Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/JxPClgz72Wwn9l3_UMs8Z7k7_Z4.roa
File: JxPClgz72Wwn9l3_UMs8Z7k7_Z4.roa (raw, json)
Hash identifier: BaQI+veSmkBp5/1dMLJsnX1tv0dp/B4nQoO/0qaZW2k=
Subject key identifier: 27:13:C2:96:0C:FB:D9:6C:27:F6:5D:FF:50:CB:3C:67:B9:3B:FD:9E
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 143FFB35
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/JxPClgz72Wwn9l3_UMs8Z7k7_Z4.roa
Signing time: Mon 21 Mar 2022 02:24:08 +0000
ROA not before: Mon 21 Mar 2022 02:24:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 185.220.236.0/22 maxlen: 24
185.129.116.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 339737397 (0x143ffb35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Mar 21 02:24:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2713c2960cfbd96c27f65dff50cb3c67b93bfd9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:73:48:d5:78:0c:89:f9:a1:67:78:0c:21:c5:
58:16:f7:fe:cc:28:23:b5:84:b9:2c:c7:ee:16:a0:
e6:5a:16:cd:fe:08:36:e7:35:b9:73:6d:46:04:ba:
85:5f:a8:cd:87:4a:69:7f:24:55:b9:03:d2:07:df:
25:62:fd:53:3e:cb:78:4f:a0:fe:dc:d5:5e:6d:f5:
19:e9:70:8d:48:47:5a:95:a5:8f:20:33:f7:e1:79:
0f:35:56:37:9b:f6:4c:e9:5f:1d:8c:bc:20:9e:96:
ec:99:aa:97:43:d6:33:a7:d4:38:7b:e4:8e:a9:ab:
77:f5:99:de:62:b4:bf:68:cd:58:7f:6a:01:a5:da:
60:2e:9d:bb:d7:14:c3:03:35:fa:5b:b5:dc:ad:e9:
7b:30:88:25:b9:1f:e3:3d:7e:24:a3:9d:ad:0d:53:
04:6c:25:94:05:f9:00:5b:c7:aa:e1:61:a6:c2:7e:
f5:fd:81:7b:8f:94:a0:55:34:25:b9:c2:d8:00:2c:
a8:6d:f7:cb:de:16:6b:fa:52:e4:25:bb:6b:0e:bc:
79:62:bd:30:04:c0:de:16:56:4d:2d:99:37:c4:16:
aa:b8:b4:ad:c5:fd:05:43:d3:f7:8c:b6:80:cb:05:
e8:cc:00:1f:cf:44:5a:e7:9c:d3:40:b7:a0:00:a7:
49:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:13:C2:96:0C:FB:D9:6C:27:F6:5D:FF:50:CB:3C:67:B9:3B:FD:9E
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/JxPClgz72Wwn9l3_UMs8Z7k7_Z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.116.0/22
185.220.236.0/22
Signature Algorithm: sha256WithRSAEncryption
88:72:4d:34:56:06:3d:ca:5b:da:96:8c:68:76:16:99:71:bb:
9e:85:8b:91:55:d8:00:1c:21:9d:8a:1b:07:6e:68:e8:46:53:
65:90:8f:d6:27:7d:e7:8c:a2:ff:0f:8f:4f:d5:98:37:eb:26:
8b:17:37:6d:e6:ff:53:f9:2a:64:d7:4b:93:0d:3f:f1:22:64:
3e:cf:6f:54:67:14:7f:51:5e:91:61:e4:3d:cb:4e:f5:a0:6f:
8b:44:e7:8f:11:bf:90:b9:1e:49:28:5c:f2:43:bb:71:19:8e:
b5:02:ce:0c:9c:96:85:f3:9b:1b:49:55:68:a5:dd:93:f9:45:
60:87:e2:89:fa:8b:f6:47:51:26:b2:dd:b8:db:54:41:18:49:
37:16:91:d2:fd:df:52:a9:6d:03:f3:95:be:ad:39:64:c2:81:
cf:71:45:63:74:f5:ca:d8:b2:00:f4:13:d9:54:63:5b:15:00:
03:c5:10:57:a3:a3:bf:48:74:46:33:75:ee:3c:3d:c3:02:72:
57:f8:4d:06:fa:fd:d4:42:45:67:88:ac:02:6a:c0:29:d7:24:
df:51:dd:2c:19:e6:bb:6e:31:23:8f:81:7b:8d:b5:41:0e:05:
a2:7f:e4:33:76:a4:a5:fd:19:20:4a:fd:2f:96:e1:01:a6:37:
f8:1d:1c:41
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEFD/7NTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDMy
MTAyMjQwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjcxM2MyOTYwY2Zi
ZDk2YzI3ZjY1ZGZmNTBjYjNjNjdiOTNiZmQ5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdzSNV4DIn5oWd4DCHFWBb3/swoI7WEuSzH7hag5loWzf4I
Nuc1uXNtRgS6hV+ozYdKaX8kVbkD0gffJWL9Uz7LeE+g/tzVXm31GelwjUhHWpWl
jyAz9+F5DzVWN5v2TOlfHYy8IJ6W7Jmql0PWM6fUOHvkjqmrd/WZ3mK0v2jNWH9q
AaXaYC6du9cUwwM1+lu13K3pezCIJbkf4z1+JKOdrQ1TBGwllAX5AFvHquFhpsJ+
9f2Be4+UoFU0JbnC2AAsqG33y94Wa/pS5CW7aw68eWK9MATA3hZWTS2ZN8QWqri0
rcX9BUPT94y2gMsF6MwAH89EWuec00C3oACnSdUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQnE8KWDPvZbCf2Xf9QyzxnuTv9njAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L0p4UENsZ3o3Mld3bjlsM19VTXM4WjdrN19aNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArmBdAMEArnc7DANBgkqhkiG9w0B
AQsFAAOCAQEAiHJNNFYGPcpb2paMaHYWmXG7noWLkVXYABwhnYobB25o6EZTZZCP
1id954yi/w+PT9WYN+smixc3beb/U/kqZNdLkw0/8SJkPs9vVGcUf1FekWHkPctO
9aBvi0TnjxG/kLkeSShc8kO7cRmOtQLODJyWhfObG0lVaKXdk/lFYIfiifqL9kdR
JrLduNtUQRhJNxaR0v3fUqltA/OVvq05ZMKBz3FFY3T1ytiyAPQT2VRjWxUAA8UQ
V6Ojv0h0RjN17jw9wwJyV/hNBvr91EJFZ4isAmrAKdck31HdLBnmu24xI4+Be421
QQ4Fon/kM3akpf0ZIEr9L5bhAaY3+B0cQQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:42 2023 by rpki-client on console-fra.rpki-client.org