Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/jF6MbNLZbRVJebEaOn63ye2vomM.roa
File: jF6MbNLZbRVJebEaOn63ye2vomM.roa (raw, json)
Hash identifier: wNYoVbRZcrRBdZDEpkou/anCKbxuF4Hhzt5RyBjRSy0=
Subject key identifier: 8C:5E:8C:6C:D2:D9:6D:15:49:79:B1:1A:3A:7E:B7:C9:ED:AF:A2:63
Certificate issuer: /CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Certificate serial: 018C5D52A51A9B5563B2964D63F3143250E9
Authority key identifier: C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/jF6MbNLZbRVJebEaOn63ye2vomM.roa
Signing time: Tue 12 Dec 2023 09:19:06 +0000
ROA not before: Tue 12 Dec 2023 09:19:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29300
IP address blocks: 81.88.64.0/20 maxlen: 20
82.148.160.0/19 maxlen: 19
93.184.120.0/21 maxlen: 21
109.169.96.0/19 maxlen: 19
2a02:2828::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5d:52:a5:1a:9b:55:63:b2:96:4d:63:f3:14:32:50:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c592786ced6ce597585468bb4f36b31cf6acec6e
Validity
Not Before: Dec 12 09:19:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c5e8c6cd2d96d154979b11a3a7eb7c9edafa263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:26:fb:f5:6d:3d:94:6d:ec:e4:10:20:d8:7c:
d5:9f:d5:4f:14:a5:70:0f:f4:b5:be:f1:28:14:5c:
a0:ac:88:89:36:b0:26:1f:ff:56:59:a7:57:61:75:
b3:03:c1:09:35:e0:86:91:3b:85:1e:84:bc:05:b1:
ab:dd:04:a6:ed:3b:18:9f:57:47:49:c3:eb:02:5f:
b4:f4:9f:84:9a:74:30:bc:06:e9:3d:6d:bd:69:56:
17:d6:81:dd:08:e5:41:ee:d0:7a:90:b3:81:1d:c3:
31:58:6f:c3:de:d3:a4:61:25:39:3b:bb:6b:a0:1a:
8a:31:0e:1d:a9:33:bd:43:a9:d8:e2:52:0b:05:e2:
df:64:f9:2b:02:a9:33:d6:db:f0:66:ad:94:3f:3c:
c3:28:80:7a:c0:27:ae:61:3a:c1:4f:f9:f6:a0:c5:
41:00:76:a5:99:24:3a:e2:8a:f9:8b:5c:69:5a:40:
e1:0a:c7:70:b6:35:52:31:f4:a4:14:8e:be:60:8a:
e1:c0:40:2c:87:71:7f:62:d6:d0:99:71:62:2b:93:
24:21:c8:1a:5c:92:a0:a1:9b:6d:65:33:fc:ea:ad:
ba:c2:e4:f7:89:10:cd:da:e0:1b:b3:2b:7d:75:0c:
1b:8c:62:e8:4e:83:78:61:bf:19:f7:c6:fb:b9:41:
17:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:5E:8C:6C:D2:D9:6D:15:49:79:B1:1A:3A:7E:B7:C9:ED:AF:A2:63
X509v3 Authority Key Identifier:
keyid:C5:92:78:6C:ED:6C:E5:97:58:54:68:BB:4F:36:B3:1C:F6:AC:EC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xZJ4bO1s5ZdYVGi7TzazHPas7G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/jF6MbNLZbRVJebEaOn63ye2vomM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a9c0b7-a23a-458f-8f64-ba37511404c2/1/xZJ4bO1s5ZdYVGi7TzazHPas7G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.64.0/20
82.148.160.0/19
93.184.120.0/21
109.169.96.0/19
IPv6:
2a02:2828::/32
Signature Algorithm: sha256WithRSAEncryption
3f:70:52:c1:96:31:ad:47:81:f0:bd:11:c8:e2:24:12:5f:4d:
4a:fd:34:37:8c:2d:65:fc:fa:94:27:77:c5:90:33:cf:35:08:
b7:b5:98:2c:78:27:46:20:b6:5f:3a:c3:96:6a:1c:7b:8c:49:
cc:14:62:87:1b:47:35:09:e2:18:86:4f:3c:d4:ac:97:32:1b:
35:4b:14:de:37:f0:02:6a:15:33:69:0d:a3:e1:69:d4:e6:e3:
ee:98:8c:79:ba:ae:3e:65:75:da:9b:5c:40:07:65:cd:ca:d9:
c0:02:4a:9a:bc:93:83:e0:42:3f:29:32:c4:a2:92:a6:a0:20:
f9:2c:03:91:27:b6:5f:ec:8b:0c:0a:7d:31:58:a9:0c:a2:1b:
2a:3a:e8:f2:58:0a:4d:a2:b7:0a:e7:8f:61:ad:02:75:0d:3f:
e7:a8:af:4b:3e:de:63:af:ec:d7:c7:06:f4:cb:5b:01:a8:1a:
c7:96:86:34:f7:be:82:50:be:95:72:42:6a:b9:ca:ed:bd:d7:
e5:98:3c:51:b9:6d:53:91:6c:fb:e8:e5:5a:8c:37:a0:c7:7c:
e6:44:6e:5a:d1:dd:f3:3b:2b:9c:4a:69:a3:2d:c5:ed:12:c0:
65:37:87:0b:4e:59:94:2c:95:6b:cf:b8:e2:4a:53:79:e0:15:
07:79:57:49
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYxdUqUam1VjspZNY/MUMlDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OTI3ODZjZWQ2Y2U1OTc1ODU0NjhiYjRmMzZiMzFjZjZh
Y2VjNmUwHhcNMjMxMjEyMDkxOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzVlOGM2Y2QyZDk2ZDE1NDk3OWIxMWEzYTdlYjdjOWVkYWZhMjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSb79W09lG3s5BAg2HzVn9VPFKVw
D/S1vvEoFFygrIiJNrAmH/9WWadXYXWzA8EJNeCGkTuFHoS8BbGr3QSm7TsYn1dH
ScPrAl+09J+EmnQwvAbpPW29aVYX1oHdCOVB7tB6kLOBHcMxWG/D3tOkYSU5O7tr
oBqKMQ4dqTO9Q6nY4lILBeLfZPkrAqkz1tvwZq2UPzzDKIB6wCeuYTrBT/n2oMVB
AHalmSQ64or5i1xpWkDhCsdwtjVSMfSkFI6+YIrhwEAsh3F/YtbQmXFiK5MkIcga
XJKgoZttZTP86q26wuT3iRDN2uAbsyt9dQwbjGLoToN4Yb8Z98b7uUEX5QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIxejGzS2W0VSXmxGjp+t8ntr6JjMB8GA1UdIwQY
MBaAFMWSeGztbOWXWFRou082sxz2rOxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQt
YmEzNzUxMTQwNGMyLzEvakY2TWJOTFpiUlZKZWJFYU9uNjN5ZTJ2b21NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9hOWMwYjctYTIzYS00NThmLThmNjQtYmEzNzUxMTQwNGMy
LzEveFpKNGJPMXM1WmRZVkdpN1R6YXpIUGFzN0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUVhAAwQF
UpSgAwQDXbh4AwQFbalgMA0EAgACMAcDBQAqAigoMA0GCSqGSIb3DQEBCwUAA4IB
AQA/cFLBljGtR4HwvRHI4iQSX01K/TQ3jC1l/PqUJ3fFkDPPNQi3tZgseCdGILZf
OsOWahx7jEnMFGKHG0c1CeIYhk881KyXMhs1SxTeN/ACahUzaQ2j4WnU5uPumIx5
uq4+ZXXam1xAB2XNytnAAkqavJOD4EI/KTLEopKmoCD5LAORJ7Zf7IsMCn0xWKkM
ohsqOujyWApNorcK549hrQJ1DT/nqK9LPt5jr+zXxwb0y1sBqBrHloY0976CUL6V
ckJqucrtvdflmDxRuW1TkWz76OVajDegx3zmRG5a0d3zOyucSmmjLcXtEsBlN4cL
TlmULJVrz7jiSlN54BUHeVdJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:46 2024 by rpki-client on console-fra.rpki-client.org