Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/105981-5524-4745-a8fc-884c4d4db657/1/JpAIsHrJMFvDN4IfeLxVz6D8XyM.roa
File: JpAIsHrJMFvDN4IfeLxVz6D8XyM.roa (raw, json)
Hash identifier: OIvIkvsHXcr4RjoSA0w6tSII7uprEWzKXk8TPH8CMto=
Subject key identifier: 26:90:08:B0:7A:C9:30:5B:C3:37:82:1F:78:BC:55:CF:A0:FC:5F:23
Certificate issuer: /CN=3cac6a681f6d3289e1c4502a1f15c7bae31f92dc
Certificate serial: 027B089C
Authority key identifier: 3C:AC:6A:68:1F:6D:32:89:E1:C4:50:2A:1F:15:C7:BA:E3:1F:92:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PKxqaB9tMonhxFAqHxXHuuMfktw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/105981-5524-4745-a8fc-884c4d4db657/1/JpAIsHrJMFvDN4IfeLxVz6D8XyM.roa
Signing time: Sat 01 Jan 2022 03:00:16 +0000
ROA not before: Sat 01 Jan 2022 03:00:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42675
IP address blocks: 185.166.180.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41617564 (0x27b089c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cac6a681f6d3289e1c4502a1f15c7bae31f92dc
Validity
Not Before: Jan 1 03:00:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=269008b07ac9305bc337821f78bc55cfa0fc5f23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8b:f5:46:06:ee:55:9d:1f:8d:e5:5f:d6:e3:
78:dc:d5:46:99:cf:26:86:00:05:c4:e1:21:4f:72:
e3:69:91:fe:9c:0a:ed:a7:16:06:fe:a8:68:32:fd:
d5:69:44:5d:a2:2e:98:b7:7a:92:18:c7:bb:39:64:
42:42:e7:21:3f:3c:9f:61:a9:f2:3e:06:6b:db:d2:
cd:60:09:c0:aa:2f:86:f4:23:72:39:3c:89:c4:90:
a2:51:ab:80:26:fc:3b:e1:24:df:a5:af:b9:2c:58:
05:30:f0:cc:eb:0d:41:30:4b:f2:2e:5b:dd:b5:7a:
04:41:83:07:74:94:fd:cd:57:49:e6:63:33:27:8a:
91:1f:d1:8a:28:fc:eb:e9:6e:db:24:b8:fa:0b:0c:
8a:5d:09:36:99:9f:4b:f2:5d:01:23:9c:6d:9e:1d:
d4:b0:e8:ad:1f:1f:b9:53:d9:00:52:d1:cc:b7:3f:
34:33:d7:21:ee:d6:b6:7d:94:e5:29:9a:d4:8d:42:
9b:5b:d8:ac:05:87:ec:8e:4d:91:7b:c6:9a:44:b0:
84:9a:d5:a7:4b:2f:e6:4c:c8:c7:3b:c8:1e:0b:37:
b2:0a:60:de:78:10:03:5d:92:08:61:85:e1:71:17:
77:ae:b3:8e:42:8c:15:49:d0:90:a5:9d:c6:44:09:
8f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:90:08:B0:7A:C9:30:5B:C3:37:82:1F:78:BC:55:CF:A0:FC:5F:23
X509v3 Authority Key Identifier:
keyid:3C:AC:6A:68:1F:6D:32:89:E1:C4:50:2A:1F:15:C7:BA:E3:1F:92:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PKxqaB9tMonhxFAqHxXHuuMfktw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/105981-5524-4745-a8fc-884c4d4db657/1/JpAIsHrJMFvDN4IfeLxVz6D8XyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/105981-5524-4745-a8fc-884c4d4db657/1/PKxqaB9tMonhxFAqHxXHuuMfktw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.180.0/22
Signature Algorithm: sha256WithRSAEncryption
10:ec:45:38:cf:1f:63:90:d7:27:05:9b:49:b7:10:7b:30:e6:
67:fc:86:95:b6:53:5b:b1:df:a0:68:16:66:3f:98:48:29:c7:
26:6e:8f:b7:bc:77:57:8f:2b:e1:fe:4f:1b:61:8e:fd:fc:62:
80:89:d2:23:2d:f9:f8:4a:1e:73:cb:55:8c:99:10:cd:c3:a6:
59:83:25:98:47:8d:7d:9e:94:a3:f2:aa:66:91:22:5e:73:27:
9e:17:7d:86:a0:ae:35:1b:de:30:17:c3:97:8c:3c:92:48:12:
78:21:36:7b:4b:db:0e:d5:1d:3a:d2:84:e0:cb:e5:62:99:4c:
00:8e:45:02:e5:31:52:ef:05:c0:40:5e:f3:2c:12:f8:2f:92:
50:a4:3e:73:8d:a5:f4:02:c9:3c:1c:af:ad:c1:45:f0:27:f9:
04:c6:ea:81:03:ed:9f:85:c9:c9:49:ec:a3:3d:32:7a:6a:e0:
dd:de:a0:b1:4c:15:62:5f:c6:90:bd:c4:9b:47:7a:dc:3e:87:
b6:ca:5c:cd:b7:61:1f:6f:ab:92:9f:82:4b:20:a3:e1:e1:d0:
b4:a1:b2:9f:a4:5c:3d:ae:29:ee:0e:d9:63:c6:19:23:73:6c:
4f:34:3f:8b:ec:7b:cc:0a:d9:7e:0d:fe:ba:6e:10:f8:2a:f1:
52:3a:eb:66
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAnsInDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
Y2FjNmE2ODFmNmQzMjg5ZTFjNDUwMmExZjE1YzdiYWUzMWY5MmRjMB4XDTIyMDEw
MTAzMDAxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjY5MDA4YjA3YWM5
MzA1YmMzMzc4MjFmNzhiYzU1Y2ZhMGZjNWYyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeL9UYG7lWdH43lX9bjeNzVRpnPJoYABcThIU9y42mR/pwK
7acWBv6oaDL91WlEXaIumLd6khjHuzlkQkLnIT88n2Gp8j4Ga9vSzWAJwKovhvQj
cjk8icSQolGrgCb8O+Ek36WvuSxYBTDwzOsNQTBL8i5b3bV6BEGDB3SU/c1XSeZj
MyeKkR/Riij86+lu2yS4+gsMil0JNpmfS/JdASOcbZ4d1LDorR8fuVPZAFLRzLc/
NDPXIe7Wtn2U5Sma1I1Cm1vYrAWH7I5NkXvGmkSwhJrVp0sv5kzIxzvIHgs3sgpg
3ngQA12SCGGF4XEXd66zjkKMFUnQkKWdxkQJj30CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQmkAiweskwW8M3gh94vFXPoPxfIzAfBgNVHSMEGDAWgBQ8rGpoH20yieHE
UCofFce64x+S3DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BLeHFhQjl0TW9uaHhGQXFIeFhIdXVNZmt0dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvMTA1OTgxLTU1MjQtNDc0NS1hOGZjLTg4NGM0ZDRkYjY1Ny8x
L0pwQUlzSHJKTUZ2RE40SWZlTHhWejZEOFh5TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
MTA1OTgxLTU1MjQtNDc0NS1hOGZjLTg4NGM0ZDRkYjY1Ny8xL1BLeHFhQjl0TW9u
aHhGQXFIeFhIdXVNZmt0dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmmtDANBgkqhkiG9w0BAQsFAAOC
AQEAEOxFOM8fY5DXJwWbSbcQezDmZ/yGlbZTW7HfoGgWZj+YSCnHJm6Pt7x3V48r
4f5PG2GO/fxigInSIy35+Eoec8tVjJkQzcOmWYMlmEeNfZ6Uo/KqZpEiXnMnnhd9
hqCuNRveMBfDl4w8kkgSeCE2e0vbDtUdOtKE4MvlYplMAI5FAuUxUu8FwEBe8ywS
+C+SUKQ+c42l9ALJPByvrcFF8Cf5BMbqgQPtn4XJyUnsoz0yemrg3d6gsUwVYl/G
kL3Em0d63D6HtspczbdhH2+rkp+CSyCj4eHQtKGyn6RcPa4p7g7ZY8YZI3NsTzQ/
i+x7zArZfg3+um4Q+CrxUjrrZg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:29 2024 by rpki-client on console-fra.rpki-client.org