Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/J-MOqcwc5ORTQQOWV0mDQe6rWaQ.roa
File: J-MOqcwc5ORTQQOWV0mDQe6rWaQ.roa (raw, json)
Hash identifier: ibmVUgqfHx2vNc1+Iw5MUmmM7oXWm9n+tifAVgo2exU=
Subject key identifier: 27:E3:0E:A9:CC:1C:E4:E4:53:41:03:96:57:49:83:41:EE:AB:59:A4
Certificate issuer: /CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Certificate serial: 043BF9B1
Authority key identifier: 7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/J-MOqcwc5ORTQQOWV0mDQe6rWaQ.roa
Signing time: Sat 01 Jan 2022 07:00:15 +0000
ROA not before: Sat 01 Jan 2022 07:00:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41280
IP address blocks: 85.187.213.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71039409 (0x43bf9b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Validity
Not Before: Jan 1 07:00:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=27e30ea9cc1ce4e45341039657498341eeab59a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f1:63:d5:28:32:fc:87:f1:ff:41:45:42:63:
51:f6:f6:cf:14:44:69:df:5b:6f:d1:4d:32:14:98:
1e:2d:d5:eb:56:03:37:ff:69:a6:a9:0e:90:e6:ae:
e3:4d:92:ce:72:80:70:f5:7b:ac:60:1b:d1:8b:45:
2c:76:b4:2f:d5:9f:8c:77:26:0d:6f:ec:17:df:76:
bf:d9:1d:9c:54:8c:f2:a0:7e:62:72:2e:ff:7a:d2:
4c:c0:0b:18:ab:ce:dc:cf:24:a0:e2:78:5c:8c:1e:
65:fb:a6:e8:18:aa:60:33:79:ea:1b:a2:db:de:0a:
05:d2:d3:fb:b2:b7:6b:27:d9:08:4d:0c:7e:59:d6:
36:e5:91:fb:f9:46:b9:76:58:fa:ae:94:1c:c0:85:
74:95:d8:fd:2e:96:d8:74:25:79:3e:2b:5d:01:3c:
19:17:72:6d:97:49:f3:d3:b0:07:40:ec:e1:78:2b:
e4:0a:f8:c3:af:f2:3b:d2:f3:6d:9f:c3:a3:b7:0a:
89:2e:00:8e:c3:a4:a0:c6:ec:0f:e2:95:22:21:d6:
40:0b:8b:56:1f:6f:a9:79:15:37:c8:5d:f4:8e:f9:
e3:82:2b:56:80:b4:7c:b4:1c:5f:8d:a9:76:b9:cf:
ca:c8:ac:c2:1d:eb:dc:7f:2f:13:0b:94:11:b1:2e:
39:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:E3:0E:A9:CC:1C:E4:E4:53:41:03:96:57:49:83:41:EE:AB:59:A4
X509v3 Authority Key Identifier:
keyid:7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/J-MOqcwc5ORTQQOWV0mDQe6rWaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/fXtLyr6ylgXqUR3pc-RnXEuKKd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.213.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:72:f3:dc:d3:16:d0:33:a0:17:95:ae:b2:62:e6:5c:30:fb:
8f:41:6b:74:f5:cd:d8:10:66:60:5c:25:9e:52:fb:d1:9e:99:
d8:57:38:4b:d3:30:16:9b:f0:25:fd:f9:af:fe:9d:83:d2:80:
77:c3:7f:d0:ec:1c:cf:41:c3:47:fd:6e:24:2d:82:b9:f5:0b:
26:97:74:7a:a5:64:b0:5a:ec:6b:9d:ec:ac:9c:af:2a:88:14:
50:9a:aa:c4:12:aa:f6:d9:3a:6c:be:bb:7b:9b:b3:ba:f6:b7:
b0:0d:41:a8:9e:d8:5d:6f:05:b2:51:36:17:1b:c4:a7:93:8a:
aa:c4:55:df:dd:19:b3:0f:40:97:f9:60:96:55:e8:a6:be:d8:
fe:36:56:5e:e3:77:72:f2:68:c6:1e:32:fe:61:f7:a9:54:2b:
9d:7c:f6:22:ea:ed:03:38:89:16:24:1e:80:18:11:52:39:20:
2b:5f:bf:ee:5e:30:52:26:d6:43:07:24:6b:8a:6b:b5:7f:cf:
65:6d:af:4b:ae:c0:c3:d8:48:d4:de:5c:10:35:e7:13:ab:d2:
be:5b:b6:9c:b0:8d:03:bf:50:f2:98:c5:58:b9:5a:2e:f0:cc:
b4:06:dc:c5:4b:fc:72:df:b2:a6:0a:b1:58:d7:f6:8e:24:f8:
40:c0:9d:6e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBDv5sTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDdiNGJjYWJlYjI5NjA1ZWE1MTFkZTk3M2U0Njc1YzRiOGEyOWRmMB4XDTIyMDEw
MTA3MDAxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjdlMzBlYTljYzFj
ZTRlNDUzNDEwMzk2NTc0OTgzNDFlZWFiNTlhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKXxY9UoMvyH8f9BRUJjUfb2zxREad9bb9FNMhSYHi3V61YD
N/9ppqkOkOau402SznKAcPV7rGAb0YtFLHa0L9WfjHcmDW/sF992v9kdnFSM8qB+
YnIu/3rSTMALGKvO3M8koOJ4XIweZfum6BiqYDN56hui294KBdLT+7K3ayfZCE0M
flnWNuWR+/lGuXZY+q6UHMCFdJXY/S6W2HQleT4rXQE8GRdybZdJ89OwB0Ds4Xgr
5Ar4w6/yO9LzbZ/Do7cKiS4AjsOkoMbsD+KVIiHWQAuLVh9vqXkVN8hd9I7544Ir
VoC0fLQcX42pdrnPysiswh3r3H8vEwuUEbEuOd0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQn4w6pzBzk5FNBA5ZXSYNB7qtZpDAfBgNVHSMEGDAWgBR9e0vKvrKWBepR
Helz5GdcS4op3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZYdEx5cjZ5bGdYcVVSM3BjLVJuWEV1S0tkOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvODg5N2ZkLTE4NjItNDM5My1hYTRiLTQ0NzYxN2E0YTc0NC8x
L0otTU9xY3djNU9SVFFRT1dWMG1EUWU2cldhUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
ODg5N2ZkLTE4NjItNDM5My1hYTRiLTQ0NzYxN2E0YTc0NC8xL2ZYdEx5cjZ5bGdY
cVVSM3BjLVJuWEV1S0tkOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFW71TANBgkqhkiG9w0BAQsFAAOC
AQEAHnLz3NMW0DOgF5WusmLmXDD7j0FrdPXN2BBmYFwlnlL70Z6Z2Fc4S9MwFpvw
Jf35r/6dg9KAd8N/0Owcz0HDR/1uJC2CufULJpd0eqVksFrsa53srJyvKogUUJqq
xBKq9tk6bL67e5uzuva3sA1BqJ7YXW8FslE2FxvEp5OKqsRV390Zsw9Al/lgllXo
pr7Y/jZWXuN3cvJoxh4y/mH3qVQrnXz2IurtAziJFiQegBgRUjkgK1+/7l4wUibW
Qwcka4prtX/PZW2vS67Aw9hI1N5cEDXnE6vSvlu2nLCNA79Q8pjFWLlaLvDMtAbc
xUv8ct+ypgqxWNf2jiT4QMCdbg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:42 2024 by rpki-client on console-ams.rpki-client.org