Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/db5651-95f1-47c1-acf0-eafca5854257/1/JABhB9nwP6PjygCtmmqNZlCLL3Y.roa
File: JABhB9nwP6PjygCtmmqNZlCLL3Y.roa (raw, json)
Hash identifier: BKGuIPTTnJm28lXps0ZgtjFo3UOnFlDpa1Zc79mQUMs=
Subject key identifier: 24:00:61:07:D9:F0:3F:A3:E3:CA:00:AD:9A:6A:8D:66:50:8B:2F:76
Certificate issuer: /CN=ff994630fc74556ce508026870901545fb7b04cd
Certificate serial: 11FAABB3
Authority key identifier: FF:99:46:30:FC:74:55:6C:E5:08:02:68:70:90:15:45:FB:7B:04:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_5lGMPx0VWzlCAJocJAVRft7BM0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/db5651-95f1-47c1-acf0-eafca5854257/1/JABhB9nwP6PjygCtmmqNZlCLL3Y.roa
Signing time: Sat 01 Jan 2022 04:55:21 +0000
ROA not before: Sat 01 Jan 2022 04:55:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12684
IP address blocks: 84.235.141.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 301640627 (0x11faabb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff994630fc74556ce508026870901545fb7b04cd
Validity
Not Before: Jan 1 04:55:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24006107d9f03fa3e3ca00ad9a6a8d66508b2f76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:49:2b:f0:d4:c8:b1:15:ae:bc:95:53:3f:cd:
42:52:d7:d1:71:3f:52:ed:e4:d3:60:d3:6d:25:3f:
92:26:cb:29:a9:ca:fb:7a:d6:74:9e:84:04:d1:25:
67:ba:9d:8a:9a:bd:31:ac:01:ce:56:e7:75:3d:c0:
14:3f:67:f7:c2:74:f4:56:eb:27:a2:aa:bc:40:26:
fd:e6:8b:77:b4:48:29:0f:24:09:95:39:c4:62:25:
40:8d:7e:2c:df:42:eb:36:69:25:8c:fc:74:18:8f:
06:c7:6a:ef:c6:c3:5c:a4:ee:22:75:68:3a:a0:1e:
d1:ba:86:89:fe:11:b3:f8:9e:7a:1d:d5:ea:44:ee:
ad:1f:58:88:87:7c:85:d2:4d:f6:03:48:ec:f3:2d:
81:9b:09:52:cb:50:6b:04:98:d0:a4:d9:4e:62:5c:
be:cd:dd:72:2d:b4:80:4e:26:db:72:fe:20:43:88:
cf:a3:b2:24:e6:20:8b:63:f4:c1:02:4c:6a:ff:61:
18:fc:a2:b9:6a:b8:cf:99:cd:7c:b7:ab:bc:ac:d9:
cd:36:cd:74:0f:5a:d0:11:d7:f5:48:c9:68:4f:4f:
b9:3d:3b:c0:65:42:ad:20:86:65:b8:7b:bb:af:d7:
f1:55:c9:80:08:e9:48:e2:57:0d:65:2d:6c:8e:46:
5a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:00:61:07:D9:F0:3F:A3:E3:CA:00:AD:9A:6A:8D:66:50:8B:2F:76
X509v3 Authority Key Identifier:
keyid:FF:99:46:30:FC:74:55:6C:E5:08:02:68:70:90:15:45:FB:7B:04:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_5lGMPx0VWzlCAJocJAVRft7BM0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/db5651-95f1-47c1-acf0-eafca5854257/1/JABhB9nwP6PjygCtmmqNZlCLL3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/db5651-95f1-47c1-acf0-eafca5854257/1/_5lGMPx0VWzlCAJocJAVRft7BM0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.235.141.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:89:3d:ea:69:71:b9:d6:3e:bf:05:71:fd:ac:6d:35:8e:3f:
59:d2:03:f9:43:23:ec:69:67:1b:de:eb:0b:59:d0:99:93:f5:
de:fd:bf:34:54:e5:79:68:ba:6e:9d:86:25:87:70:c6:b4:a3:
d5:91:de:74:53:d9:9f:ff:b5:9a:ee:33:59:7a:73:4d:99:3c:
85:5e:24:c2:12:fa:73:19:aa:77:fd:35:9f:c1:44:3f:b0:8e:
ac:3b:59:db:37:11:88:3c:a7:64:d5:72:dd:cc:27:b6:f1:7d:
35:fd:c3:1a:f1:df:74:95:d4:30:74:2f:d0:83:89:ad:0b:3d:
7a:bb:49:a1:d5:80:7a:db:6e:44:e6:1b:74:20:1b:60:33:8e:
df:36:4c:8f:f4:79:62:e4:36:05:c1:c5:f7:76:cf:c2:16:89:
b8:b6:98:7c:6c:d9:3e:46:66:57:d6:92:31:02:8a:bb:39:5f:
4e:42:da:e0:80:f6:3f:81:95:93:26:3b:53:64:9b:ab:eb:a1:
d3:18:a4:a0:69:02:2d:46:41:95:ca:94:6d:92:28:ad:a6:1b:
dd:a7:8b:b5:5f:17:dc:31:39:59:f4:79:b4:c2:4b:30:fb:27:
34:dc:a7:70:42:00:2f:d0:68:53:db:a0:a6:b1:90:88:f4:85:
30:95:e0:9f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEfqrszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Zjk5NDYzMGZjNzQ1NTZjZTUwODAyNjg3MDkwMTU0NWZiN2IwNGNkMB4XDTIyMDEw
MTA0NTUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQwMDYxMDdkOWYw
M2ZhM2UzY2EwMGFkOWE2YThkNjY1MDhiMmY3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBJK/DUyLEVrryVUz/NQlLX0XE/Uu3k02DTbSU/kibLKanK
+3rWdJ6EBNElZ7qdipq9MawBzlbndT3AFD9n98J09FbrJ6KqvEAm/eaLd7RIKQ8k
CZU5xGIlQI1+LN9C6zZpJYz8dBiPBsdq78bDXKTuInVoOqAe0bqGif4Rs/ieeh3V
6kTurR9YiId8hdJN9gNI7PMtgZsJUstQawSY0KTZTmJcvs3dci20gE4m23L+IEOI
z6OyJOYgi2P0wQJMav9hGPyiuWq4z5nNfLervKzZzTbNdA9a0BHX9UjJaE9PuT07
wGVCrSCGZbh7u6/X8VXJgAjpSOJXDWUtbI5GWhECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQkAGEH2fA/o+PKAK2aao1mUIsvdjAfBgNVHSMEGDAWgBT/mUYw/HRVbOUI
AmhwkBVF+3sEzTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L181bEdNUHgwVld6bENBSm9jSkFWUmZ0N0JNMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWMvZGI1NjUxLTk1ZjEtNDdjMS1hY2YwLWVhZmNhNTg1NDI1Ny8x
L0pBQmhCOW53UDZQanlnQ3RtbXFOWmxDTEwzWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMv
ZGI1NjUxLTk1ZjEtNDdjMS1hY2YwLWVhZmNhNTg1NDI1Ny8xL181bEdNUHgwVld6
bENBSm9jSkFWUmZ0N0JNMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFTrjTANBgkqhkiG9w0BAQsFAAOC
AQEA14k96mlxudY+vwVx/axtNY4/WdID+UMj7GlnG97rC1nQmZP13v2/NFTleWi6
bp2GJYdwxrSj1ZHedFPZn/+1mu4zWXpzTZk8hV4kwhL6cxmqd/01n8FEP7COrDtZ
2zcRiDynZNVy3cwntvF9Nf3DGvHfdJXUMHQv0IOJrQs9ertJodWAettuROYbdCAb
YDOO3zZMj/R5YuQ2BcHF93bPwhaJuLaYfGzZPkZmV9aSMQKKuzlfTkLa4ID2P4GV
kyY7U2Sbq+uh0xikoGkCLUZBlcqUbZIoraYb3aeLtV8X3DE5WfR5tMJLMPsnNNyn
cEIAL9BoU9ugprGQiPSFMJXgnw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:02 2025 by rpki-client