Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/df05e1-6862-4ed4-876d-150b5db4f56b/1/Js-BoPvEGbdirNzPcQ1Qy051wz8.roa
File: Js-BoPvEGbdirNzPcQ1Qy051wz8.roa (raw, json)
Hash identifier: HxaEH0F9JZvwKZ4avYxu6WBQuLbe3YGAG1CS4cNmqYw=
Subject key identifier: 26:CF:81:A0:FB:C4:19:B7:62:AC:DC:CF:71:0D:50:CB:4E:75:C3:3F
Certificate issuer: /CN=f6f18c02405742c25377d696cd2a69dcc974bff8
Certificate serial: 018CC801BDEE0A0A1DD4CB31EB2199EB4B23
Authority key identifier: F6:F1:8C:02:40:57:42:C2:53:77:D6:96:CD:2A:69:DC:C9:74:BF:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9vGMAkBXQsJTd9aWzSpp3Ml0v_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/df05e1-6862-4ed4-876d-150b5db4f56b/1/Js-BoPvEGbdirNzPcQ1Qy051wz8.roa
Signing time: Tue 02 Jan 2024 02:30:06 +0000
ROA not before: Tue 02 Jan 2024 02:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48919
IP address blocks: 95.215.92.0/22 maxlen: 22
31.128.160.0/20 maxlen: 20
2001:67c:19ac::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:bd:ee:0a:0a:1d:d4:cb:31:eb:21:99:eb:4b:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6f18c02405742c25377d696cd2a69dcc974bff8
Validity
Not Before: Jan 2 02:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26cf81a0fbc419b762acdccf710d50cb4e75c33f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:be:de:56:1e:29:c0:13:21:47:19:7b:8e:e8:
46:4c:2c:3c:cb:79:01:78:1c:c1:c0:29:51:f6:23:
83:02:0f:20:6d:6b:cc:11:3d:59:18:ad:d7:96:61:
98:f3:04:85:e3:fb:91:67:7c:bd:2a:83:c3:d0:34:
dc:15:8a:f1:7c:c6:34:e1:44:aa:31:c1:4a:90:c0:
0a:06:1b:df:a8:05:69:49:91:ed:30:8a:74:9a:43:
5a:09:76:55:72:e8:ac:8e:09:69:d7:8d:31:88:9e:
ca:6c:2c:36:e1:b0:4f:ca:d3:75:a3:97:6f:b1:4c:
b1:b5:40:e3:4d:07:24:b7:67:f2:00:6a:04:76:f8:
50:79:3c:75:c8:03:fb:0d:2d:73:98:0f:2b:4a:01:
20:4e:70:3e:18:2b:3d:e4:35:30:4f:39:42:b2:7b:
ed:81:b0:56:cc:55:6a:4a:a1:40:3f:fb:fc:f7:29:
20:10:dc:d6:8c:80:c0:a1:62:dd:b1:53:8b:59:30:
6e:f9:a1:3d:e1:86:7c:50:46:d4:b2:26:9a:05:9c:
c8:71:8e:46:09:59:9c:54:20:8e:a2:9c:4f:bd:30:
d4:c2:66:e0:86:3e:dc:a5:6b:96:ed:f3:26:60:f5:
b2:44:b2:d4:2d:8f:82:52:84:e9:c3:53:d4:c8:59:
c2:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:CF:81:A0:FB:C4:19:B7:62:AC:DC:CF:71:0D:50:CB:4E:75:C3:3F
X509v3 Authority Key Identifier:
keyid:F6:F1:8C:02:40:57:42:C2:53:77:D6:96:CD:2A:69:DC:C9:74:BF:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9vGMAkBXQsJTd9aWzSpp3Ml0v_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/df05e1-6862-4ed4-876d-150b5db4f56b/1/Js-BoPvEGbdirNzPcQ1Qy051wz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/df05e1-6862-4ed4-876d-150b5db4f56b/1/9vGMAkBXQsJTd9aWzSpp3Ml0v_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.160.0/20
95.215.92.0/22
IPv6:
2001:67c:19ac::/48
Signature Algorithm: sha256WithRSAEncryption
0a:59:27:74:a2:00:3d:34:e0:41:3d:01:bf:fc:27:73:3b:8a:
27:27:5d:1e:9f:1c:ca:db:af:f8:76:64:b2:7f:7c:19:4a:e2:
fb:2e:1d:1b:8d:80:a8:eb:c8:4c:f3:d2:02:89:79:76:62:99:
b5:85:b3:1c:3b:a9:fa:6c:a7:45:e3:dd:77:cd:cc:7a:fc:98:
6f:a7:b8:fc:05:8a:c8:02:7f:86:22:2d:15:e4:4e:53:9a:88:
92:fa:a3:f8:c1:f8:d9:00:48:64:9a:e3:a3:b1:5b:5d:e5:73:
48:aa:80:bf:c7:2c:a7:83:b2:f8:7c:71:bf:58:3b:be:b4:a7:
50:43:32:7f:7f:cd:2f:1d:7e:d2:2c:d1:6a:16:f2:32:79:1a:
f1:ce:f0:06:fe:54:56:6e:8d:c1:9d:a3:af:e8:a7:71:e5:7c:
8c:a2:93:af:d4:4d:21:d4:9a:51:27:a2:d2:07:d6:99:03:a7:
41:6c:7c:57:80:d6:de:d9:d8:92:b0:8d:f9:8a:c3:08:48:42:
c3:74:3e:a3:33:e4:a4:42:ef:7b:56:64:b0:63:63:82:94:b9:
95:a6:f7:9b:a3:6d:bb:42:71:12:9e:9e:c7:40:7d:5d:cd:60:
b6:c8:0e:ff:95:83:65:cb:50:99:20:48:dd:1d:bc:ab:7d:e6:
2c:c2:b1:31
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzIAb3uCgod1Msx6yGZ60sjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2ZjE4YzAyNDA1NzQyYzI1Mzc3ZDY5NmNkMmE2OWRjYzk3
NGJmZjgwHhcNMjQwMTAyMDIzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmNmODFhMGZiYzQxOWI3NjJhY2RjY2Y3MTBkNTBjYjRlNzVjMzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmL7eVh4pwBMhRxl7juhGTCw8y3kB
eBzBwClR9iODAg8gbWvMET1ZGK3XlmGY8wSF4/uRZ3y9KoPD0DTcFYrxfMY04USq
McFKkMAKBhvfqAVpSZHtMIp0mkNaCXZVcuisjglp140xiJ7KbCw24bBPytN1o5dv
sUyxtUDjTQckt2fyAGoEdvhQeTx1yAP7DS1zmA8rSgEgTnA+GCs95DUwTzlCsnvt
gbBWzFVqSqFAP/v89ykgENzWjIDAoWLdsVOLWTBu+aE94YZ8UEbUsiaaBZzIcY5G
CVmcVCCOopxPvTDUwmbghj7cpWuW7fMmYPWyRLLULY+CUoTpw1PUyFnCFwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCbPgaD7xBm3Yqzcz3ENUMtOdcM/MB8GA1UdIwQY
MBaAFPbxjAJAV0LCU3fWls0qadzJdL/4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXZHTUFrQlhRc0pUZDlhV3pTcHAzTWwwdl9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9kZjA1ZTEtNjg2Mi00ZWQ0LTg3NmQt
MTUwYjVkYjRmNTZiLzEvSnMtQm9QdkVHYmRpck56UGNRMVF5MDUxd3o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9kZjA1ZTEtNjg2Mi00ZWQ0LTg3NmQtMTUwYjVkYjRmNTZi
LzEvOXZHTUFrQlhRc0pUZDlhV3pTcHAzTWwwdl9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQEH4CgAwQC
X9dcMA8EAgACMAkDBwAgAQZ8GawwDQYJKoZIhvcNAQELBQADggEBAApZJ3SiAD00
4EE9Ab/8J3M7iicnXR6fHMrbr/h2ZLJ/fBlK4vsuHRuNgKjryEzz0gKJeXZimbWF
sxw7qfpsp0Xj3XfNzHr8mG+nuPwFisgCf4YiLRXkTlOaiJL6o/jB+NkASGSa46Ox
W13lc0iqgL/HLKeDsvh8cb9YO760p1BDMn9/zS8dftIs0WoW8jJ5GvHO8Ab+VFZu
jcGdo6/op3HlfIyik6/UTSHUmlEnotIH1pkDp0FsfFeA1t7Z2JKwjfmKwwhIQsN0
PqMz5KRC73tWZLBjY4KUuZWm95ujbbtCcRKensdAfV3NYLbIDv+Vg2XLUJkgSN0d
vKt95izCsTE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:40 2025 by rpki-client