Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/JX7utHvlOIJLrFItYhSAN6VOLkk.roa
File: JX7utHvlOIJLrFItYhSAN6VOLkk.roa (raw, json)
Hash identifier: XO1iG/Sa2FPFGsRvyvjYdGs7bbfJWWPRmX7JmihGNuw=
Subject key identifier: 25:7E:EE:B4:7B:E5:38:82:4B:AC:52:2D:62:14:80:37:A5:4E:2E:49
Certificate issuer: /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial: 01848503686BFC7D350F090A56BCFDA7672A
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/JX7utHvlOIJLrFItYhSAN6VOLkk.roa
Signing time: Thu 17 Nov 2022 09:55:03 +0000
ROA not before: Thu 17 Nov 2022 09:55:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9002
IP address blocks: 87.245.192.0/18 maxlen: 18
87.245.208.0/20 maxlen: 20
87.245.208.0/21 maxlen: 21
185.82.8.0/22 maxlen: 22
87.245.224.0/19 maxlen: 19
2a02:2d8::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:85:03:68:6b:fc:7d:35:0f:09:0a:56:bc:fd:a7:67:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
Validity
Not Before: Nov 17 09:55:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=257eeeb47be538824bac522d62148037a54e2e49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1b:12:80:33:fc:fc:98:0b:71:bd:f5:8b:ea:
ea:38:12:8e:c8:50:55:93:c5:7b:f3:5d:7c:2c:f2:
2d:bd:1d:17:a7:2e:7c:73:15:57:56:3b:a3:88:c8:
e4:6d:e9:9b:ba:24:68:de:d7:3b:0f:3a:44:2b:b2:
ab:b6:b0:28:d1:76:62:0e:87:f0:76:a2:d0:3b:d6:
7c:29:3e:e6:4b:de:e5:45:16:8d:c5:83:3b:13:07:
64:a7:f1:4f:77:0f:e2:34:c2:dd:3e:50:17:e8:80:
94:ab:e8:a4:10:a5:9b:3e:29:6e:a0:20:32:6d:64:
01:23:0f:78:da:f5:b0:b1:eb:28:1d:6f:d2:46:00:
26:e8:55:c7:ac:e9:a6:3f:40:e8:fa:8f:fc:24:63:
95:d9:4e:32:e4:b7:8b:35:88:f3:3c:41:f7:68:9a:
89:f9:63:d4:f1:5d:d7:f8:09:f5:d8:02:b4:56:12:
53:4d:ce:a0:de:6e:42:16:9e:cc:d3:2c:46:a8:99:
6f:bb:90:2f:b0:1d:03:5c:12:02:18:be:12:1d:f4:
89:7c:cb:29:99:4a:b3:76:7e:27:ab:12:e1:90:a7:
f3:52:48:6f:20:dc:3e:5a:79:b2:30:86:24:67:91:
88:27:98:f9:12:b4:dd:71:86:6c:97:b0:6e:82:9f:
84:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:7E:EE:B4:7B:E5:38:82:4B:AC:52:2D:62:14:80:37:A5:4E:2E:49
X509v3 Authority Key Identifier:
keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/JX7utHvlOIJLrFItYhSAN6VOLkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.245.192.0/18
185.82.8.0/22
IPv6:
2a02:2d8::/32
Signature Algorithm: sha256WithRSAEncryption
68:d2:bb:6e:57:ff:9b:45:a3:dc:74:8f:22:06:56:35:2e:0b:
26:ed:99:cc:aa:db:17:2c:0b:41:1a:b5:ff:b6:eb:46:4c:d0:
67:3e:2d:ef:bd:2d:6b:ac:ec:6c:96:90:a2:79:56:4f:23:d2:
6f:7a:e5:28:5f:ac:1b:23:20:8d:4a:37:c9:7b:f4:41:a0:32:
19:b3:d4:d1:03:e0:d4:58:86:b8:f2:9d:67:85:d7:95:16:5c:
87:12:ec:b3:b3:79:eb:d7:34:b2:db:6c:96:ed:17:0d:ff:f1:
44:d2:b2:a7:0a:c0:1a:93:f1:3e:77:eb:bf:89:1a:07:f8:f0:
7f:3f:2a:92:47:68:15:d5:06:24:56:b8:ed:ab:33:4a:a9:f3:
a8:63:2f:d3:d2:65:62:d5:2c:99:57:27:a9:19:4c:c7:0a:92:
ab:a1:dd:10:14:3b:25:ae:48:d8:4c:ed:b7:66:92:fd:38:43:
f1:9b:f5:e8:72:5c:72:41:1e:ce:59:3f:da:6c:e4:63:88:80:
b4:9b:7f:8c:cf:ac:86:84:61:87:0f:fb:80:14:5d:74:be:2f:
2b:50:2c:e7:a2:b4:71:b0:ac:18:ab:2d:c6:f4:e0:51:80:eb:
00:87:f5:64:59:33:df:79:dc:3c:c0:fc:d7:52:b0:62:3b:47:
39:4a:82:f7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYSFA2hr/H01DwkKVrz9p2cqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YmUwMmRlYTBhMDg2ZTk4ODBmNTY0Yzg2ODcyYmJjNTk3
Y2M2NzIwHhcNMjIxMTE3MDk1NTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTdlZWViNDdiZTUzODgyNGJhYzUyMmQ2MjE0ODAzN2E1NGUyZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhsSgDP8/JgLcb31i+rqOBKOyFBV
k8V78118LPItvR0Xpy58cxVXVjujiMjkbembuiRo3tc7DzpEK7KrtrAo0XZiDofw
dqLQO9Z8KT7mS97lRRaNxYM7Ewdkp/FPdw/iNMLdPlAX6ICUq+ikEKWbPiluoCAy
bWQBIw942vWwsesoHW/SRgAm6FXHrOmmP0Do+o/8JGOV2U4y5LeLNYjzPEH3aJqJ
+WPU8V3X+An12AK0VhJTTc6g3m5CFp7M0yxGqJlvu5AvsB0DXBICGL4SHfSJfMsp
mUqzdn4nqxLhkKfzUkhvINw+WnmyMIYkZ5GIJ5j5ErTdcYZsl7Bugp+EDQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCV+7rR75TiCS6xSLWIUgDelTi5JMB8GA1UdIwQY
MBaAFCm+At6goIbpiA9WTIaHK7xZfMZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMt
MDAzYTE1NjhiZjNmLzEvSlg3dXRIdmxPSUpMckZJdFloU0FONlZPTGtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMtMDAzYTE1NjhiZjNm
LzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGV/XAAwQC
uVIIMA0EAgACMAcDBQAqAgLYMA0GCSqGSIb3DQEBCwUAA4IBAQBo0rtuV/+bRaPc
dI8iBlY1Lgsm7ZnMqtsXLAtBGrX/tutGTNBnPi3vvS1rrOxslpCieVZPI9JveuUo
X6wbIyCNSjfJe/RBoDIZs9TRA+DUWIa48p1nhdeVFlyHEuyzs3nr1zSy22yW7RcN
//FE0rKnCsAak/E+d+u/iRoH+PB/PyqSR2gV1QYkVrjtqzNKqfOoYy/T0mVi1SyZ
VyepGUzHCpKrod0QFDslrkjYTO23ZpL9OEPxm/XoclxyQR7OWT/abORjiIC0m3+M
z6yGhGGHD/uAFF10vi8rUCznorRxsKwYqy3G9OBRgOsAh/VkWTPfedw8wPzXUrBi
O0c5SoL3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:09 2024 by rpki-client on console-ams.rpki-client.org