Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/cdf2d7-b11e-47b2-9fc9-79091c78ab48/1/JwjuADZs8rkNMnDJGjRpuuhQ8jk.roa
File: JwjuADZs8rkNMnDJGjRpuuhQ8jk.roa (raw, json)
Hash identifier: gKnIzsvG2SON0B06m6jmDgvcBC8R6mrUh2iSqUEnriA=
Subject key identifier: 27:08:EE:00:36:6C:F2:B9:0D:32:70:C9:1A:34:69:BA:E8:50:F2:39
Certificate issuer: /CN=7e2c0ccf1ffbfcdb8b61d738201301b8791184e8
Certificate serial: 018CC2DB51D1535B7272DE5131133691AF5B
Authority key identifier: 7E:2C:0C:CF:1F:FB:FC:DB:8B:61:D7:38:20:13:01:B8:79:11:84:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiwMzx_7_NuLYdc4IBMBuHkRhOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/cdf2d7-b11e-47b2-9fc9-79091c78ab48/1/JwjuADZs8rkNMnDJGjRpuuhQ8jk.roa
Signing time: Mon 01 Jan 2024 02:30:02 +0000
ROA not before: Mon 01 Jan 2024 02:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41381
IP address blocks: 89.105.64.0/21 maxlen: 24
89.105.72.0/21 maxlen: 24
2a01:7000::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:51:d1:53:5b:72:72:de:51:31:13:36:91:af:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e2c0ccf1ffbfcdb8b61d738201301b8791184e8
Validity
Not Before: Jan 1 02:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2708ee00366cf2b90d3270c91a3469bae850f239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d5:66:e2:d5:c1:14:bc:c8:d7:b4:ba:90:1c:
7f:8c:d2:1b:0d:91:91:39:e9:53:7b:51:cc:c5:a9:
4b:a4:76:1d:d4:f5:31:47:be:76:0a:93:3b:ea:fa:
6c:e7:22:20:f5:40:67:52:b1:d6:cc:75:d0:a1:ab:
3b:ac:45:32:15:c7:4a:e2:56:ca:0d:d1:90:66:ef:
18:9d:e7:92:75:35:21:70:5a:52:1d:26:3c:06:30:
e3:6b:1e:e7:ef:cd:87:34:ff:fd:cc:1d:99:8d:d1:
0e:84:b7:89:9d:18:f8:7e:7f:5e:53:d7:bc:a0:86:
0b:68:86:4b:e2:08:56:34:3e:d9:1c:e6:73:31:35:
5a:b7:22:97:85:49:14:82:77:08:bc:fb:83:ec:ea:
ae:e3:2b:08:3a:b5:16:d4:b2:9e:69:6c:c2:55:a7:
92:6c:ef:89:61:e8:33:c4:bb:9a:2e:16:ec:1d:74:
26:ef:30:f9:83:fa:70:68:e3:19:66:5e:41:76:3a:
83:3f:26:70:8f:0a:f8:b4:84:62:b4:a8:c8:43:8a:
cb:4e:f0:cc:6d:03:31:7a:d4:d4:f1:4d:05:85:99:
84:fb:c4:45:99:0b:5b:d7:aa:bd:d7:80:75:b0:b4:
32:70:cb:72:8d:a3:94:85:89:82:d8:0a:33:a6:29:
97:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:08:EE:00:36:6C:F2:B9:0D:32:70:C9:1A:34:69:BA:E8:50:F2:39
X509v3 Authority Key Identifier:
keyid:7E:2C:0C:CF:1F:FB:FC:DB:8B:61:D7:38:20:13:01:B8:79:11:84:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiwMzx_7_NuLYdc4IBMBuHkRhOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/cdf2d7-b11e-47b2-9fc9-79091c78ab48/1/JwjuADZs8rkNMnDJGjRpuuhQ8jk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/cdf2d7-b11e-47b2-9fc9-79091c78ab48/1/fiwMzx_7_NuLYdc4IBMBuHkRhOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.105.64.0/20
IPv6:
2a01:7000::/32
Signature Algorithm: sha256WithRSAEncryption
15:cf:c4:06:97:12:24:6c:0f:19:71:8f:67:3e:cd:d8:0c:77:
af:73:d8:2b:c3:4f:9b:2d:00:9c:bd:96:5b:fe:e8:ba:58:02:
b1:62:6a:1a:91:05:db:45:49:6f:80:9e:e9:31:57:65:f0:e1:
97:1d:b1:c1:09:d2:65:61:f3:c8:b0:89:3d:52:23:99:b7:ed:
5a:f2:4c:00:40:85:77:1c:66:24:21:46:ca:d8:c1:17:a6:9c:
9b:02:56:68:43:4a:11:63:84:4d:72:6d:3c:a5:c2:df:fc:a2:
7d:c7:00:9a:a2:65:bb:14:61:ad:15:0d:04:9a:82:0b:a3:5a:
de:90:cc:67:94:17:92:b1:a0:1f:17:fd:19:93:99:93:37:3c:
db:de:8f:ae:ef:b6:2a:66:2d:5b:6e:d5:2a:7d:a7:b4:cf:4b:
3c:a3:11:fa:2c:e7:d5:45:08:90:8a:96:ed:6e:bd:a5:d7:bc:
0c:d5:5e:80:e3:9e:a1:03:a9:90:28:7f:57:c6:f1:d8:12:1d:
64:c2:a9:71:e3:09:e8:34:ce:65:ab:70:78:2f:5b:79:b7:31:
22:c7:22:0a:c0:03:52:5d:2b:b2:32:12:ee:e0:b7:30:b6:57:
0e:f3:5f:e8:5d:b2:b7:7d:42:fa:0f:99:ce:de:8b:a3:27:5f:
79:72:8a:0c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC21HRU1tyct5RMRM2ka9bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMmMwY2NmMWZmYmZjZGI4YjYxZDczODIwMTMwMWI4Nzkx
MTg0ZTgwHhcNMjQwMTAxMDIzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzA4ZWUwMDM2NmNmMmI5MGQzMjcwYzkxYTM0NjliYWU4NTBmMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtVm4tXBFLzI17S6kBx/jNIbDZGR
OelTe1HMxalLpHYd1PUxR752CpM76vps5yIg9UBnUrHWzHXQoas7rEUyFcdK4lbK
DdGQZu8YneeSdTUhcFpSHSY8BjDjax7n782HNP/9zB2ZjdEOhLeJnRj4fn9eU9e8
oIYLaIZL4ghWND7ZHOZzMTVatyKXhUkUgncIvPuD7Oqu4ysIOrUW1LKeaWzCVaeS
bO+JYegzxLuaLhbsHXQm7zD5g/pwaOMZZl5BdjqDPyZwjwr4tIRitKjIQ4rLTvDM
bQMxetTU8U0FhZmE+8RFmQtb16q914B1sLQycMtyjaOUhYmC2AozpimXrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCcI7gA2bPK5DTJwyRo0abroUPI5MB8GA1UdIwQY
MBaAFH4sDM8f+/zbi2HXOCATAbh5EYToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZml3TXp4XzdfTnVMWWRjNElCTUJ1SGtSaE9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9jZGYyZDctYjExZS00N2IyLTlmYzkt
NzkwOTFjNzhhYjQ4LzEvSndqdUFEWnM4cmtOTW5ESkdqUnB1dWhROGprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9jZGYyZDctYjExZS00N2IyLTlmYzktNzkwOTFjNzhhYjQ4
LzEvZml3TXp4XzdfTnVMWWRjNElCTUJ1SGtSaE9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEWWlAMA0E
AgACMAcDBQAqAXAAMA0GCSqGSIb3DQEBCwUAA4IBAQAVz8QGlxIkbA8ZcY9nPs3Y
DHevc9grw0+bLQCcvZZb/ui6WAKxYmoakQXbRUlvgJ7pMVdl8OGXHbHBCdJlYfPI
sIk9UiOZt+1a8kwAQIV3HGYkIUbK2MEXppybAlZoQ0oRY4RNcm08pcLf/KJ9xwCa
omW7FGGtFQ0EmoILo1rekMxnlBeSsaAfF/0Zk5mTNzzb3o+u77YqZi1bbtUqfae0
z0s8oxH6LOfVRQiQipbtbr2l17wM1V6A456hA6mQKH9XxvHYEh1kwqlx4wnoNM5l
q3B4L1t5tzEixyIKwANSXSuyMhLu4LcwtlcO81/oXbK3fUL6D5nO3oujJ195cooM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:20 2024 by rpki-client on console-ams.rpki-client.org