Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/J3aRzSgKBN6TWDDvOEnDJ-QoFys.roa
File: J3aRzSgKBN6TWDDvOEnDJ-QoFys.roa (raw, json)
Hash identifier: +tfQpFcJU09tIkPnqwL5V5Tzq9NU5b9jz9wvcf7XiAE=
Subject key identifier: 27:76:91:CD:28:0A:04:DE:93:58:30:EF:38:49:C3:27:E4:28:17:2B
Certificate issuer: /CN=4d88eb730ab1a501ea36ea3482d764544e141111
Certificate serial: 09BDEC96
Authority key identifier: 4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/J3aRzSgKBN6TWDDvOEnDJ-QoFys.roa
Signing time: Sat 01 Jan 2022 14:57:51 +0000
ROA not before: Sat 01 Jan 2022 14:57:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 185.225.236.0/22 maxlen: 24
146.66.125.0/24 maxlen: 24
77.104.128.0/18 maxlen: 24
146.66.64.0/18 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163441814 (0x9bdec96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d88eb730ab1a501ea36ea3482d764544e141111
Validity
Not Before: Jan 1 14:57:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=277691cd280a04de935830ef3849c327e428172b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:58:1e:d2:bb:3a:39:d2:53:92:dc:13:1d:66:
68:94:63:23:6a:27:5d:73:ed:1b:36:97:da:31:f0:
69:f3:d0:df:0d:16:8b:62:2a:a7:d5:15:33:b2:11:
90:a4:34:f1:d6:96:15:3c:eb:dc:fc:92:1a:6c:9f:
89:46:4b:3c:66:49:54:e1:c0:d8:7b:7c:81:d5:5c:
e5:87:14:5b:85:58:cd:33:14:09:0b:44:81:d2:f9:
91:59:0a:f9:40:44:6c:0f:75:52:88:c7:b3:a7:91:
e8:b6:4f:88:b3:bb:b4:79:ed:7b:e3:2e:ce:ef:47:
1d:04:aa:d9:50:c6:31:4c:c5:1f:01:a9:d0:b9:30:
95:e3:10:b8:84:ab:95:82:82:16:5e:9a:6b:ed:e4:
8a:f9:6e:a8:94:bc:19:3c:b7:e8:e9:8c:5e:86:b1:
f6:cd:e5:80:49:f8:23:1f:68:0f:9c:78:e6:63:f2:
80:f3:e3:4c:f7:d2:c4:d2:5e:bc:58:2f:61:72:0e:
a6:2c:7f:e0:18:96:00:41:53:57:5e:34:25:7f:ac:
5c:12:11:b1:02:b9:a8:fd:d9:62:50:0d:b2:73:e3:
9b:56:fe:cc:6f:66:8f:e5:2b:f2:0f:b3:a9:e8:0d:
05:6f:f2:ee:35:d6:67:3d:88:46:f4:38:74:97:ea:
a9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:76:91:CD:28:0A:04:DE:93:58:30:EF:38:49:C3:27:E4:28:17:2B
X509v3 Authority Key Identifier:
keyid:4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/J3aRzSgKBN6TWDDvOEnDJ-QoFys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/TYjrcwqxpQHqNuo0gtdkVE4UERE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.104.128.0/18
146.66.64.0/18
185.225.236.0/22
Signature Algorithm: sha256WithRSAEncryption
73:a5:73:a2:be:fd:69:1f:ce:57:7c:1f:b3:b5:3f:a2:09:9d:
da:a8:6b:92:b3:de:6a:8a:e2:29:fc:41:54:62:c4:d8:7f:ea:
98:db:8e:f7:f0:fe:40:63:b8:53:9c:df:40:3d:88:71:6c:ef:
ea:51:b4:3f:79:ed:4e:94:63:18:d6:da:1f:3b:3f:c9:26:5b:
1d:e1:cc:96:5a:6d:20:ee:97:be:75:0f:2a:96:84:e5:7e:ec:
f6:f5:13:e5:1e:3d:46:75:48:eb:94:f0:b4:46:d9:db:c6:90:
e7:fd:01:d5:e3:20:5d:6e:de:6a:ad:88:68:ea:61:fd:5f:41:
fd:e6:7e:da:43:61:7f:80:ff:e4:19:7b:df:5b:c5:12:28:c9:
f0:13:2a:07:9e:66:d5:fa:d3:1a:db:a1:c6:0c:73:06:dd:de:
bc:43:e5:a5:00:f2:89:89:1b:08:36:8c:81:de:5f:ff:23:f9:
0a:79:a8:64:cd:bd:73:33:64:3a:f6:a0:19:31:ec:df:6b:cf:
89:3a:66:1f:a5:05:5d:64:0e:91:84:ff:17:1e:df:91:47:8f:
5c:2d:77:c4:4f:e2:c9:41:ac:93:60:1e:2e:56:79:d3:65:84:
68:39:2a:d6:7f:8c:48:c9:fc:eb:ca:d4:61:68:bf:84:30:d5:
d1:1e:e9:a7
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECb3sljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZDg4ZWI3MzBhYjFhNTAxZWEzNmVhMzQ4MmQ3NjQ1NDRlMTQxMTExMB4XDTIyMDEw
MTE0NTc1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjc3NjkxY2QyODBh
MDRkZTkzNTgzMGVmMzg0OWMzMjdlNDI4MTcyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1YHtK7OjnSU5LcEx1maJRjI2onXXPtGzaX2jHwafPQ3w0W
i2Iqp9UVM7IRkKQ08daWFTzr3PySGmyfiUZLPGZJVOHA2Ht8gdVc5YcUW4VYzTMU
CQtEgdL5kVkK+UBEbA91UojHs6eR6LZPiLO7tHnte+Muzu9HHQSq2VDGMUzFHwGp
0LkwleMQuISrlYKCFl6aa+3kivluqJS8GTy36OmMXoax9s3lgEn4Ix9oD5x45mPy
gPPjTPfSxNJevFgvYXIOpix/4BiWAEFTV140JX+sXBIRsQK5qP3ZYlANsnPjm1b+
zG9mj+Ur8g+zqegNBW/y7jXWZz2IRvQ4dJfqqeUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQndpHNKAoE3pNYMO84ScMn5CgXKzAfBgNVHSMEGDAWgBRNiOtzCrGlAeo2
6jSC12RUThQRETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RZanJjd3F4cFFIcU51bzBndGRrVkU0VUVSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvYzQ5M2VlLWY2NmUtNDIwOC1hMzFkLTcyNmY4M2QyMzg5Mi8x
L0ozYVJ6U2dLQk42VFdERHZPRW5ESi1Rb0Z5cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
YzQ5M2VlLWY2NmUtNDIwOC1hMzFkLTcyNmY4M2QyMzg5Mi8xL1RZanJjd3F4cFFI
cU51bzBndGRrVkU0VUVSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBk1ogAMEBpJCQAMEArnh7DANBgkq
hkiG9w0BAQsFAAOCAQEAc6Vzor79aR/OV3wfs7U/ogmd2qhrkrPeaoriKfxBVGLE
2H/qmNuO9/D+QGO4U5zfQD2IcWzv6lG0P3ntTpRjGNbaHzs/ySZbHeHMllptIO6X
vnUPKpaE5X7s9vUT5R49RnVI65TwtEbZ28aQ5/0B1eMgXW7eaq2IaOph/V9B/eZ+
2kNhf4D/5Bl731vFEijJ8BMqB55m1frTGtuhxgxzBt3evEPlpQDyiYkbCDaMgd5f
/yP5CnmoZM29czNkOvagGTHs32vPiTpmH6UFXWQOkYT/Fx7fkUePXC13xE/iyUGs
k2AeLlZ502WEaDkq1n+MSMn868rUYWi/hDDV0R7ppw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:14 2024 by rpki-client on console-ams.rpki-client.org