Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/JbMgaXIX4WPIqemiLE9bnQjZLS4.roa
File: JbMgaXIX4WPIqemiLE9bnQjZLS4.roa (raw, json)
Hash identifier: 8xVpoEqHQtcA5P6NJT6rKdjZQlf7dpr4tKXV29cOakQ=
Subject key identifier: 25:B3:20:69:72:17:E1:63:C8:A9:E9:A2:2C:4F:5B:9D:08:D9:2D:2E
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 055DC767
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/JbMgaXIX4WPIqemiLE9bnQjZLS4.roa
Signing time: Thu 09 Jun 2022 12:05:02 +0000
ROA not before: Thu 09 Jun 2022 12:05:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 91.208.69.0/24 maxlen: 24
91.208.73.0/24 maxlen: 24
91.213.200.0/24 maxlen: 24
194.156.151.0/24 maxlen: 24
194.156.150.0/23 maxlen: 24
45.83.238.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90031975 (0x55dc767)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: Jun 9 12:05:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=25b320697217e163c8a9e9a22c4f5b9d08d92d2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ff:68:5f:16:98:a5:9b:ea:ff:28:7d:b8:aa:
fb:8c:58:9b:aa:5d:72:54:f5:e3:ba:7f:aa:4d:75:
b0:b9:9a:79:35:e9:af:43:6c:52:40:14:f1:0a:31:
7f:18:68:b2:ea:98:95:d7:1e:1e:d2:12:dd:e5:17:
de:a2:3a:e6:9c:80:38:60:60:c7:3d:ac:35:20:b9:
dd:e7:ff:a8:dd:f2:b5:13:8b:b6:26:b3:d5:6f:52:
ec:7f:46:37:49:77:42:cf:82:d6:82:d1:8c:f0:c6:
08:20:f6:9b:5c:0f:1a:41:5f:4f:f4:20:35:8f:43:
1f:5c:64:f9:dd:4a:fa:e9:eb:de:fa:d6:f1:10:52:
0e:94:2f:87:b7:20:9c:77:2a:2e:ef:e9:2c:05:89:
7c:ac:32:b1:56:02:5d:cd:f3:c9:1b:01:ff:c2:99:
cf:96:f8:00:71:10:08:83:6e:8a:40:ed:22:5b:73:
5c:2b:61:df:3e:f3:8f:ba:33:d9:c7:1e:2b:64:45:
ed:dc:46:8a:af:32:45:b2:3e:80:b3:4d:ad:ef:b0:
d4:a9:ec:17:07:a9:3a:38:cc:49:f2:1c:c8:75:b8:
48:96:96:a2:0e:75:31:67:bc:b1:c4:ad:f8:61:aa:
98:63:64:af:1a:45:9a:4b:77:77:b9:ed:a5:5a:c8:
bc:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:B3:20:69:72:17:E1:63:C8:A9:E9:A2:2C:4F:5B:9D:08:D9:2D:2E
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/JbMgaXIX4WPIqemiLE9bnQjZLS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.238.0/24
91.208.69.0/24
91.208.73.0/24
91.213.200.0/24
194.156.150.0/23
Signature Algorithm: sha256WithRSAEncryption
46:62:fa:c1:43:53:08:dd:2c:1a:23:e2:87:ef:81:85:4c:dd:
f0:52:4b:ac:7d:35:29:77:50:c7:b2:b4:e8:69:c9:f8:13:4a:
78:f1:66:d2:68:8a:48:54:a2:f1:57:7f:4e:b0:f6:c7:06:fa:
e2:fd:31:cd:06:7c:67:7b:90:1b:4c:0a:64:a0:c9:11:8e:92:
b4:ad:36:43:c2:91:5e:a1:0a:05:d0:b0:db:2f:15:7a:08:8f:
57:76:ef:7f:4b:47:3c:05:b7:91:f3:9a:96:ea:4e:23:4e:16:
ae:ce:f9:42:dd:d1:e0:89:d7:f9:43:e7:67:32:1f:50:13:1a:
d3:2b:61:0f:a1:da:b8:2f:d4:40:9d:8c:4e:4b:43:77:b2:35:
4f:ff:58:5f:70:2f:91:c7:e7:6c:c2:43:43:2f:29:dc:1b:d3:
80:89:6e:fb:cb:fa:18:25:a9:00:df:fb:fe:6b:e6:b6:b8:63:
ca:8e:7c:5d:ae:84:ff:7d:f3:ae:7d:7e:ee:a9:8e:a7:e4:80:
bb:b5:11:ba:d5:73:55:69:e0:92:3c:16:a6:b0:1b:bd:fa:22:
67:a5:e9:86:99:4d:5f:9a:28:ed:29:07:49:04:83:c0:2c:8e:
5b:05:52:b4:87:c6:7a:54:f6:88:dc:90:21:10:b4:d2:99:26:
52:75:a7:94
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEBV3HZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjQ3MzgzODljYjNiOTk4ZWM0ZmE2ZDQyNzJmOGRkNzk5ZmJjNGE5MB4XDTIyMDYw
OTEyMDUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjViMzIwNjk3MjE3
ZTE2M2M4YTllOWEyMmM0ZjViOWQwOGQ5MmQyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALL/aF8WmKWb6v8ofbiq+4xYm6pdclT147p/qk11sLmaeTXp
r0NsUkAU8QoxfxhosuqYldceHtIS3eUX3qI65pyAOGBgxz2sNSC53ef/qN3ytROL
tiaz1W9S7H9GN0l3Qs+C1oLRjPDGCCD2m1wPGkFfT/QgNY9DH1xk+d1K+unr3vrW
8RBSDpQvh7cgnHcqLu/pLAWJfKwysVYCXc3zyRsB/8KZz5b4AHEQCINuikDtIltz
XCth3z7zj7oz2cceK2RF7dxGiq8yRbI+gLNNre+w1KnsFwepOjjMSfIcyHW4SJaW
og51MWe8scSt+GGqmGNkrxpFmkt3d7ntpVrIvIkCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQlsyBpchfhY8ip6aIsT1udCNktLjAfBgNVHSMEGDAWgBQfRzg4nLO5mOxP
ptQnL43XmfvEqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gwYzRPSnl6dVpqc1Q2YlVKeS1OMTVuN3hLay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvNTE3Njk0LWM4YTEtNDU4Yi05Y2YyLTZjN2U1Njg1ODkwYy8x
L0piTWdhWElYNFdQSXFlbWlMRTliblFqWkxTNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
NTE3Njk0LWM4YTEtNDU4Yi05Y2YyLTZjN2U1Njg1ODkwYy8xL0gwYzRPSnl6dVpq
c1Q2YlVKeS1OMTVuN3hLay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAC1T7gMEAFvQRQMEAFvQSQMEAFvV
yAMEAcKcljANBgkqhkiG9w0BAQsFAAOCAQEARmL6wUNTCN0sGiPih++BhUzd8FJL
rH01KXdQx7K06GnJ+BNKePFm0miKSFSi8Vd/TrD2xwb64v0xzQZ8Z3uQG0wKZKDJ
EY6StK02Q8KRXqEKBdCw2y8VegiPV3bvf0tHPAW3kfOalupOI04Wrs75Qt3R4InX
+UPnZzIfUBMa0ythD6HauC/UQJ2MTktDd7I1T/9YX3AvkcfnbMJDQy8p3BvTgIlu
+8v6GCWpAN/7/mvmtrhjyo58Xa6E/33zrn1+7qmOp+SAu7URutVzVWngkjwWprAb
vfoiZ6XphplNX5oo7SkHSQSDwCyOWwVStIfGelT2iNyQIRC00pkmUnWnlA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:14 2024 by rpki-client on console-ams.rpki-client.org