Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/JuL7x7ymtWdOPcFFUsPV-aj1Iu8.roa
File: JuL7x7ymtWdOPcFFUsPV-aj1Iu8.roa (raw, json)
Hash identifier: 9RlkKfNxj7fjWpr9NeQyLed9oromzSNJt63YGp5WL2M=
Subject key identifier: 26:E2:FB:C7:BC:A6:B5:67:4E:3D:C1:45:52:C3:D5:F9:A8:F5:22:EF
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 01826E0E8C73C73EE1E4E8A8B0B9FEA38891
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/JuL7x7ymtWdOPcFFUsPV-aj1Iu8.roa
Signing time: Fri 05 Aug 2022 12:50:23 +0000
ROA not before: Fri 05 Aug 2022 12:50:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 94.231.218.0/24 maxlen: 24
94.231.217.0/24 maxlen: 24
94.231.216.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:6e:0e:8c:73:c7:3e:e1:e4:e8:a8:b0:b9:fe:a3:88:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Aug 5 12:50:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=26e2fbc7bca6b5674e3dc14552c3d5f9a8f522ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:29:f3:85:ed:d2:4d:0d:4c:c0:56:c6:84:c4:
94:f6:9f:ef:9a:ec:bb:c4:49:3a:a9:a1:b6:29:03:
ff:01:ac:f6:e7:e3:51:c8:5c:5a:2f:01:23:dd:ba:
fc:51:17:22:67:e7:3b:fe:e5:7b:a5:f1:4d:8e:b9:
d6:a9:88:ca:78:04:c5:92:e9:87:42:d8:92:24:e5:
0a:2b:cf:3e:44:9b:db:97:5a:87:51:60:f7:6a:f1:
65:11:45:08:1f:1d:5a:8e:dc:e7:41:1a:fc:48:fa:
4e:dc:81:76:ca:15:a9:9a:b0:61:b8:e1:17:ac:01:
6b:48:76:1c:be:38:e3:08:b5:fa:17:b3:26:51:ac:
9e:d3:e2:75:93:35:8e:39:5c:5f:a5:fa:10:f8:ca:
eb:01:2d:7a:99:2d:1f:d6:0e:1c:80:a2:09:c4:6b:
03:c3:40:e8:e6:14:2c:39:e2:e2:0c:d5:10:0f:a8:
1f:45:5c:f1:df:42:c9:15:9b:0f:a4:c8:dc:54:59:
f2:74:db:5b:44:9c:3b:eb:63:85:d0:af:2f:ef:2b:
4e:ee:6b:f6:e7:83:03:7b:d4:d4:04:c7:83:63:ba:
ef:9d:42:c8:b5:91:ea:c7:43:8d:b8:dc:90:5b:80:
f5:ba:1d:d2:13:e9:fd:db:c9:98:68:de:bd:27:28:
0f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:E2:FB:C7:BC:A6:B5:67:4E:3D:C1:45:52:C3:D5:F9:A8:F5:22:EF
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/JuL7x7ymtWdOPcFFUsPV-aj1Iu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.216.0-94.231.218.255
Signature Algorithm: sha256WithRSAEncryption
16:99:d9:8e:90:27:e7:ee:34:38:17:6b:75:e0:a2:ce:ff:ad:
1e:d7:9e:63:7a:e2:f5:6f:b2:fd:a8:7a:41:4f:82:5e:cc:1c:
e8:38:83:3a:ad:fd:45:56:20:4d:ff:2e:49:37:29:03:01:79:
38:78:7a:46:87:65:47:dd:2b:cb:15:0c:79:ee:99:e1:2d:57:
a5:69:8f:c4:e0:dd:28:b0:bf:79:aa:17:94:8e:3b:a7:a4:8c:
ca:02:98:f3:6b:8e:f0:59:20:f9:eb:d8:fb:4f:29:df:22:3a:
23:2f:10:bf:ba:51:c2:50:0d:fd:43:5c:d2:df:e5:4d:4b:4b:
27:6f:91:f6:31:24:29:ae:b6:76:4b:f2:74:27:9b:b8:69:82:
a1:3c:80:60:ed:c4:bf:04:f4:14:20:50:4c:2a:90:53:3e:e4:
28:3b:76:9f:77:73:40:1f:fd:fe:c2:24:bd:28:25:2c:01:c7:
00:65:ed:91:ba:80:54:8a:51:c5:6c:6c:26:40:f7:a2:75:53:
6b:f4:e1:a5:bd:f0:3b:d5:92:f1:4e:74:4f:90:b0:b8:9e:9e:
c2:7d:da:44:34:e5:48:60:be:0a:5c:d3:d8:82:ba:ef:94:cd:
e3:d2:9d:a3:58:3f:44:0d:5e:e7:37:ad:07:c6:3d:36:b2:bb:
0a:fa:fc:0e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYJuDoxzxz7h5OiosLn+o4iRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjIwODA1MTI1MDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmUyZmJjN2JjYTZiNTY3NGUzZGMxNDU1MmMzZDVmOWE4ZjUyMmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApinzhe3STQ1MwFbGhMSU9p/vmuy7
xEk6qaG2KQP/Aaz25+NRyFxaLwEj3br8URciZ+c7/uV7pfFNjrnWqYjKeATFkumH
QtiSJOUKK88+RJvbl1qHUWD3avFlEUUIHx1ajtznQRr8SPpO3IF2yhWpmrBhuOEX
rAFrSHYcvjjjCLX6F7MmUaye0+J1kzWOOVxfpfoQ+MrrAS16mS0f1g4cgKIJxGsD
w0Do5hQsOeLiDNUQD6gfRVzx30LJFZsPpMjcVFnydNtbRJw762OF0K8v7ytO7mv2
54MDe9TUBMeDY7rvnULItZHqx0ONuNyQW4D1uh3SE+n928mYaN69JygP9wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCbi+8e8prVnTj3BRVLD1fmo9SLvMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvSnVMN3g3eW10V2RPUGNGRlVzUFYtYWoxSXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANe59gD
BABe59owDQYJKoZIhvcNAQELBQADggEBABaZ2Y6QJ+fuNDgXa3Xgos7/rR7XnmN6
4vVvsv2oekFPgl7MHOg4gzqt/UVWIE3/Lkk3KQMBeTh4ekaHZUfdK8sVDHnumeEt
V6Vpj8Tg3Siwv3mqF5SOO6ekjMoCmPNrjvBZIPnr2PtPKd8iOiMvEL+6UcJQDf1D
XNLf5U1LSydvkfYxJCmutnZL8nQnm7hpgqE8gGDtxL8E9BQgUEwqkFM+5Cg7dp93
c0Af/f7CJL0oJSwBxwBl7ZG6gFSKUcVsbCZA96J1U2v04aW98DvVkvFOdE+QsLie
nsJ92kQ05Uhgvgpc09iCuu+UzePSnaNYP0QNXuc3rQfGPTayuwr6/A4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org