Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/df05e1-6862-4ed4-876d-150b5db4f56b/1/Jn8n2prfnwhfyCoFk25LiKLRx50.roa
File: Jn8n2prfnwhfyCoFk25LiKLRx50.roa (raw, json)
Hash identifier: e6y/jS0l1/pDm4ofxthYLpAWztp+jH2SzeglBxvQdMg=
Subject key identifier: 26:7F:27:DA:9A:DF:9F:08:5F:C8:2A:05:93:6E:4B:88:A2:D1:C7:9D
Certificate issuer: /CN=f6f18c02405742c25377d696cd2a69dcc974bff8
Certificate serial: 0181D57D50DEA339BD28648C0F7F62E21A06
Authority key identifier: F6:F1:8C:02:40:57:42:C2:53:77:D6:96:CD:2A:69:DC:C9:74:BF:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9vGMAkBXQsJTd9aWzSpp3Ml0v_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/df05e1-6862-4ed4-876d-150b5db4f56b/1/Jn8n2prfnwhfyCoFk25LiKLRx50.roa
Signing time: Wed 06 Jul 2022 21:49:28 +0000
ROA not before: Wed 06 Jul 2022 21:49:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48919
IP address blocks: 95.215.92.0/22 maxlen: 22
31.128.160.0/19 maxlen: 19
2001:67c:19ac::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d5:7d:50:de:a3:39:bd:28:64:8c:0f:7f:62:e2:1a:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6f18c02405742c25377d696cd2a69dcc974bff8
Validity
Not Before: Jul 6 21:49:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=267f27da9adf9f085fc82a05936e4b88a2d1c79d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:fb:17:77:a9:59:e7:07:61:69:51:61:88:e0:
ab:2e:19:21:36:ed:b8:64:ab:dd:1d:3b:e1:df:21:
bd:b0:fc:35:3d:bf:f4:9a:15:a5:f1:41:d1:d4:f1:
3b:13:cb:83:a9:2f:2b:90:95:a5:14:71:2f:8b:5e:
ba:90:a6:57:f9:62:1f:99:5c:0d:9d:b4:2d:a4:0c:
18:7c:12:67:08:d1:a9:f3:2c:a2:69:be:0d:ef:6b:
9a:5a:68:c3:4f:7a:71:9a:53:a2:ba:d9:3c:d0:79:
90:32:9c:48:92:dc:21:a4:40:9a:ad:63:1f:a5:d6:
df:11:9f:88:d2:b8:e4:ed:f9:d1:5d:33:3c:65:3a:
ce:83:18:13:44:53:91:a9:9f:91:f2:09:97:67:cb:
f3:59:63:4c:96:76:ba:4e:52:91:7e:2a:df:2b:f0:
50:66:35:c7:44:e9:f2:d0:bf:e4:dc:1c:44:3c:fe:
38:80:76:db:1a:07:bb:dc:81:4d:b0:d5:50:e7:fd:
8b:f6:50:c6:3c:a0:5f:67:48:bb:f6:91:72:3e:06:
6a:ce:72:fc:cd:f1:da:ba:a3:f9:32:8e:02:e1:6f:
34:b1:1e:35:55:12:80:31:85:31:19:91:0f:2c:2f:
d9:bd:7a:9e:ec:41:c8:4d:27:56:1d:d9:9a:73:d0:
7b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:7F:27:DA:9A:DF:9F:08:5F:C8:2A:05:93:6E:4B:88:A2:D1:C7:9D
X509v3 Authority Key Identifier:
keyid:F6:F1:8C:02:40:57:42:C2:53:77:D6:96:CD:2A:69:DC:C9:74:BF:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9vGMAkBXQsJTd9aWzSpp3Ml0v_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/df05e1-6862-4ed4-876d-150b5db4f56b/1/Jn8n2prfnwhfyCoFk25LiKLRx50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/df05e1-6862-4ed4-876d-150b5db4f56b/1/9vGMAkBXQsJTd9aWzSpp3Ml0v_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.160.0/19
95.215.92.0/22
IPv6:
2001:67c:19ac::/48
Signature Algorithm: sha256WithRSAEncryption
6d:40:45:5e:94:20:68:fa:4d:ad:32:33:43:f0:b0:2f:3f:2f:
8e:59:d8:06:53:f9:17:38:94:97:ef:dd:16:8c:46:14:2a:4e:
84:d9:d4:71:bd:28:48:c7:60:ba:a6:2d:56:5b:40:20:bf:46:
bc:f3:63:65:9d:a0:0f:4d:42:d6:67:a8:61:13:3c:b3:b2:8b:
40:07:38:f6:55:1c:c2:a2:33:c9:7b:3b:eb:b5:fb:0e:90:7c:
d3:de:03:7a:a3:32:18:4b:f1:e0:07:80:4b:fd:85:ca:2d:cb:
52:13:9d:be:4a:6c:c2:69:53:68:80:d8:a6:75:6f:e7:fc:f4:
66:34:c5:94:81:89:ee:8e:09:6c:cc:ac:63:a1:1d:a1:2d:5b:
47:17:a9:1a:c7:a5:1b:1f:c4:22:f4:e1:7d:86:77:b8:5b:09:
f3:39:ea:14:1f:2a:7d:df:09:1a:26:ba:ad:ac:76:04:ec:8b:
a4:e8:03:6e:4b:03:65:0d:13:9b:54:60:2f:5f:72:f9:d2:50:
e1:d0:d4:94:ca:44:0b:fc:2f:30:fd:98:56:bd:67:ef:cc:3c:
f4:4e:ae:96:74:1a:ce:ba:db:c1:09:e8:65:80:3c:c2:e1:92:
33:68:61:70:72:6a:27:48:4b:c3:eb:6c:7a:0c:48:b9:b8:32:
6d:ac:88:b1
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYHVfVDeozm9KGSMD39i4hoGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2ZjE4YzAyNDA1NzQyYzI1Mzc3ZDY5NmNkMmE2OWRjYzk3
NGJmZjgwHhcNMjIwNzA2MjE0OTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjdmMjdkYTlhZGY5ZjA4NWZjODJhMDU5MzZlNGI4OGEyZDFjNzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8vsXd6lZ5wdhaVFhiOCrLhkhNu24
ZKvdHTvh3yG9sPw1Pb/0mhWl8UHR1PE7E8uDqS8rkJWlFHEvi166kKZX+WIfmVwN
nbQtpAwYfBJnCNGp8yyiab4N72uaWmjDT3pxmlOiutk80HmQMpxIktwhpECarWMf
pdbfEZ+I0rjk7fnRXTM8ZTrOgxgTRFORqZ+R8gmXZ8vzWWNMlna6TlKRfirfK/BQ
ZjXHROny0L/k3BxEPP44gHbbGge73IFNsNVQ5/2L9lDGPKBfZ0i79pFyPgZqznL8
zfHauqP5Mo4C4W80sR41VRKAMYUxGZEPLC/ZvXqe7EHITSdWHdmac9B7YwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCZ/J9qa358IX8gqBZNuS4ii0cedMB8GA1UdIwQY
MBaAFPbxjAJAV0LCU3fWls0qadzJdL/4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXZHTUFrQlhRc0pUZDlhV3pTcHAzTWwwdl9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9kZjA1ZTEtNjg2Mi00ZWQ0LTg3NmQt
MTUwYjVkYjRmNTZiLzEvSm44bjJwcmZud2hmeUNvRmsyNUxpS0xSeDUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9kZjA1ZTEtNjg2Mi00ZWQ0LTg3NmQtMTUwYjVkYjRmNTZi
LzEvOXZHTUFrQlhRc0pUZDlhV3pTcHAzTWwwdl9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQFH4CgAwQC
X9dcMA8EAgACMAkDBwAgAQZ8GawwDQYJKoZIhvcNAQELBQADggEBAG1ARV6UIGj6
Ta0yM0PwsC8/L45Z2AZT+Rc4lJfv3RaMRhQqToTZ1HG9KEjHYLqmLVZbQCC/Rrzz
Y2WdoA9NQtZnqGETPLOyi0AHOPZVHMKiM8l7O+u1+w6QfNPeA3qjMhhL8eAHgEv9
hcoty1ITnb5KbMJpU2iA2KZ1b+f89GY0xZSBie6OCWzMrGOhHaEtW0cXqRrHpRsf
xCL04X2Gd7hbCfM56hQfKn3fCRomuq2sdgTsi6ToA25LA2UNE5tUYC9fcvnSUOHQ
1JTKRAv8LzD9mFa9Z+/MPPROrpZ0Gs6628EJ6GWAPMLhkjNoYXByaidIS8PrbHoM
SLm4Mm2siLE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:59 2024 by rpki-client on console-ams.rpki-client.org