Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/JjinXRCdOS6QNaTfGB7Nc2yrmSc.roa
File: JjinXRCdOS6QNaTfGB7Nc2yrmSc.roa (raw, json)
Hash identifier: X+x8K54dWaiyxw+SdeunIsnqW6DCfswHcBDRcvCCquc=
Subject key identifier: 26:38:A7:5D:10:9D:39:2E:90:35:A4:DF:18:1E:CD:73:6C:AB:99:27
Certificate issuer: /CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Certificate serial: 088FF306
Authority key identifier: 96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/JjinXRCdOS6QNaTfGB7Nc2yrmSc.roa
Signing time: Sat 01 Jan 2022 05:05:51 +0000
ROA not before: Sat 01 Jan 2022 05:05:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207996
IP address blocks: 147.78.192.0/22 maxlen: 24
185.203.112.0/22 maxlen: 24
2a0a:e5c0::/29 maxlen: 48
2a09:2940::/29 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143651590 (0x88ff306)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Validity
Not Before: Jan 1 05:05:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2638a75d109d392e9035a4df181ecd736cab9927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8d:c4:48:87:1c:76:ff:d0:96:5b:0a:5a:7e:
03:b0:0a:59:0c:95:a1:e4:6c:9c:93:5a:3d:96:f1:
4a:48:35:e1:87:f5:a8:52:51:6a:60:ed:22:85:97:
c7:6b:4c:ad:2a:83:21:f8:70:4c:9a:e6:41:a6:2a:
25:43:25:f4:d4:3c:34:a3:a0:72:88:3f:d0:0e:fa:
ca:34:cb:bd:80:7b:58:a9:cf:68:e2:6d:6d:03:dd:
ad:9a:d4:7d:10:e2:2b:5e:ec:2a:02:be:87:4a:c0:
78:c9:f4:71:0b:84:33:ee:38:16:6c:1b:e9:28:8f:
70:bb:d8:54:9e:87:0f:e3:44:f6:42:c2:94:fb:18:
d7:ef:b3:4c:01:45:fd:75:54:2c:83:04:e2:e7:39:
21:5b:be:33:f0:a4:b5:e6:c6:54:cf:b2:15:b2:f5:
5e:d0:d5:9e:bb:5a:55:f8:2a:eb:88:02:ac:ce:0c:
5e:6b:5f:51:d8:54:6e:11:50:7a:9c:7b:40:da:a8:
c4:10:cf:76:a1:3d:fb:62:8a:df:21:8c:0f:61:5f:
1f:b5:14:3d:28:92:d3:05:fe:23:f9:93:40:83:c4:
27:dc:47:0f:0f:0c:1d:05:67:21:bf:fa:c7:b7:fb:
f9:0a:25:36:ea:f0:80:cf:b9:a2:fb:c0:a8:34:90:
0c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:38:A7:5D:10:9D:39:2E:90:35:A4:DF:18:1E:CD:73:6C:AB:99:27
X509v3 Authority Key Identifier:
keyid:96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/JjinXRCdOS6QNaTfGB7Nc2yrmSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.192.0/22
185.203.112.0/22
IPv6:
2a09:2940::/29
2a0a:e5c0::/29
Signature Algorithm: sha256WithRSAEncryption
2d:28:50:fc:09:26:86:4a:89:db:6c:f0:06:86:00:0a:07:8f:
50:0b:4a:d3:a5:cb:f5:16:d3:b7:e6:52:9a:21:67:dd:5a:ec:
cc:17:c4:9a:d1:2f:06:dd:22:4d:d0:70:a3:81:7a:85:ba:e9:
b2:df:51:50:6e:db:ec:54:bf:d2:3f:fb:a5:6b:06:34:a4:ca:
26:30:ec:ff:db:b7:68:bc:ad:90:bd:a0:aa:2f:5d:41:bc:1f:
ad:b1:59:a2:a4:6d:99:00:32:cf:c1:74:a3:a3:a3:d1:7a:3c:
54:c0:cc:42:2e:e3:01:9d:1c:28:df:fb:76:8a:e9:3a:bd:03:
47:76:ce:da:38:35:ab:8e:7f:df:a3:0e:a9:c3:69:5e:d3:8c:
3a:ee:07:24:ca:7a:77:c7:4f:76:58:61:63:27:21:83:d6:b3:
de:d1:2a:40:a0:71:41:d2:3a:8b:b5:28:13:d6:ff:21:30:77:
3f:88:84:6d:5f:f0:c8:d1:da:32:56:b5:16:85:0f:da:a9:d8:
3c:d9:07:93:3a:e7:de:bf:d1:e5:ea:e6:8d:a2:ab:3e:bb:fb:
2b:44:87:41:58:4d:2b:29:7d:a5:41:85:50:33:40:9f:c4:a4:
53:f9:47:a0:69:dc:4b:a0:25:cf:f1:9c:f9:f9:3d:7a:b3:7d:
d5:00:eb:50
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIECI/zBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NmJmYzVhMTcyNjU0ZGQ2MDA5ZGIxZDgyZDkyZmZhZjcxMjM0MTIwMB4XDTIyMDEw
MTA1MDU1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjYzOGE3NWQxMDlk
MzkyZTkwMzVhNGRmMTgxZWNkNzM2Y2FiOTkyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANqNxEiHHHb/0JZbClp+A7AKWQyVoeRsnJNaPZbxSkg14Yf1
qFJRamDtIoWXx2tMrSqDIfhwTJrmQaYqJUMl9NQ8NKOgcog/0A76yjTLvYB7WKnP
aOJtbQPdrZrUfRDiK17sKgK+h0rAeMn0cQuEM+44Fmwb6SiPcLvYVJ6HD+NE9kLC
lPsY1++zTAFF/XVULIME4uc5IVu+M/CktebGVM+yFbL1XtDVnrtaVfgq64gCrM4M
XmtfUdhUbhFQepx7QNqoxBDPdqE9+2KK3yGMD2FfH7UUPSiS0wX+I/mTQIPEJ9xH
Dw8MHQVnIb/6x7f7+QolNurwgM+5ovvAqDSQDEMCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBQmOKddEJ05LpA1pN8YHs1zbKuZJzAfBgNVHSMEGDAWgBSWv8WhcmVN1gCd
sdgtkv+vcSNBIDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xyX0ZvWEpsVGRZQW5iSFlMWkxfcjNFalFTQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2MvMzYzMGNiLWViZWMtNGQ4Ni1iMTJiLWJmZmI3NTdjMzEzNC8x
L0pqaW5YUkNkT1M2UU5hVGZHQjdOYzJ5cm1TYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Mv
MzYzMGNiLWViZWMtNGQ4Ni1iMTJiLWJmZmI3NTdjMzEzNC8xL2xyX0ZvWEpsVGRZ
QW5iSFlMWkxfcjNFalFTQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEApNOwAMEArnLcDAUBAIAAjAOAwUD
KgkpQAMFAyoK5cAwDQYJKoZIhvcNAQELBQADggEBAC0oUPwJJoZKidts8AaGAAoH
j1ALStOly/UW07fmUpohZ91a7MwXxJrRLwbdIk3QcKOBeoW66bLfUVBu2+xUv9I/
+6VrBjSkyiYw7P/bt2i8rZC9oKovXUG8H62xWaKkbZkAMs/BdKOjo9F6PFTAzEIu
4wGdHCjf+3aK6Tq9A0d2zto4NauOf9+jDqnDaV7TjDruByTKenfHT3ZYYWMnIYPW
s97RKkCgcUHSOou1KBPW/yEwdz+IhG1f8MjR2jJWtRaFD9qp2DzZB5M6596/0eXq
5o2iqz67+ytEh0FYTSspfaVBhVAzQJ/EpFP5R6Bp3EugJc/xnPn5PXqzfdUA61A=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:54 2023 by rpki-client on console-ams.rpki-client.org