Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/jvgRiy-FGRBv8g-0wjFWvSsxVPQ.roa
File: jvgRiy-FGRBv8g-0wjFWvSsxVPQ.roa (raw, json)
Hash identifier: aNkucEbSKPyF1gW6hNpmFtT5qQohlJMBdT2XNCK0KGg=
Subject key identifier: 8E:F8:11:8B:2F:85:19:10:6F:F2:0F:B4:C2:31:56:BD:2B:31:54:F4
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 018335AB1D2A5AFC7BAAA8A38EF8136CA49E
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/jvgRiy-FGRBv8g-0wjFWvSsxVPQ.roa
Signing time: Tue 13 Sep 2022 07:05:50 +0000
ROA not before: Tue 13 Sep 2022 07:05:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 185.65.68.0/24 maxlen: 24
194.15.153.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:35:ab:1d:2a:5a:fc:7b:aa:a8:a3:8e:f8:13:6c:a4:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Sep 13 07:05:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ef8118b2f8519106ff20fb4c23156bd2b3154f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7b:31:7f:de:4b:48:6a:43:7e:1b:9e:f0:2f:
cc:67:1a:77:e2:4e:72:79:9c:24:88:88:b0:32:0f:
1d:b5:03:73:8b:c0:a2:cf:b8:fe:0b:b3:23:63:89:
71:2b:d3:54:00:c7:23:9c:9a:36:b2:89:37:65:90:
26:1e:41:c1:d5:7d:2c:34:bb:07:90:e2:a9:cb:e2:
ea:0d:e2:cb:05:7f:0b:70:38:b1:34:92:35:b5:35:
11:51:af:c6:f0:c5:88:0b:93:49:f7:e3:e8:49:b3:
ea:4c:f5:b3:56:9a:b9:f3:e5:e9:96:0f:47:a9:f0:
61:20:1d:e4:14:42:7f:7c:92:5c:3b:2e:80:78:41:
22:ce:c8:2c:80:a9:f2:06:96:c2:67:f8:14:e0:63:
87:85:7b:43:59:73:2b:ca:bd:ec:75:41:c6:b6:27:
79:ef:bb:11:5d:32:7e:26:ea:64:f6:21:0a:3d:d8:
38:ae:a9:da:25:22:7c:1e:63:1e:16:d6:3c:60:88:
c7:0d:83:9e:75:37:5f:89:b7:37:2b:da:fc:4f:ee:
0d:7d:09:e2:dd:df:cd:2c:88:d1:43:45:1d:5b:fd:
59:c2:39:93:99:03:8d:0f:b4:98:6d:b1:26:a8:75:
c2:04:41:bf:6a:5d:4d:61:bd:ed:c2:e5:ac:3a:87:
6d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:F8:11:8B:2F:85:19:10:6F:F2:0F:B4:C2:31:56:BD:2B:31:54:F4
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/jvgRiy-FGRBv8g-0wjFWvSsxVPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.68.0/24
194.15.153.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:03:a6:97:a3:87:dd:ab:28:6a:ec:13:a9:30:a7:5f:99:61:
d3:ee:7f:9b:4a:d2:37:28:98:ad:ae:48:ba:6d:13:ba:15:4b:
e6:61:d1:1e:58:0f:cc:9a:6c:18:f8:39:2d:43:bf:24:d5:0b:
cf:d3:df:46:15:a6:30:c7:4a:01:50:bc:fd:76:84:76:c4:3e:
2f:ab:51:02:47:bb:79:fa:41:4f:9f:4b:08:94:de:16:5c:4a:
d0:4c:26:0c:f9:f1:2d:9d:7d:db:ea:72:93:22:ea:6c:7b:d0:
8a:0e:c8:08:98:48:db:82:45:59:2b:4c:65:1b:14:6a:fa:f1:
1a:29:6b:aa:e8:3e:37:5c:53:a2:0b:24:4a:d1:3b:27:0c:8d:
92:ab:38:eb:8d:3a:79:ed:98:81:97:34:7d:d6:1b:48:e6:49:
bc:36:5d:16:07:53:8c:09:ae:77:e0:e5:63:91:27:92:cf:c9:
83:8c:25:a6:eb:cc:53:b7:d8:3b:88:3b:64:ba:59:be:b2:61:
de:5d:cb:f8:97:2c:1d:e7:20:7f:4e:5c:2c:ff:99:e7:6c:83:
de:49:39:56:29:fa:83:8c:60:5e:93:23:ef:51:91:f3:f7:7e:
44:66:5d:99:ef:58:87:25:e1:85:1d:89:c8:60:62:b4:00:55:
ee:ac:0a:3e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYM1qx0qWvx7qqijjvgTbKSeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjIwOTEzMDcwNTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWY4MTE4YjJmODUxOTEwNmZmMjBmYjRjMjMxNTZiZDJiMzE1NGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnsxf95LSGpDfhue8C/MZxp34k5y
eZwkiIiwMg8dtQNzi8Ciz7j+C7MjY4lxK9NUAMcjnJo2sok3ZZAmHkHB1X0sNLsH
kOKpy+LqDeLLBX8LcDixNJI1tTURUa/G8MWIC5NJ9+PoSbPqTPWzVpq58+Xplg9H
qfBhIB3kFEJ/fJJcOy6AeEEizsgsgKnyBpbCZ/gU4GOHhXtDWXMryr3sdUHGtid5
77sRXTJ+Jupk9iEKPdg4rqnaJSJ8HmMeFtY8YIjHDYOedTdfibc3K9r8T+4NfQni
3d/NLIjRQ0UdW/1ZwjmTmQOND7SYbbEmqHXCBEG/al1NYb3twuWsOodtTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI74EYsvhRkQb/IPtMIxVr0rMVT0MB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvanZnUml5LUZHUkJ2OGctMHdqRld2U3N4VlBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUFEAwQA
wg+ZMA0GCSqGSIb3DQEBCwUAA4IBAQBMA6aXo4fdqyhq7BOpMKdfmWHT7n+bStI3
KJitrki6bRO6FUvmYdEeWA/MmmwY+DktQ78k1QvP099GFaYwx0oBULz9doR2xD4v
q1ECR7t5+kFPn0sIlN4WXErQTCYM+fEtnX3b6nKTIupse9CKDsgImEjbgkVZK0xl
GxRq+vEaKWuq6D43XFOiCyRK0TsnDI2SqzjrjTp57ZiBlzR91htI5km8Nl0WB1OM
Ca534OVjkSeSz8mDjCWm68xTt9g7iDtkulm+smHeXcv4lywd5yB/Tlws/5nnbIPe
STlWKfqDjGBekyPvUZHz935EZl2Z71iHJeGFHYnIYGK0AFXurAo+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:09 2024 by rpki-client on console-ams.rpki-client.org