Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/jepdqhMEGolUS8UBb_gqW16BoMQ.roa
File: jepdqhMEGolUS8UBb_gqW16BoMQ.roa (raw, json)
Hash identifier: aGZP74gZ1ZM0yB1yS9Af6VImzSdhQFtcO0tRWOqnEYk=
Subject key identifier: 8D:EA:5D:AA:13:04:1A:89:54:4B:C5:01:6F:F8:2A:5B:5E:81:A0:C4
Certificate issuer: /CN=cdc84082be96e609d9de9808fbc37866feb4c54b
Certificate serial: 018877C187F6CBE619ABEF2278316951C1D0
Authority key identifier: CD:C8:40:82:BE:96:E6:09:D9:DE:98:08:FB:C3:78:66:FE:B4:C5:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zchAgr6W5gnZ3pgI-8N4Zv60xUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/jepdqhMEGolUS8UBb_gqW16BoMQ.roa
Signing time: Thu 01 Jun 2023 16:19:11 +0000
ROA not before: Thu 01 Jun 2023 16:19:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 37.235.122.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:77:c1:87:f6:cb:e6:19:ab:ef:22:78:31:69:51:c1:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdc84082be96e609d9de9808fbc37866feb4c54b
Validity
Not Before: Jun 1 16:19:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8dea5daa13041a89544bc5016ff82a5b5e81a0c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d4:ce:b0:a8:24:a8:d7:ce:86:c4:88:36:5b:
57:73:d6:67:e5:e8:68:5a:ef:5c:e3:22:eb:d6:b4:
37:50:53:a5:f3:94:4a:b0:c5:8f:a2:3b:c0:11:90:
2c:ee:b1:f7:2e:e6:b5:9d:56:1a:e8:76:ca:db:5f:
ab:f7:9f:27:9d:18:75:86:fa:cb:56:b4:f5:43:e0:
b0:77:ab:44:3e:b4:e8:29:a2:17:c6:1f:69:45:87:
68:e8:d8:89:10:7b:59:01:df:d6:7b:d9:4a:92:9d:
19:32:81:00:3e:76:04:27:a9:52:54:38:7a:1b:3f:
5a:48:82:1c:7d:e8:29:8b:c2:21:3f:f2:15:0e:db:
0e:4b:5f:12:ef:78:29:ad:a6:57:e1:63:04:d1:c9:
8d:81:9f:cf:64:d2:22:a4:c2:4d:23:4f:64:11:8e:
fb:97:e3:42:28:9b:cc:71:45:76:b7:d9:4a:fc:34:
49:12:06:55:28:0a:41:9f:a9:81:27:00:bd:24:d6:
72:e5:a8:ff:eb:da:ba:39:5e:92:39:50:a4:4d:e9:
67:8f:21:70:ae:5f:e7:42:1d:8d:bc:80:71:19:19:
c6:fc:6e:f5:04:ba:c2:ff:04:14:75:e9:f9:9c:d8:
0f:7a:dd:e4:84:bb:6d:a4:63:20:d3:0e:d8:18:6e:
96:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:EA:5D:AA:13:04:1A:89:54:4B:C5:01:6F:F8:2A:5B:5E:81:A0:C4
X509v3 Authority Key Identifier:
keyid:CD:C8:40:82:BE:96:E6:09:D9:DE:98:08:FB:C3:78:66:FE:B4:C5:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zchAgr6W5gnZ3pgI-8N4Zv60xUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/jepdqhMEGolUS8UBb_gqW16BoMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b7bf94-377b-4400-8b9c-cbf164e8be01/1/zchAgr6W5gnZ3pgI-8N4Zv60xUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.122.0/24
Signature Algorithm: sha256WithRSAEncryption
66:fa:12:6b:27:92:23:78:c9:3b:8e:55:fd:33:3d:ef:b2:db:
a1:aa:a1:86:f8:41:f6:76:19:89:44:b3:d3:f8:d0:c1:c6:23:
7f:35:69:5a:37:1e:a2:05:59:0c:af:3c:16:18:9d:cf:04:29:
8d:7d:f0:0d:f2:e0:fb:42:d8:cf:d3:84:91:1a:f6:67:30:7d:
d9:95:1d:23:99:ab:dc:2a:cf:f7:ed:b2:9a:c1:cb:34:30:76:
31:f9:1c:65:df:4e:be:5b:2f:ac:de:4b:5f:1a:77:1f:32:9c:
b9:92:58:1f:dd:8d:b2:53:ed:5a:48:5c:c1:7e:19:4e:be:0a:
9a:b8:c9:67:b3:ca:37:b3:1d:d8:7b:67:38:d8:3e:4e:9a:72:
b3:40:65:1c:c8:39:a3:f2:3c:67:9a:d6:7d:fd:01:8a:49:d9:
cf:fe:7a:72:91:f2:26:7f:f6:90:5d:bb:35:37:a6:f1:77:ea:
1c:85:03:f5:59:a7:70:50:00:e6:b2:71:83:51:52:f2:9f:2f:
c5:fc:a0:92:42:5a:17:23:be:79:ce:cf:a4:6e:d5:22:a5:6e:
17:21:0b:39:28:21:84:21:85:5d:b7:00:98:09:6f:e3:24:e4:
85:50:02:27:bc:02:3d:b7:4a:47:7e:b1:04:4b:03:da:19:c1:
08:1d:bb:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYh3wYf2y+YZq+8ieDFpUcHQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYzg0MDgyYmU5NmU2MDlkOWRlOTgwOGZiYzM3ODY2ZmVi
NGM1NGIwHhcNMjMwNjAxMTYxOTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGVhNWRhYTEzMDQxYTg5NTQ0YmM1MDE2ZmY4MmE1YjVlODFhMGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tTOsKgkqNfOhsSINltXc9Zn5eho
Wu9c4yLr1rQ3UFOl85RKsMWPojvAEZAs7rH3Lua1nVYa6HbK21+r958nnRh1hvrL
VrT1Q+Cwd6tEPrToKaIXxh9pRYdo6NiJEHtZAd/We9lKkp0ZMoEAPnYEJ6lSVDh6
Gz9aSIIcfegpi8IhP/IVDtsOS18S73gpraZX4WME0cmNgZ/PZNIipMJNI09kEY77
l+NCKJvMcUV2t9lK/DRJEgZVKApBn6mBJwC9JNZy5aj/69q6OV6SOVCkTelnjyFw
rl/nQh2NvIBxGRnG/G71BLrC/wQUden5nNgPet3khLttpGMg0w7YGG6WEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI3qXaoTBBqJVEvFAW/4KltegaDEMB8GA1UdIwQY
MBaAFM3IQIK+luYJ2d6YCPvDeGb+tMVLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemNoQWdyNlc1Z25aM3BnSS04TjRadjYweFVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iN2JmOTQtMzc3Yi00NDAwLThiOWMt
Y2JmMTY0ZThiZTAxLzEvamVwZHFoTUVHb2xVUzhVQmJfZ3FXMTZCb01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iN2JmOTQtMzc3Yi00NDAwLThiOWMtY2JmMTY0ZThiZTAx
LzEvemNoQWdyNlc1Z25aM3BnSS04TjRadjYweFVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJet6MA0G
CSqGSIb3DQEBCwUAA4IBAQBm+hJrJ5IjeMk7jlX9Mz3vstuhqqGG+EH2dhmJRLPT
+NDBxiN/NWlaNx6iBVkMrzwWGJ3PBCmNffAN8uD7QtjP04SRGvZnMH3ZlR0jmavc
Ks/37bKawcs0MHYx+Rxl306+Wy+s3ktfGncfMpy5klgf3Y2yU+1aSFzBfhlOvgqa
uMlns8o3sx3Ye2c42D5OmnKzQGUcyDmj8jxnmtZ9/QGKSdnP/npykfImf/aQXbs1
N6bxd+ochQP1WadwUADmsnGDUVLyny/F/KCSQloXI755zs+kbtUipW4XIQs5KCGE
IYVdtwCYCW/jJOSFUAInvAI9t0pHfrEESwPaGcEIHbsW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:51 2024 by rpki-client on console-fra.rpki-client.org