Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/JIFZv1Nv1-bStUSf1xlhc8_xvV8.roa
File: JIFZv1Nv1-bStUSf1xlhc8_xvV8.roa (raw, json)
Hash identifier: zfL9uMXz4gi9KU0ltJWQX6tMDMotaUSq0Y6DBbtl2QM=
Subject key identifier: 24:81:59:BF:53:6F:D7:E6:D2:B5:44:9F:D7:19:61:73:CF:F1:BD:5F
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 15AD854D
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/JIFZv1Nv1-bStUSf1xlhc8_xvV8.roa
Signing time: Tue 01 Mar 2022 13:21:05 +0000
ROA not before: Tue 01 Mar 2022 13:21:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198156
IP address blocks: 212.7.216.0/21 maxlen: 21
2a01:6e80:fffe::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 363693389 (0x15ad854d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Mar 1 13:21:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=248159bf536fd7e6d2b5449fd7196173cff1bd5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:06:9d:11:85:4f:9f:74:29:6c:91:13:e0:ef:
bf:f2:46:57:b6:b8:06:83:41:5a:4f:d0:7e:6d:a7:
93:0f:ec:d1:02:09:0b:2b:49:5d:75:46:35:bd:cb:
76:c8:8d:cc:a8:e1:b0:97:8f:34:f8:5c:84:2d:f8:
88:c6:47:e9:99:01:4a:1d:c8:9f:4d:fb:cf:37:f6:
2d:ca:df:18:ea:2e:94:8d:cc:eb:c7:f7:37:c4:34:
ce:9d:24:f8:89:ce:66:f5:6c:8a:f4:f1:54:90:6f:
06:27:6b:43:00:84:0d:cb:61:2e:ef:dc:f4:8c:c4:
5c:00:fe:12:79:3a:a7:31:0a:d6:84:9f:b4:47:37:
5f:a7:56:75:94:aa:ff:75:f0:85:e7:9d:4f:19:b7:
6e:dd:e7:bf:93:c9:ff:d3:43:85:a0:07:6a:2c:b4:
45:25:32:cc:cb:2d:6e:80:af:6f:19:1a:1d:25:df:
70:a8:6f:1b:61:3b:cb:3f:d2:3b:3d:02:54:bb:df:
d7:0f:30:f0:d4:6b:34:a8:32:36:0c:fb:82:ba:21:
c6:fc:5f:c5:b2:0b:4b:bf:24:34:ca:19:f2:95:6c:
c5:4d:18:f8:cb:ff:99:fc:62:04:9c:12:4a:4a:40:
29:6d:77:f3:35:14:a0:a8:84:da:7d:99:53:cc:5e:
d2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:81:59:BF:53:6F:D7:E6:D2:B5:44:9F:D7:19:61:73:CF:F1:BD:5F
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/JIFZv1Nv1-bStUSf1xlhc8_xvV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.7.216.0/21
IPv6:
2a01:6e80:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
58:d9:4b:36:53:e1:d5:66:50:99:61:26:1f:22:5c:f3:c7:6e:
09:7f:e5:a3:db:44:9d:4f:db:5b:d4:1c:a6:a3:f2:84:05:e4:
b4:20:df:c2:f3:c6:ed:2a:c7:86:bb:00:af:57:59:72:d5:a1:
f9:a0:5f:f5:15:80:fd:89:50:77:6e:4f:4f:e5:1c:87:a3:88:
77:cb:d8:eb:42:1e:f5:6a:b9:98:4c:06:97:2c:db:ee:45:43:
16:24:03:d6:c9:da:cb:5a:bc:5c:e3:15:a2:50:5e:9f:b1:fe:
25:de:d3:ae:1e:94:6d:b6:61:88:2f:2b:e8:21:33:56:fb:f8:
1f:02:0b:16:16:0d:f1:e7:d5:c7:d8:82:51:62:02:8c:4d:2b:
19:8c:28:f2:b2:31:34:f9:42:de:12:0b:c5:a0:19:6b:1c:ae:
b8:7b:1f:72:5d:7d:94:78:7b:a9:5e:f6:6d:0c:99:6b:a1:11:
af:60:81:a4:a9:b9:41:15:7a:e1:3a:fa:08:d9:3e:84:96:7a:
7b:38:e0:2a:33:f2:de:ac:d1:0f:87:d1:ae:1d:d3:5e:71:eb:
49:d7:f4:21:a2:62:e5:15:87:56:4e:df:e2:0d:7c:74:b9:25:
f1:44:10:f9:7b:03:35:74:af:a5:9d:8c:4a:27:db:e6:57:61:
03:60:05:5b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEFa2FTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTFhMmZkNmY1ZTVhZjg3ZDVjZWEwOTUwNjZmYmNjM2QzZTU0NmE0MB4XDTIyMDMw
MTEzMjEwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQ4MTU5YmY1MzZm
ZDdlNmQyYjU0NDlmZDcxOTYxNzNjZmYxYmQ1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJIGnRGFT590KWyRE+Dvv/JGV7a4BoNBWk/Qfm2nkw/s0QIJ
CytJXXVGNb3LdsiNzKjhsJePNPhchC34iMZH6ZkBSh3In037zzf2LcrfGOoulI3M
68f3N8Q0zp0k+InOZvVsivTxVJBvBidrQwCEDcthLu/c9IzEXAD+Enk6pzEK1oSf
tEc3X6dWdZSq/3XwheedTxm3bt3nv5PJ/9NDhaAHaiy0RSUyzMstboCvbxkaHSXf
cKhvG2E7yz/SOz0CVLvf1w8w8NRrNKgyNgz7grohxvxfxbILS78kNMoZ8pVsxU0Y
+Mv/mfxiBJwSSkpAKW138zUUoKiE2n2ZU8xe0j8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQkgVm/U2/X5tK1RJ/XGWFzz/G9XzAfBgNVHSMEGDAWgBQ1Gi/W9eWvh9XO
oJUGb7zD0+VGpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Sb3YxdlhscjRmVnpxQ1ZCbS04dzlQbFJxUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvY2RkZGQ1LTgxN2EtNDExMy04YjgyLTIzMDQ5ZTRkMmYxMi8x
L0pJRlp2MU52MS1iU3RVU2YxeGxoYzhfeHZWOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
Y2RkZGQ1LTgxN2EtNDExMy04YjgyLTIzMDQ5ZTRkMmYxMi8xL05Sb3YxdlhscjRm
VnpxQ1ZCbS04dzlQbFJxUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA9QH2DAPBAIAAjAJAwcAKgFugP/+
MA0GCSqGSIb3DQEBCwUAA4IBAQBY2Us2U+HVZlCZYSYfIlzzx24Jf+Wj20SdT9tb
1Bymo/KEBeS0IN/C88btKseGuwCvV1ly1aH5oF/1FYD9iVB3bk9P5RyHo4h3y9jr
Qh71armYTAaXLNvuRUMWJAPWydrLWrxc4xWiUF6fsf4l3tOuHpRttmGILyvoITNW
+/gfAgsWFg3x59XH2IJRYgKMTSsZjCjysjE0+ULeEgvFoBlrHK64ex9yXX2UeHup
XvZtDJlroRGvYIGkqblBFXrhOvoI2T6Elnp7OOAqM/LerNEPh9GuHdNecetJ1/Qh
omLlFYdWTt/iDXx0uSXxRBD5ewM1dK+lnYxKJ9vmV2EDYAVb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:18 2024 by rpki-client on console-fra.rpki-client.org