Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/f4f897-82a7-4a27-b1f1-784db9b1da2b/1/jTeze9vb9DnZI54fwyQt04eF2GQ.roa
File: jTeze9vb9DnZI54fwyQt04eF2GQ.roa (raw, json)
Hash identifier: ez8Bg89+N5P2fE2h/aYvK+9khkMX5W2cdI9lOlVu0kI=
Subject key identifier: 8D:37:B3:7B:DB:DB:F4:39:D9:23:9E:1F:C3:24:2D:D3:87:85:D8:64
Certificate issuer: /CN=6fedf0b7615290aefacc5f6aa6b41d9d1843f1b6
Certificate serial: 018BD24A76883C98CE59280E15E2E1D329A4
Authority key identifier: 6F:ED:F0:B7:61:52:90:AE:FA:CC:5F:6A:A6:B4:1D:9D:18:43:F1:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b-3wt2FSkK76zF9qprQdnRhD8bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/f4f897-82a7-4a27-b1f1-784db9b1da2b/1/jTeze9vb9DnZI54fwyQt04eF2GQ.roa
Signing time: Wed 15 Nov 2023 09:22:57 +0000
ROA not before: Wed 15 Nov 2023 09:22:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61146
IP address blocks: 62.108.216.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:4a:76:88:3c:98:ce:59:28:0e:15:e2:e1:d3:29:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fedf0b7615290aefacc5f6aa6b41d9d1843f1b6
Validity
Not Before: Nov 15 09:22:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d37b37bdbdbf439d9239e1fc3242dd38785d864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ca:99:5f:91:ce:72:23:a9:f8:1f:ee:ea:cc:
e2:5f:14:49:94:b2:c5:6d:bf:43:4e:03:66:91:96:
09:96:c2:2c:ac:44:e0:5d:0d:0b:ee:90:dc:02:fe:
6d:8b:55:f6:f5:4c:cb:74:2b:2f:68:a0:27:ad:78:
bb:58:18:47:b4:12:1c:c6:d1:17:c8:c8:68:2e:dd:
06:90:85:20:e1:5d:15:33:11:41:71:a2:24:82:e6:
94:a0:62:c4:e7:86:12:51:fb:08:44:f8:06:a9:15:
33:4c:86:3d:8a:43:14:2b:4c:40:ac:b5:6c:3f:54:
09:50:ae:e4:80:94:cc:d8:ce:86:80:7c:b2:12:30:
8a:21:f5:7b:c6:b9:24:80:b4:df:21:5c:0e:7a:e3:
48:22:3f:f8:ec:8d:ab:ee:1d:c2:94:1d:73:1c:a1:
ba:db:a4:c6:fa:bc:5d:ba:65:be:e6:94:8d:50:c3:
36:32:0d:74:c0:98:59:06:51:d6:d3:1e:22:11:d7:
9c:66:93:ae:ed:3a:14:51:80:35:5c:9b:02:f8:f3:
74:9a:51:f0:0d:6a:ec:15:c7:f3:79:d6:5d:b2:60:
ac:6e:31:b2:43:a8:c8:ec:c9:14:97:be:92:a8:66:
a1:3b:95:37:d5:0b:fe:26:06:52:98:37:1f:10:79:
db:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:37:B3:7B:DB:DB:F4:39:D9:23:9E:1F:C3:24:2D:D3:87:85:D8:64
X509v3 Authority Key Identifier:
keyid:6F:ED:F0:B7:61:52:90:AE:FA:CC:5F:6A:A6:B4:1D:9D:18:43:F1:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b-3wt2FSkK76zF9qprQdnRhD8bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/f4f897-82a7-4a27-b1f1-784db9b1da2b/1/jTeze9vb9DnZI54fwyQt04eF2GQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/f4f897-82a7-4a27-b1f1-784db9b1da2b/1/b-3wt2FSkK76zF9qprQdnRhD8bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.216.0/21
Signature Algorithm: sha256WithRSAEncryption
b1:5e:cd:ca:de:ee:a5:17:de:22:a4:8a:15:97:31:57:06:9c:
6e:2c:01:43:98:72:0c:f1:3c:05:63:cf:2b:45:ba:af:ec:3e:
98:1d:d5:05:00:0c:66:cf:e5:2a:45:8d:aa:1c:f2:f9:2b:8b:
5c:9a:d9:a9:21:2b:40:93:b3:ae:f6:09:d4:eb:a0:44:d0:34:
8e:af:a3:1f:09:c1:af:e1:23:35:28:3b:ea:d4:43:18:2b:6d:
8a:21:f7:66:78:c2:14:ff:94:5b:7f:1b:e5:26:0b:55:f2:0c:
42:ad:fe:0d:ea:38:b0:db:86:77:63:ec:32:fd:21:82:a0:2b:
e5:13:09:6a:00:d5:ab:ef:8b:4c:d1:37:80:ff:28:31:c7:5c:
17:38:55:da:f4:e5:ca:91:6e:f7:1b:75:30:84:2a:ca:15:59:
2d:54:03:e2:4d:ba:e3:7f:82:bc:bb:ea:ca:5c:6a:84:aa:b7:
12:40:14:f2:f5:13:ae:7b:94:49:7e:fa:93:93:6a:f2:17:67:
a2:32:c0:20:39:9d:4c:71:bf:c9:b8:81:ba:18:d5:c5:70:fb:
34:ee:be:1c:42:ae:3d:ea:74:25:dd:0a:0d:54:1a:a9:c3:67:
56:55:49:82:9a:cf:02:fa:e9:6e:d8:44:02:95:05:6e:ec:70:
63:1b:75:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvSSnaIPJjOWSgOFeLh0ymkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZWRmMGI3NjE1MjkwYWVmYWNjNWY2YWE2YjQxZDlkMTg0
M2YxYjYwHhcNMjMxMTE1MDkyMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDM3YjM3YmRiZGJmNDM5ZDkyMzllMWZjMzI0MmRkMzg3ODVkODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscqZX5HOciOp+B/u6sziXxRJlLLF
bb9DTgNmkZYJlsIsrETgXQ0L7pDcAv5ti1X29UzLdCsvaKAnrXi7WBhHtBIcxtEX
yMhoLt0GkIUg4V0VMxFBcaIkguaUoGLE54YSUfsIRPgGqRUzTIY9ikMUK0xArLVs
P1QJUK7kgJTM2M6GgHyyEjCKIfV7xrkkgLTfIVwOeuNIIj/47I2r7h3ClB1zHKG6
26TG+rxdumW+5pSNUMM2Mg10wJhZBlHW0x4iEdecZpOu7ToUUYA1XJsC+PN0mlHw
DWrsFcfzedZdsmCsbjGyQ6jI7MkUl76SqGahO5U31Qv+JgZSmDcfEHnbnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI03s3vb2/Q52SOeH8MkLdOHhdhkMB8GA1UdIwQY
MBaAFG/t8LdhUpCu+sxfaqa0HZ0YQ/G2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYi0zd3QyRlNrSzc2ekY5cXByUWRuUmhEOGJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9mNGY4OTctODJhNy00YTI3LWIxZjEt
Nzg0ZGI5YjFkYTJiLzEvalRlemU5dmI5RG5aSTU0Znd5UXQwNGVGMkdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9mNGY4OTctODJhNy00YTI3LWIxZjEtNzg0ZGI5YjFkYTJi
LzEvYi0zd3QyRlNrSzc2ekY5cXByUWRuUmhEOGJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPmzYMA0G
CSqGSIb3DQEBCwUAA4IBAQCxXs3K3u6lF94ipIoVlzFXBpxuLAFDmHIM8TwFY88r
Rbqv7D6YHdUFAAxmz+UqRY2qHPL5K4tcmtmpIStAk7Ou9gnU66BE0DSOr6MfCcGv
4SM1KDvq1EMYK22KIfdmeMIU/5RbfxvlJgtV8gxCrf4N6jiw24Z3Y+wy/SGCoCvl
EwlqANWr74tM0TeA/ygxx1wXOFXa9OXKkW73G3UwhCrKFVktVAPiTbrjf4K8u+rK
XGqEqrcSQBTy9ROue5RJfvqTk2ryF2eiMsAgOZ1Mcb/JuIG6GNXFcPs07r4cQq49
6nQl3QoNVBqpw2dWVUmCms8C+ulu2EQClQVu7HBjG3Wf
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:55:39 2025 by rpki-client