Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/d1418c-7cd8-4af9-8166-577c03910701/1/jkuK2XmT1kDZ5r0Jor58w94SNHw.roa
File: jkuK2XmT1kDZ5r0Jor58w94SNHw.roa (raw, json)
Hash identifier: Fv86qtU/IKEU+aqCIGFLri6/cEYJoG/Jec4pZkHou0o=
Subject key identifier: 8E:4B:8A:D9:79:93:D6:40:D9:E6:BD:09:A2:BE:7C:C3:DE:12:34:7C
Certificate issuer: /CN=65f0120ee3b6f0f8db52d0db81c01e4447d8e4ba
Certificate serial: 097057F7
Authority key identifier: 65:F0:12:0E:E3:B6:F0:F8:DB:52:D0:DB:81:C0:1E:44:47:D8:E4:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZfASDuO28PjbUtDbgcAeREfY5Lo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/d1418c-7cd8-4af9-8166-577c03910701/1/jkuK2XmT1kDZ5r0Jor58w94SNHw.roa
Signing time: Sat 01 Jan 2022 15:01:22 +0000
ROA not before: Sat 01 Jan 2022 15:01:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34784
IP address blocks: 185.136.32.0/22 maxlen: 22
80.81.208.0/20 maxlen: 20
2a02:698::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 158357495 (0x97057f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65f0120ee3b6f0f8db52d0db81c01e4447d8e4ba
Validity
Not Before: Jan 1 15:01:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e4b8ad97993d640d9e6bd09a2be7cc3de12347c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:75:57:2f:c5:4e:da:9c:b4:d1:7e:ca:45:83:
7c:e4:6e:d6:b5:8e:98:45:48:72:b9:3b:87:f6:5c:
c8:d6:17:95:93:f8:a4:35:79:f1:ad:62:88:b8:17:
9e:f6:ff:33:53:16:58:d2:3a:65:d4:b4:96:fb:cc:
e4:d8:23:61:73:a7:7e:e9:8a:36:8a:3e:b2:0b:79:
a0:5c:b6:32:92:e0:cf:f0:4c:af:76:46:f4:03:15:
86:a0:7c:d4:b7:9f:5c:58:ab:86:ba:b4:2b:84:1a:
9b:57:a4:f3:3c:ec:df:ce:90:db:cc:56:ee:80:c3:
c3:59:25:a0:03:ca:b4:40:f7:97:0b:c0:b3:7d:60:
30:84:70:3d:ec:20:1c:e7:6f:b3:b4:33:86:61:74:
f9:71:6a:65:8c:7d:8f:e3:d1:29:2d:88:45:b4:b3:
7a:d6:4e:28:5c:e9:bc:cf:23:0d:64:d8:2d:11:8e:
a8:51:57:d6:3c:98:9b:da:0c:c6:7a:4c:ce:89:0d:
73:43:ca:ca:13:d4:8e:bf:82:c9:33:02:90:d7:8b:
7b:74:e1:05:ed:06:58:93:3d:08:a0:94:7d:8d:cb:
c7:d1:37:28:19:4e:ec:96:fb:01:78:02:9a:ae:dd:
7c:ce:c7:72:76:56:e6:55:a0:83:3a:3d:d3:10:49:
9a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:4B:8A:D9:79:93:D6:40:D9:E6:BD:09:A2:BE:7C:C3:DE:12:34:7C
X509v3 Authority Key Identifier:
keyid:65:F0:12:0E:E3:B6:F0:F8:DB:52:D0:DB:81:C0:1E:44:47:D8:E4:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZfASDuO28PjbUtDbgcAeREfY5Lo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/d1418c-7cd8-4af9-8166-577c03910701/1/jkuK2XmT1kDZ5r0Jor58w94SNHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/d1418c-7cd8-4af9-8166-577c03910701/1/ZfASDuO28PjbUtDbgcAeREfY5Lo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.208.0/20
185.136.32.0/22
IPv6:
2a02:698::/32
Signature Algorithm: sha256WithRSAEncryption
6b:30:f7:5c:c7:d9:2c:b4:88:72:df:63:70:2d:92:36:e3:a0:
a2:77:13:78:8b:b6:87:2e:4f:59:20:21:4a:2b:b2:61:bf:64:
13:8f:4a:fd:a4:0a:bb:0c:8b:b8:32:64:5e:a9:46:7d:f2:92:
e7:6d:37:bc:97:59:43:88:27:3d:b5:ba:66:ea:a0:69:66:33:
16:02:b5:d3:2a:83:7f:86:fd:31:cb:06:bb:80:be:ac:9e:5c:
3e:d3:0b:29:8d:4b:ad:da:83:eb:33:56:a0:52:ae:c7:b6:40:
93:22:12:81:54:b6:30:34:b5:db:82:38:3f:8e:d7:9c:bf:58:
cc:5a:b0:8e:94:55:22:f0:df:49:28:e9:a5:b9:c9:30:2f:86:
48:5a:be:a2:40:df:6b:2f:3c:cf:68:86:a6:f0:35:0d:26:12:
f0:22:4e:4d:cf:af:1c:c6:42:7d:45:68:6f:a0:31:71:89:aa:
31:a7:d1:3d:bb:89:c0:00:0e:93:4e:93:0e:42:c4:f1:38:cc:
62:14:82:6c:1b:59:bc:54:7f:47:32:32:29:63:6b:bd:bf:6f:
b5:ae:06:3a:db:9a:98:f0:c3:7d:79:00:1c:b4:e6:c1:6a:bb:
6d:bd:5c:52:03:97:2f:e9:0e:4b:15:2b:af:2e:21:5b:79:b6:
0c:94:af:be
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECXBX9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NWYwMTIwZWUzYjZmMGY4ZGI1MmQwZGI4MWMwMWU0NDQ3ZDhlNGJhMB4XDTIyMDEw
MTE1MDEyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGU0YjhhZDk3OTkz
ZDY0MGQ5ZTZiZDA5YTJiZTdjYzNkZTEyMzQ3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO91Vy/FTtqctNF+ykWDfORu1rWOmEVIcrk7h/ZcyNYXlZP4
pDV58a1iiLgXnvb/M1MWWNI6ZdS0lvvM5NgjYXOnfumKNoo+sgt5oFy2MpLgz/BM
r3ZG9AMVhqB81LefXFirhrq0K4Qam1ek8zzs386Q28xW7oDDw1kloAPKtED3lwvA
s31gMIRwPewgHOdvs7QzhmF0+XFqZYx9j+PRKS2IRbSzetZOKFzpvM8jDWTYLRGO
qFFX1jyYm9oMxnpMzokNc0PKyhPUjr+CyTMCkNeLe3ThBe0GWJM9CKCUfY3Lx9E3
KBlO7Jb7AXgCmq7dfM7HcnZW5lWggzo90xBJms8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSOS4rZeZPWQNnmvQmivnzD3hI0fDAfBgNVHSMEGDAWgBRl8BIO47bw+NtS
0NuBwB5ER9jkujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pmQVNEdU8yOFBqYlV0RGJnY0FlUkVmWTVMby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWQvZDE0MThjLTdjZDgtNGFmOS04MTY2LTU3N2MwMzkxMDcwMS8x
L2prdUsyWG1UMWtEWjVyMEpvcjU4dzk0U05Idy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWQv
ZDE0MThjLTdjZDgtNGFmOS04MTY2LTU3N2MwMzkxMDcwMS8xL1pmQVNEdU8yOFBq
YlV0RGJnY0FlUkVmWTVMby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBFBR0AMEArmIIDANBAIAAjAHAwUA
KgIGmDANBgkqhkiG9w0BAQsFAAOCAQEAazD3XMfZLLSIct9jcC2SNuOgoncTeIu2
hy5PWSAhSiuyYb9kE49K/aQKuwyLuDJkXqlGffKS5203vJdZQ4gnPbW6ZuqgaWYz
FgK10yqDf4b9McsGu4C+rJ5cPtMLKY1LrdqD6zNWoFKux7ZAkyISgVS2MDS124I4
P47XnL9YzFqwjpRVIvDfSSjppbnJMC+GSFq+okDfay88z2iGpvA1DSYS8CJOTc+v
HMZCfUVob6AxcYmqMafRPbuJwAAOk06TDkLE8TjMYhSCbBtZvFR/RzIyKWNrvb9v
ta4GOtuamPDDfXkAHLTmwWq7bb1cUgOXL+kOSxUrry4hW3m2DJSvvg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:37 2024 by rpki-client on console-fra.rpki-client.org