Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/1df143-7caa-4934-b076-f8bd004c3089/1/J7s_mnC2O3ZklUzJKScNfheBIsM.roa
File: J7s_mnC2O3ZklUzJKScNfheBIsM.roa (raw, json)
Hash identifier: 9kAtrUO4yLxv0N4Yw6XoPq4QS9bvxGDP4zsSB5l+kCM=
Subject key identifier: 27:BB:3F:9A:70:B6:3B:76:64:95:4C:C9:29:27:0D:7E:17:81:22:C3
Certificate issuer: /CN=755f9dbbc025feece07237bec0bbd05e201c84bd
Certificate serial: 01856C25CE9A110EBDD4C700A8A0D37A2F9D
Authority key identifier: 75:5F:9D:BB:C0:25:FE:EC:E0:72:37:BE:C0:BB:D0:5E:20:1C:84:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dV-du8Al_uzgcje-wLvQXiAchL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/1df143-7caa-4934-b076-f8bd004c3089/1/J7s_mnC2O3ZklUzJKScNfheBIsM.roa
Signing time: Sun 01 Jan 2023 07:04:55 +0000
ROA not before: Sun 01 Jan 2023 07:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210189
IP address blocks: 2001:67c:8f4::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:25:ce:9a:11:0e:bd:d4:c7:00:a8:a0:d3:7a:2f:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=755f9dbbc025feece07237bec0bbd05e201c84bd
Validity
Not Before: Jan 1 07:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27bb3f9a70b63b7664954cc929270d7e178122c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:06:6d:1f:10:a6:79:67:9a:18:88:91:dd:3d:
1b:73:1f:82:7c:41:38:25:9c:02:f5:54:c5:99:6b:
5b:db:89:fb:74:c5:92:ff:b2:18:ea:e3:72:9c:0b:
be:65:5b:b4:bb:2e:9c:2f:2d:68:62:83:90:23:4e:
e0:d0:36:de:3a:1d:5e:15:91:6f:1f:b7:a4:92:5a:
0c:cf:58:c7:08:2e:ff:cb:7f:bc:3b:89:8d:ca:4f:
c0:53:82:3e:93:be:1c:2c:d1:f0:62:04:5f:56:b2:
3f:a3:2e:7b:79:3e:fa:82:c8:ea:6e:db:1a:60:4b:
70:01:5d:92:5a:56:f0:33:47:f6:47:7c:c2:9f:de:
f3:b0:ba:e8:7b:0a:6b:8a:c7:64:05:3b:a3:3e:59:
3d:db:b9:25:03:c9:d0:06:42:a3:8c:36:d8:9e:79:
34:19:85:89:23:a8:97:c1:94:fe:33:7b:5e:85:9f:
72:14:46:f9:b8:7e:52:1a:fd:9e:06:76:d7:19:be:
cd:2e:50:48:c3:4b:60:3e:b6:20:b8:d1:c0:fa:96:
3a:7f:d9:59:16:26:5d:1f:77:a1:b3:14:67:90:23:
45:70:3b:03:4c:47:7f:82:76:30:f1:6b:b3:49:2c:
37:46:a2:fd:67:e0:f8:bd:bf:f4:36:14:5a:f8:9f:
1e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:BB:3F:9A:70:B6:3B:76:64:95:4C:C9:29:27:0D:7E:17:81:22:C3
X509v3 Authority Key Identifier:
keyid:75:5F:9D:BB:C0:25:FE:EC:E0:72:37:BE:C0:BB:D0:5E:20:1C:84:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dV-du8Al_uzgcje-wLvQXiAchL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1df143-7caa-4934-b076-f8bd004c3089/1/J7s_mnC2O3ZklUzJKScNfheBIsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/1df143-7caa-4934-b076-f8bd004c3089/1/dV-du8Al_uzgcje-wLvQXiAchL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:8f4::/48
Signature Algorithm: sha256WithRSAEncryption
a5:a1:28:51:35:1b:9b:69:e2:4a:b6:6a:7b:ad:7b:4f:09:8d:
19:45:d9:2a:53:fe:62:72:3e:b4:02:7f:70:78:ca:37:c8:6e:
4b:f8:bb:c4:04:09:67:0f:6f:20:2e:70:23:d2:1c:27:ba:20:
5b:8d:17:cc:e6:42:15:b1:4e:e5:b7:3f:24:d4:17:e1:a8:9f:
21:aa:10:5e:97:f6:6e:93:be:42:1d:d9:2d:52:cb:1e:17:95:
09:de:aa:fb:c2:be:6a:0f:c0:a1:77:00:4d:ef:5c:a0:2d:3a:
7a:e3:4b:ac:f7:3d:6e:1c:38:e8:cf:7e:3c:19:84:4f:d0:1c:
e0:ac:18:8e:1d:dc:11:c9:b5:7e:11:e3:84:96:e5:b8:45:d5:
7a:fe:cc:05:4c:0a:52:b3:30:61:59:95:0f:57:c7:fe:fb:d9:
36:af:38:c0:08:07:14:5a:62:7b:df:b8:62:fc:a7:23:db:b4:
ec:76:a4:3d:df:e0:68:67:41:cc:ee:c1:f6:b0:8f:0d:70:28:
db:56:60:6b:79:22:0f:91:8a:f9:79:ed:76:64:88:42:23:ec:
29:6f:35:2a:62:7e:f0:65:ac:59:d8:07:b6:b8:90:fa:42:22:
df:ac:57:7e:6a:1f:e9:31:79:b4:08:72:38:ed:b9:22:88:ff:
27:ef:2d:df
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsJc6aEQ691McAqKDTei+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NWY5ZGJiYzAyNWZlZWNlMDcyMzdiZWMwYmJkMDVlMjAx
Yzg0YmQwHhcNMjMwMTAxMDcwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2JiM2Y5YTcwYjYzYjc2NjQ5NTRjYzkyOTI3MGQ3ZTE3ODEyMmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQZtHxCmeWeaGIiR3T0bcx+CfEE4
JZwC9VTFmWtb24n7dMWS/7IY6uNynAu+ZVu0uy6cLy1oYoOQI07g0DbeOh1eFZFv
H7ekkloMz1jHCC7/y3+8O4mNyk/AU4I+k74cLNHwYgRfVrI/oy57eT76gsjqbtsa
YEtwAV2SWlbwM0f2R3zCn97zsLroewprisdkBTujPlk927klA8nQBkKjjDbYnnk0
GYWJI6iXwZT+M3tehZ9yFEb5uH5SGv2eBnbXGb7NLlBIw0tgPrYguNHA+pY6f9lZ
FiZdH3ehsxRnkCNFcDsDTEd/gnYw8WuzSSw3RqL9Z+D4vb/0NhRa+J8epwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCe7P5pwtjt2ZJVMySknDX4XgSLDMB8GA1UdIwQY
MBaAFHVfnbvAJf7s4HI3vsC70F4gHIS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFYtZHU4QWxfdXpnY2plLXdMdlFYaUFjaEwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8xZGYxNDMtN2NhYS00OTM0LWIwNzYt
ZjhiZDAwNGMzMDg5LzEvSjdzX21uQzJPM1prbFV6SktTY05maGVCSXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8xZGYxNDMtN2NhYS00OTM0LWIwNzYtZjhiZDAwNGMzMDg5
LzEvZFYtZHU4QWxfdXpnY2plLXdMdlFYaUFjaEwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAj0
MA0GCSqGSIb3DQEBCwUAA4IBAQCloShRNRubaeJKtmp7rXtPCY0ZRdkqU/5icj60
An9weMo3yG5L+LvEBAlnD28gLnAj0hwnuiBbjRfM5kIVsU7ltz8k1BfhqJ8hqhBe
l/Zuk75CHdktUsseF5UJ3qr7wr5qD8ChdwBN71ygLTp640us9z1uHDjoz348GYRP
0BzgrBiOHdwRybV+EeOEluW4RdV6/swFTApSszBhWZUPV8f++9k2rzjACAcUWmJ7
37hi/Kcj27TsdqQ93+BoZ0HM7sH2sI8NcCjbVmBreSIPkYr5ee12ZIhCI+wpbzUq
Yn7wZaxZ2Ae2uJD6QiLfrFd+ah/pMXm0CHI47bkiiP8n7y3f
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:43 2024 by rpki-client on console-ams.rpki-client.org