Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/jx0Ji0O0O8dnxsnJLSs0EMACyZE.roa
File: jx0Ji0O0O8dnxsnJLSs0EMACyZE.roa (raw, json)
Hash identifier: trw5CvOEfH6pDEMMoNJg+i5DHl2wxlEuZx5uOWxGBtk=
Subject key identifier: 8F:1D:09:8B:43:B4:3B:C7:67:C6:C9:C9:2D:2B:34:10:C0:02:C9:91
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 019427B58047CAB578B0A90B3C179500C07F
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/jx0Ji0O0O8dnxsnJLSs0EMACyZE.roa
Signing time: Thu 02 Jan 2025 15:49:53 +0000
ROA not before: Thu 02 Jan 2025 15:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 91.186.212.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:80:47:ca:b5:78:b0:a9:0b:3c:17:95:00:c0:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 2 15:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f1d098b43b43bc767c6c9c92d2b3410c002c991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9f:9a:88:33:5f:b7:1d:75:d4:3e:0c:d0:24:
43:a3:2c:73:5b:30:bb:b9:f8:2d:c1:0e:76:8c:59:
c8:be:b4:30:b1:3f:01:8b:9b:5a:1b:06:ec:c1:4f:
5b:e0:5f:c0:60:47:cd:85:80:94:46:ff:20:61:8d:
9e:78:10:0d:02:dc:2b:40:46:a7:7a:2a:16:38:d3:
e6:79:05:cf:8a:ee:1e:e2:fb:9f:e1:45:b1:57:dc:
03:95:d4:7f:f0:10:55:af:c2:b4:4e:07:f0:c4:9f:
43:e1:8f:a8:89:68:27:26:7b:67:bb:11:dd:fd:df:
a7:c8:33:9d:f6:cf:67:bc:88:47:71:e9:d2:48:bc:
04:46:aa:5e:93:a2:5f:90:d0:12:56:cc:87:5f:40:
0c:87:98:10:58:53:67:c7:71:f2:9f:cf:05:05:ce:
96:8d:ba:93:88:33:e2:28:07:63:e4:25:60:3e:d9:
d9:83:cc:d7:30:8d:32:e4:eb:ff:44:46:91:65:35:
d3:28:d4:18:e0:fe:bd:0a:bf:80:21:4f:55:59:68:
24:e9:07:f5:23:43:3e:8b:f6:c7:58:2f:69:65:33:
7a:0e:f5:98:6b:72:ce:b8:4c:0d:17:11:0d:d4:6b:
b7:f7:b5:87:eb:07:b6:05:26:1b:f2:22:f5:58:9b:
0d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:1D:09:8B:43:B4:3B:C7:67:C6:C9:C9:2D:2B:34:10:C0:02:C9:91
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/jx0Ji0O0O8dnxsnJLSs0EMACyZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.186.212.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:22:76:90:a6:58:54:60:a5:49:32:38:4f:18:02:61:a0:bb:
a5:09:c5:dc:9d:f7:a5:ff:05:e1:3b:26:65:81:fd:8d:18:d8:
e9:d1:41:b9:aa:5b:f9:42:55:dd:01:49:7b:4c:48:02:63:6c:
55:32:33:44:e5:4a:48:95:5e:67:2e:27:c2:2e:e3:28:f2:b4:
74:64:32:2e:19:d1:93:d7:73:e0:2b:cf:56:1b:ac:13:58:f3:
7c:1d:2b:ae:05:8d:c1:8e:6d:34:22:53:bc:6d:d1:45:1d:09:
07:6e:60:4c:00:af:ba:9c:77:5d:d1:f7:22:ca:80:95:e1:81:
f6:a4:8b:74:69:f4:af:80:76:d2:9e:12:80:a2:28:d4:a6:43:
d4:78:ab:e6:ff:b3:c2:4c:a0:9d:42:03:4f:f1:28:11:f1:9b:
0c:71:c9:1d:97:9d:2f:1f:41:d2:43:43:01:a0:65:b3:1f:d7:
b2:4e:01:11:c8:a2:05:db:eb:81:e0:92:b1:5b:c2:f4:c7:9d:
17:eb:b1:01:92:14:1a:dd:fb:af:8a:da:f0:4e:c7:44:ca:73:
00:8e:e4:eb:41:5c:aa:dd:42:d3:34:25:a7:2e:78:6c:b7:d8:
6c:a0:10:97:6f:92:76:e1:36:e1:a1:08:12:c8:ef:e0:2b:c2:
8c:d1:bd:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntYBHyrV4sKkLPBeVAMB/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjUwMTAyMTU0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjFkMDk4YjQzYjQzYmM3NjdjNmM5YzkyZDJiMzQxMGMwMDJjOTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5+aiDNftx111D4M0CRDoyxzWzC7
ufgtwQ52jFnIvrQwsT8Bi5taGwbswU9b4F/AYEfNhYCURv8gYY2eeBANAtwrQEan
eioWONPmeQXPiu4e4vuf4UWxV9wDldR/8BBVr8K0TgfwxJ9D4Y+oiWgnJntnuxHd
/d+nyDOd9s9nvIhHcenSSLwERqpek6JfkNASVsyHX0AMh5gQWFNnx3Hyn88FBc6W
jbqTiDPiKAdj5CVgPtnZg8zXMI0y5Ov/REaRZTXTKNQY4P69Cr+AIU9VWWgk6Qf1
I0M+i/bHWC9pZTN6DvWYa3LOuEwNFxEN1Gu397WH6we2BSYb8iL1WJsNHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI8dCYtDtDvHZ8bJyS0rNBDAAsmRMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvangwSmkwTzBPOGRueHNuSkxTczBFTUFDeVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW7rUMA0G
CSqGSIb3DQEBCwUAA4IBAQCbInaQplhUYKVJMjhPGAJhoLulCcXcnfel/wXhOyZl
gf2NGNjp0UG5qlv5QlXdAUl7TEgCY2xVMjNE5UpIlV5nLifCLuMo8rR0ZDIuGdGT
13PgK89WG6wTWPN8HSuuBY3Bjm00IlO8bdFFHQkHbmBMAK+6nHdd0fciyoCV4YH2
pIt0afSvgHbSnhKAoijUpkPUeKvm/7PCTKCdQgNP8SgR8ZsMcckdl50vH0HSQ0MB
oGWzH9eyTgERyKIF2+uB4JKxW8L0x50X67EBkhQa3fuvitrwTsdEynMAjuTrQVyq
3ULTNCWnLnhst9hsoBCXb5J24TbhoQgSyO/gK8KM0b22
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:39:13 2025 by rpki-client