Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/4a7cdf-c750-4ba4-9060-5f79dbcf5ddd/1/JnrRl-fxtxQggYp3y4HJEvbPdX0.roa
File: JnrRl-fxtxQggYp3y4HJEvbPdX0.roa (raw, json)
Hash identifier: vAhEju8yHgbFO5e3K/FVjfdjMXzpLemaC0Wq7nnHKtI=
Subject key identifier: 26:7A:D1:97:E7:F1:B7:14:20:81:8A:77:CB:81:C9:12:F6:CF:75:7D
Certificate issuer: /CN=895851d6c3257f218451a258a8e9b94947334e10
Certificate serial: 01857321DEF83CE0880CE665CB2326F6153F
Authority key identifier: 89:58:51:D6:C3:25:7F:21:84:51:A2:58:A8:E9:B9:49:47:33:4E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iVhR1sMlfyGEUaJYqOm5SUczThA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/4a7cdf-c750-4ba4-9060-5f79dbcf5ddd/1/JnrRl-fxtxQggYp3y4HJEvbPdX0.roa
Signing time: Mon 02 Jan 2023 15:37:57 +0000
ROA not before: Mon 02 Jan 2023 15:37:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38986
IP address blocks: 79.171.168.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:21:de:f8:3c:e0:88:0c:e6:65:cb:23:26:f6:15:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=895851d6c3257f218451a258a8e9b94947334e10
Validity
Not Before: Jan 2 15:37:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=267ad197e7f1b71420818a77cb81c912f6cf757d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d2:ce:6a:38:6f:6c:70:22:b1:4f:cd:de:68:
8b:08:0d:71:31:ba:79:04:68:78:eb:1c:9f:79:d2:
20:92:82:8d:50:9b:a9:61:a9:e9:c6:eb:23:6b:26:
de:74:17:f1:b4:6d:3e:09:61:64:fa:25:77:35:39:
6f:b3:72:1b:1d:58:6a:91:ba:ea:2f:8a:4f:62:ed:
86:f8:65:86:b7:54:ae:48:53:4b:fa:f5:64:c6:a4:
52:06:bc:51:08:41:c1:7c:1a:53:71:1a:dc:5b:37:
ea:3e:90:a7:6d:12:23:17:f1:91:46:66:cc:a0:03:
b9:eb:0d:7e:3d:5f:b1:d1:68:a2:a3:6a:e7:ad:89:
7d:0d:26:bc:dc:e4:d7:2d:6d:c2:aa:14:eb:cf:dc:
3f:51:75:a9:d5:88:f2:1d:df:ef:87:93:9d:f6:28:
98:6c:58:62:09:40:3e:03:05:46:c0:b9:7a:72:27:
18:59:6a:cd:1c:d5:41:9f:24:d6:b0:7f:84:e3:aa:
3c:d8:2d:b3:e3:40:d8:2c:d7:eb:83:6a:b8:33:84:
f4:2f:a4:dc:04:ee:95:06:dd:f6:da:a4:12:a6:f2:
89:6c:ff:4f:e3:d8:5d:d1:f1:31:43:6a:9e:97:69:
07:eb:73:9f:23:03:a8:d9:6b:25:f6:c1:f0:e3:d9:
b4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:7A:D1:97:E7:F1:B7:14:20:81:8A:77:CB:81:C9:12:F6:CF:75:7D
X509v3 Authority Key Identifier:
keyid:89:58:51:D6:C3:25:7F:21:84:51:A2:58:A8:E9:B9:49:47:33:4E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iVhR1sMlfyGEUaJYqOm5SUczThA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/4a7cdf-c750-4ba4-9060-5f79dbcf5ddd/1/JnrRl-fxtxQggYp3y4HJEvbPdX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/4a7cdf-c750-4ba4-9060-5f79dbcf5ddd/1/iVhR1sMlfyGEUaJYqOm5SUczThA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.168.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:79:d5:18:f4:53:37:46:f0:5a:4e:98:c6:af:a5:5b:cd:f0:
b5:7a:6b:24:61:1d:17:b4:55:5a:bb:e0:49:4f:a1:57:37:cd:
0c:50:73:eb:a0:a6:44:b3:5a:f5:9c:07:79:6a:da:d5:4b:ff:
fd:cb:63:c9:4a:31:de:6c:49:c8:2d:f2:a5:da:e9:f7:b7:bd:
a1:49:15:ba:2f:9c:75:1a:63:68:03:14:ed:df:b1:b4:de:c7:
cd:e3:0b:98:26:f5:44:0f:7a:76:2c:f9:73:27:8a:5c:a4:8c:
89:66:d8:19:05:da:c1:98:7b:32:8b:ef:08:04:dc:10:9e:3f:
d1:d2:5d:02:a6:3c:fd:73:a9:30:2d:70:09:ba:3c:aa:29:c3:
90:65:8c:23:79:d0:ca:27:29:20:a5:98:d3:8e:58:a5:78:9a:
b7:16:26:ec:fa:14:2d:ad:dc:73:52:34:b1:b1:38:ac:73:bc:
da:62:9f:c4:74:d0:df:70:a1:0f:73:73:79:a5:47:a5:b6:f4:
bf:27:30:6e:5d:20:49:fe:ce:79:49:95:45:a5:6c:72:f4:69:
52:1c:c6:82:d4:db:65:9d:2d:a9:92:54:d0:2a:e4:58:28:d8:
52:50:57:dc:17:b8:8f:83:96:ab:68:3a:43:3f:8e:04:73:25:
27:7a:78:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzId74POCIDOZlyyMm9hU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NTg1MWQ2YzMyNTdmMjE4NDUxYTI1OGE4ZTliOTQ5NDcz
MzRlMTAwHhcNMjMwMTAyMTUzNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjdhZDE5N2U3ZjFiNzE0MjA4MThhNzdjYjgxYzkxMmY2Y2Y3NTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtLOajhvbHAisU/N3miLCA1xMbp5
BGh46xyfedIgkoKNUJupYanpxusjaybedBfxtG0+CWFk+iV3NTlvs3IbHVhqkbrq
L4pPYu2G+GWGt1SuSFNL+vVkxqRSBrxRCEHBfBpTcRrcWzfqPpCnbRIjF/GRRmbM
oAO56w1+PV+x0Wiio2rnrYl9DSa83OTXLW3CqhTrz9w/UXWp1YjyHd/vh5Od9iiY
bFhiCUA+AwVGwLl6cicYWWrNHNVBnyTWsH+E46o82C2z40DYLNfrg2q4M4T0L6Tc
BO6VBt322qQSpvKJbP9P49hd0fExQ2qel2kH63OfIwOo2Wsl9sHw49m0JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCZ60Zfn8bcUIIGKd8uByRL2z3V9MB8GA1UdIwQY
MBaAFIlYUdbDJX8hhFGiWKjpuUlHM04QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVZoUjFzTWxmeUdFVWFKWXFPbTVTVWN6VGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80YTdjZGYtYzc1MC00YmE0LTkwNjAt
NWY3OWRiY2Y1ZGRkLzEvSm5yUmwtZnh0eFFnZ1lwM3k0SEpFdmJQZFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80YTdjZGYtYzc1MC00YmE0LTkwNjAtNWY3OWRiY2Y1ZGRk
LzEvaVZoUjFzTWxmeUdFVWFKWXFPbTVTVWN6VGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCT6uoMA0G
CSqGSIb3DQEBCwUAA4IBAQALedUY9FM3RvBaTpjGr6VbzfC1emskYR0XtFVau+BJ
T6FXN80MUHProKZEs1r1nAd5atrVS//9y2PJSjHebEnILfKl2un3t72hSRW6L5x1
GmNoAxTt37G03sfN4wuYJvVED3p2LPlzJ4pcpIyJZtgZBdrBmHsyi+8IBNwQnj/R
0l0Cpjz9c6kwLXAJujyqKcOQZYwjedDKJykgpZjTjlileJq3Fibs+hQtrdxzUjSx
sTisc7zaYp/EdNDfcKEPc3N5pUeltvS/JzBuXSBJ/s55SZVFpWxy9GlSHMaC1Ntl
nS2pklTQKuRYKNhSUFfcF7iPg5araDpDP44EcyUnenh4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:33 2023 by rpki-client on console-fra.rpki-client.org