Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/j7PH02c9_mVUaKAzHSAgHJ2PNwU.roa
File: j7PH02c9_mVUaKAzHSAgHJ2PNwU.roa (raw, json)
Hash identifier: wdwIQAZTZnVjpZT7k80jBavW+vmFHtvlw76J0lEDakg=
Subject key identifier: 8F:B3:C7:D3:67:3D:FE:65:54:68:A0:33:1D:20:20:1C:9D:8F:37:05
Certificate issuer: /CN=9c2cb7f9ca0efd72be258a4a09358806374b4662
Certificate serial: 01856D01C629B0A03A5867896EEEB5A35122
Authority key identifier: 9C:2C:B7:F9:CA:0E:FD:72:BE:25:8A:4A:09:35:88:06:37:4B:46:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCy3-coO_XK-JYpKCTWIBjdLRmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/j7PH02c9_mVUaKAzHSAgHJ2PNwU.roa
Signing time: Sun 01 Jan 2023 11:05:10 +0000
ROA not before: Sun 01 Jan 2023 11:05:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 82.145.96.0/19 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:c6:29:b0:a0:3a:58:67:89:6e:ee:b5:a3:51:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c2cb7f9ca0efd72be258a4a09358806374b4662
Validity
Not Before: Jan 1 11:05:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8fb3c7d3673dfe655468a0331d20201c9d8f3705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:df:6a:a8:c7:47:14:e9:b7:ac:f6:35:3c:b9:
31:78:89:ca:1b:42:e9:34:2c:1f:c7:00:55:2a:45:
00:f4:dd:66:52:ac:5b:18:f4:95:01:48:6c:87:f8:
d9:b7:1c:40:57:1f:42:7e:22:f6:94:a3:cc:49:01:
93:1c:6d:35:69:ff:1d:ac:9f:92:be:a1:c1:05:72:
18:38:90:a3:60:45:61:c7:40:0e:29:8f:58:e3:d6:
f3:22:b9:f2:e4:09:13:4e:ed:19:06:09:bd:ad:bf:
b4:89:2f:4b:e7:1e:90:1a:b8:d1:d3:d2:a4:0d:ba:
cb:21:06:dc:28:9c:0a:79:c5:6d:61:c8:cd:e5:b1:
bd:85:1f:68:d9:7d:09:3e:cf:47:78:a8:e6:4f:48:
ee:b7:db:00:b4:50:42:af:ce:5a:62:f0:a4:c8:6f:
8e:81:aa:ff:ac:12:bc:46:47:ba:08:45:5a:eb:27:
2c:14:71:5b:62:2c:db:0a:02:53:3d:aa:e0:f9:44:
df:67:07:e5:a8:d9:5c:c2:35:ba:1a:5a:b8:b9:1c:
67:15:b0:0e:05:bf:f4:5e:b6:a6:9a:8f:51:97:dd:
58:69:66:11:d0:11:75:40:21:e1:c4:c9:92:97:ba:
1f:36:5c:fd:5f:22:cf:47:2b:cb:1d:15:38:5b:17:
9c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B3:C7:D3:67:3D:FE:65:54:68:A0:33:1D:20:20:1C:9D:8F:37:05
X509v3 Authority Key Identifier:
keyid:9C:2C:B7:F9:CA:0E:FD:72:BE:25:8A:4A:09:35:88:06:37:4B:46:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCy3-coO_XK-JYpKCTWIBjdLRmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/j7PH02c9_mVUaKAzHSAgHJ2PNwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/86a426-56ee-46dd-9425-7f92c34eb07c/1/nCy3-coO_XK-JYpKCTWIBjdLRmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.145.96.0/19
Signature Algorithm: sha256WithRSAEncryption
4b:d8:27:38:e0:95:64:3b:06:cf:22:29:86:2f:6d:13:c8:bd:
c2:29:a5:83:46:c5:91:d7:b5:17:00:87:7c:aa:4d:ce:60:29:
55:26:26:91:cc:57:8c:96:21:a9:ea:c9:be:00:bd:ce:a0:70:
b1:14:c2:90:f1:cc:7e:87:b4:d6:cf:e7:86:a7:bb:78:0b:7f:
51:a2:48:ba:5b:57:4f:46:90:0e:2a:4b:75:51:ae:6b:af:f4:
4b:d2:50:85:77:95:68:d2:01:7c:13:6f:fe:c3:57:36:fe:05:
b1:2a:f7:78:66:3f:7c:ec:4d:8f:ea:e3:05:2e:2e:61:bf:b3:
80:fb:10:6d:41:2c:d5:32:7f:f4:d6:69:44:a2:85:1f:d6:34:
e0:93:85:77:81:1e:b8:0d:13:67:14:4f:52:cd:0c:a1:d1:29:
81:1e:d7:ca:e4:11:4e:1f:00:78:f0:b3:78:44:78:55:48:d9:
a0:89:58:fe:80:5e:b7:77:c2:7c:d2:32:a7:6e:24:d8:3d:9d:
9b:2e:0e:5f:40:5c:db:55:d4:40:57:c7:9c:29:6c:20:75:e0:
8b:c2:c4:d0:d7:e1:de:d6:6f:b5:a5:8f:41:98:51:3a:f6:6f:
34:32:ff:e0:14:6b:fa:a4:67:5e:39:13:58:bb:04:88:06:0c:
79:4e:24:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAcYpsKA6WGeJbu61o1EiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMmNiN2Y5Y2EwZWZkNzJiZTI1OGE0YTA5MzU4ODA2Mzc0
YjQ2NjIwHhcNMjMwMTAxMTEwNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmIzYzdkMzY3M2RmZTY1NTQ2OGEwMzMxZDIwMjAxYzlkOGYzNzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkt9qqMdHFOm3rPY1PLkxeInKG0Lp
NCwfxwBVKkUA9N1mUqxbGPSVAUhsh/jZtxxAVx9CfiL2lKPMSQGTHG01af8drJ+S
vqHBBXIYOJCjYEVhx0AOKY9Y49bzIrny5AkTTu0ZBgm9rb+0iS9L5x6QGrjR09Kk
DbrLIQbcKJwKecVtYcjN5bG9hR9o2X0JPs9HeKjmT0jut9sAtFBCr85aYvCkyG+O
gar/rBK8Rke6CEVa6ycsFHFbYizbCgJTParg+UTfZwflqNlcwjW6Glq4uRxnFbAO
Bb/0Xrammo9Rl91YaWYR0BF1QCHhxMmSl7ofNlz9XyLPRyvLHRU4WxecfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI+zx9NnPf5lVGigMx0gIBydjzcFMB8GA1UdIwQY
MBaAFJwst/nKDv1yviWKSgk1iAY3S0ZiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkN5My1jb09fWEstSllwS0NUV0lCamRMUm1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84NmE0MjYtNTZlZS00NmRkLTk0MjUt
N2Y5MmMzNGViMDdjLzEvajdQSDAyYzlfbVZVYUtBekhTQWdISjJQTndVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84NmE0MjYtNTZlZS00NmRkLTk0MjUtN2Y5MmMzNGViMDdj
LzEvbkN5My1jb09fWEstSllwS0NUV0lCamRMUm1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFUpFgMA0G
CSqGSIb3DQEBCwUAA4IBAQBL2Cc44JVkOwbPIimGL20TyL3CKaWDRsWR17UXAId8
qk3OYClVJiaRzFeMliGp6sm+AL3OoHCxFMKQ8cx+h7TWz+eGp7t4C39Roki6W1dP
RpAOKkt1Ua5rr/RL0lCFd5Vo0gF8E2/+w1c2/gWxKvd4Zj987E2P6uMFLi5hv7OA
+xBtQSzVMn/01mlEooUf1jTgk4V3gR64DRNnFE9SzQyh0SmBHtfK5BFOHwB48LN4
RHhVSNmgiVj+gF63d8J80jKnbiTYPZ2bLg5fQFzbVdRAV8ecKWwgdeCLwsTQ1+He
1m+1pY9BmFE69m80Mv/gFGv6pGdeORNYuwSIBgx5TiSW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:53 2024 by rpki-client on console-fra.rpki-client.org