HQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMxMjA2MTEyMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWRkMzQzMTJmNDFjNWFlNGNhOGE3YWNiZWNhOGQyZTJkOTZmMDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTR2a3e+mEK52CSSK/nFl1AdrXMj
4+UOi4sat6vpkW+prv8X3hb949z5vkZZwo+cR9wPt+rxtYi63h8phkcd1WAxQGBi
VqH9atN3/oJDn/rp3WkNjDZ+g7B3BrPVV/i1NOdr7f5CmQ5MPKM5fFv8puzsktzF
t2qxwgtuMK9vLzZ4yX2+nueil+6TjiFjwB0P27qjcOHwFJTOBtaZcZg5Y94OSlN2
mggpdzlX7hj3917dy2xRRlTNErWL6pR0a4lBz9dyoixEaL6uUiktfOi+IUn2L0Z6
dIv7ZVwwr4zGsfewTEqi8yYdaPyEq2O1s93aTq3cGB6nCnFGa+uLk/ud2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCXdNDEvQcWuTKinrL7KjS4tlvBeMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvSmQwME1TOUJ4YTVNcUtlc3ZzcU5MaTJXOEY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDX1IAMA0G
CSqGSIb3DQEBCwUAA4IBAQB3aJwE1KJo+eVsRrIgRPFI7RQo8Xkx++dNn5okV+rP
lUt1bmEt2hA5pX8IzX8NE9id9kAl7FOSqdXBxpL6fr1d3OLu9pzTS4ZgmvEMiuik
iPN8qA+JdKhGLujWnK2hXcX25aOtAcmGxevZlmGqZoVR9RYAhsLfWTVkm1CCJe+T
+I78pPcfFVCUQSnLnAFlQhQlp8mAiK4mqiMqoEk3ctdb2s1jUzz2qQyZES9qcdnK
rikQtpFa62aQiVm0bwLQFBJLcm8H1ncVUVEWDaxGSUUFAvXUaMJRAtwObk01ZG+V
lME8MSJcE24Yr1pWgi3ZX99MvDisdpGGMv2NAs0s0hLt
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:42 2025 by rpki-client