Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JO--MT2KbA5UtiVqXh21iFoZasA.roa
File: JO--MT2KbA5UtiVqXh21iFoZasA.roa (raw, json)
Hash identifier: vz/dNaAkh7RLLCCCX44ij6yit10kJXsayHc4Jk+7M3k=
Subject key identifier: 24:EF:BE:31:3D:8A:6C:0E:54:B6:25:6A:5E:1D:B5:88:5A:19:6A:C0
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0182A1755EBDB1F29130B8EB785EE749494F
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JO--MT2KbA5UtiVqXh21iFoZasA.roa
Signing time: Mon 15 Aug 2022 12:23:19 +0000
ROA not before: Mon 15 Aug 2022 12:23:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204084
IP address blocks: 185.102.137.0/24 maxlen: 24
2a0f:7c80::/29 maxlen: 29
2a0b:9800::/29 maxlen: 29
2a0f:3380::/29 maxlen: 29
2a0f:2380::/29 maxlen: 29
2a0b:a300::/29 maxlen: 29
2a0f:a700::/29 maxlen: 29
2a0d:88c0::/29 maxlen: 29
2a0f:7300::/29 maxlen: 29
2a0f:c780::/29 maxlen: 29
2a0f:4580::/29 maxlen: 29
2a0c:7440::/29 maxlen: 29
2a0f:5580::/29 maxlen: 29
2a0c:74c0::/29 maxlen: 29
2a0f:1180::/29 maxlen: 29
2a0f:4680::/29 maxlen: 29
2a0c:7540::/29 maxlen: 29
2a0d:2cc0::/29 maxlen: 29
2a0f:a500::/29 maxlen: 29
2a0f:7100::/29 maxlen: 29
2a07:4a00::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a1:75:5e:bd:b1:f2:91:30:b8:eb:78:5e:e7:49:49:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Aug 15 12:23:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24efbe313d8a6c0e54b6256a5e1db5885a196ac0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d3:f6:07:66:3c:76:ff:df:8c:9d:4a:2b:78:
e1:ad:19:b6:9d:18:67:0f:0a:61:7b:1e:60:44:c1:
34:e6:83:08:00:38:2b:cc:6f:88:1a:c9:61:47:08:
8e:3f:1e:0e:7a:97:ce:61:7a:02:52:25:b3:98:8d:
93:8e:9f:cc:ba:e4:67:95:b4:42:a1:8f:e3:b2:46:
8d:a7:cb:1b:92:c6:45:ce:97:2b:83:e4:e3:67:38:
f0:e1:5f:d0:cf:e8:09:b2:5c:ad:82:30:95:df:52:
fc:7f:15:b2:f3:3e:47:1d:fa:b0:e7:df:d8:5c:6a:
dd:f4:52:09:27:8a:8d:cd:40:a3:06:ff:84:1c:a6:
c9:f5:90:4e:b4:eb:61:d4:40:a4:86:2d:da:4e:5b:
dd:8b:3d:09:2e:3d:0f:1b:cc:c4:0d:5d:70:41:9f:
4d:6c:de:a0:14:4d:f3:f3:75:4e:d0:51:b2:81:ee:
a2:6a:13:64:51:d1:f2:1e:4f:23:55:16:6a:2c:18:
a1:6a:1c:5a:3a:4a:f3:79:da:78:98:03:a1:9a:24:
a1:f6:f4:41:82:7f:a5:20:1b:9a:15:43:25:61:71:
8b:c3:bc:38:81:1c:af:1b:71:20:6a:0d:c1:94:91:
65:9e:28:34:e7:ea:8d:c7:5b:b1:79:9f:45:9a:fc:
93:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:EF:BE:31:3D:8A:6C:0E:54:B6:25:6A:5E:1D:B5:88:5A:19:6A:C0
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JO--MT2KbA5UtiVqXh21iFoZasA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.137.0/24
IPv6:
2a07:4a00::/29
2a0b:9800::/29
2a0b:a300::/29
2a0c:7440::/29
2a0c:74c0::/29
2a0c:7540::/29
2a0d:2cc0::/29
2a0d:88c0::/29
2a0f:1180::/29
2a0f:2380::/29
2a0f:3380::/29
2a0f:4580::/29
2a0f:4680::/29
2a0f:5580::/29
2a0f:7100::/29
2a0f:7300::/29
2a0f:7c80::/29
2a0f:a500::/29
2a0f:a700::/29
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
71:2a:d3:30:1a:52:39:df:63:92:0e:ac:58:74:da:c1:06:7d:
80:08:ef:57:6e:31:04:cd:9f:de:d2:38:1f:ad:0b:ad:cf:5c:
7c:0e:b5:d4:9c:7b:11:f3:7e:80:e0:c8:b7:21:38:e1:c7:7b:
0c:d9:a2:38:6c:ee:c4:1c:c5:c8:26:4a:cf:05:c4:3f:4c:ed:
5e:22:d1:9e:3a:99:e5:37:2e:2f:3d:d5:b0:25:f0:c6:54:73:
a1:56:c7:94:17:63:cb:b2:f6:b7:4a:a6:08:87:ec:95:db:25:
12:c5:56:39:3e:81:aa:fd:ea:85:d4:e1:ab:c5:05:e2:2a:a3:
5c:26:ac:9f:26:e3:78:ee:5d:c5:93:34:a5:fe:10:6d:77:70:
03:da:e3:03:04:c7:b9:0f:d1:7a:67:5e:94:d7:86:12:43:eb:
ef:a8:61:ae:4e:84:37:5f:96:8d:26:25:66:f7:4d:74:92:b6:
32:dd:de:be:b0:08:99:96:92:7f:70:17:15:18:51:0e:a9:3d:
30:d1:2f:09:84:d9:71:6f:48:49:c0:30:03:65:d4:d0:64:a7:
bf:5f:65:9f:73:6b:c1:4d:1b:1d:b2:7b:54:b0:d6:07:96:f2:
39:84:38:36:88:5b:b3:82:fd:f8:c6:28:af:2a:e8:af:fa:80:
4c:b4:1e:27
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYKhdV69sfKRMLjreF7nSUlPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwODE1MTIyMzE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGVmYmUzMTNkOGE2YzBlNTRiNjI1NmE1ZTFkYjU4ODVhMTk2YWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9P2B2Y8dv/fjJ1KK3jhrRm2nRhn
Dwphex5gRME05oMIADgrzG+IGslhRwiOPx4OepfOYXoCUiWzmI2Tjp/MuuRnlbRC
oY/jskaNp8sbksZFzpcrg+TjZzjw4V/Qz+gJslytgjCV31L8fxWy8z5HHfqw59/Y
XGrd9FIJJ4qNzUCjBv+EHKbJ9ZBOtOth1ECkhi3aTlvdiz0JLj0PG8zEDV1wQZ9N
bN6gFE3z83VO0FGyge6iahNkUdHyHk8jVRZqLBihahxaOkrzedp4mAOhmiSh9vRB
gn+lIBuaFUMlYXGLw7w4gRyvG3Egag3BlJFlnig05+qNx1uxeZ9FmvyTRQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFCTvvjE9imwOVLYlal4dtYhaGWrAMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvSk8tLU1UMktiQTVVdGlWcVhoMjFpRm9aYXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDAMBAIAATAGAwQAuWaJ
MIGTBAIAAjCBjAMFAyoHSgADBQMqC5gAAwUDKgujAAMFAyoMdEADBQMqDHTAAwUD
Kgx1QAMFAyoNLMADBQMqDYjAAwUDKg8RgAMFAyoPI4ADBQMqDzOAAwUDKg9FgAMF
AyoPRoADBQMqD1WAAwUDKg9xAAMFAyoPcwADBQMqD3yAAwUDKg+lAAMFAyoPpwAD
BQMqD8eAMA0GCSqGSIb3DQEBCwUAA4IBAQBxKtMwGlI532OSDqxYdNrBBn2ACO9X
bjEEzZ/e0jgfrQutz1x8DrXUnHsR836A4Mi3ITjhx3sM2aI4bO7EHMXIJkrPBcQ/
TO1eItGeOpnlNy4vPdWwJfDGVHOhVseUF2PLsva3SqYIh+yV2yUSxVY5PoGq/eqF
1OGrxQXiKqNcJqyfJuN47l3FkzSl/hBtd3AD2uMDBMe5D9F6Z16U14YSQ+vvqGGu
ToQ3X5aNJiVm9010krYy3d6+sAiZlpJ/cBcVGFEOqT0w0S8JhNlxb0hJwDADZdTQ
ZKe/X2Wfc2vBTRsdsntUsNYHlvI5hDg2iFuzgv34xiivKuiv+oBMtB4n
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org