Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/JWUIXrSdOCj5xNEJB7WaC9SdWzg.roa
File: JWUIXrSdOCj5xNEJB7WaC9SdWzg.roa (raw, json)
Hash identifier: ngSDhOER2jYyWUl5gHGybNgkiq3XMBZsWILPPmbvLbw=
Subject key identifier: 25:65:08:5E:B4:9D:38:28:F9:C4:D1:09:07:B5:9A:0B:D4:9D:5B:38
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 29F7D7F9
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/JWUIXrSdOCj5xNEJB7WaC9SdWzg.roa
Signing time: Sat 01 Jan 2022 13:54:30 +0000
ROA not before: Sat 01 Jan 2022 13:54:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208604
IP address blocks: 188.68.6.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 704108537 (0x29f7d7f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Jan 1 13:54:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2565085eb49d3828f9c4d10907b59a0bd49d5b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:89:24:fd:91:35:b1:a2:6c:26:8d:85:a7:7f:
1a:c1:5c:20:2a:c8:53:d1:78:32:ad:82:6c:4e:fc:
9f:77:9f:89:53:a5:41:5f:33:fd:75:0e:69:e5:9c:
fc:30:48:92:c9:e4:fa:10:61:67:4e:07:f8:83:26:
e4:fd:82:9d:04:bf:b5:5c:ea:04:17:11:57:3a:67:
aa:bd:2d:30:5f:46:44:a0:eb:3a:b9:af:f1:ca:c9:
76:21:11:bf:4e:a3:84:4e:d1:c1:e6:b6:35:ac:d0:
c4:5d:92:c3:23:f5:99:a2:e3:62:97:aa:77:82:01:
aa:07:7b:0c:63:79:e2:e2:56:59:d2:4f:0c:0f:59:
5b:dc:8f:fe:a1:a9:8a:e2:0c:0a:82:67:fc:76:06:
82:8e:28:6a:0b:a1:f5:33:86:0f:e9:b4:57:e0:3e:
9f:f2:17:80:1f:67:58:de:39:dc:5b:52:b3:bd:f1:
23:88:ac:8b:09:ec:df:a4:f5:5c:5b:83:a1:0b:83:
7a:e9:79:4d:06:5f:d5:d5:33:85:21:9f:de:ff:51:
bb:fc:dc:6f:19:8e:16:5b:31:a9:85:7a:f2:a5:fa:
4e:45:28:9c:38:08:f8:ce:8d:bc:c6:ed:f6:86:05:
9d:60:ef:51:4b:84:a8:bd:cc:bc:50:45:7c:90:54:
2c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:65:08:5E:B4:9D:38:28:F9:C4:D1:09:07:B5:9A:0B:D4:9D:5B:38
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/JWUIXrSdOCj5xNEJB7WaC9SdWzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.68.6.0/24
Signature Algorithm: sha256WithRSAEncryption
36:12:26:19:be:2c:8e:20:55:7c:fa:08:cd:94:d8:56:fe:d6:
72:c4:01:7d:13:11:84:b2:d8:c2:4e:ea:77:ad:f3:e1:90:99:
2b:02:af:1f:2e:ca:d7:a5:8c:cc:6f:67:d8:38:71:eb:33:73:
bb:fd:e2:58:8c:a6:49:4d:9e:ad:86:c2:c8:b0:86:cb:e7:76:
7f:79:b6:cc:97:51:d1:de:f8:84:83:7f:d1:90:27:52:56:af:
05:3d:00:e2:d7:d5:df:22:e1:3f:2c:ad:e5:ee:5d:dc:fb:0b:
b4:61:85:be:60:91:57:63:71:f3:03:a9:6b:39:70:80:94:08:
f7:31:72:1f:6c:4c:c6:87:4b:33:2b:a8:58:59:98:c2:26:46:
19:15:50:49:61:a6:ac:95:7d:ff:ca:17:e5:31:44:c6:d8:16:
ec:1e:31:98:8b:32:a2:0b:7a:cc:4f:9e:7b:4d:7b:e0:90:60:
8c:18:84:13:b4:c5:59:b2:35:eb:5a:9b:50:6b:5c:b1:53:6c:
68:96:c6:4a:63:6d:88:2b:12:5c:7f:c3:c3:86:31:bc:8e:0d:
c9:f8:37:3b:2d:1f:6c:bc:42:81:f9:02:0b:46:ef:7b:fc:c2:
ce:01:fe:26:7c:f1:3a:c8:21:b2:0e:eb:95:15:9a:eb:21:7f:
19:70:7d:5e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKffX+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDQ1ZGFjYzgzNzc5OGMzZTZjZjMxZjRkMjc5NDZhMzNiMGRlNjYxMB4XDTIyMDEw
MTEzNTQzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjU2NTA4NWViNDlk
MzgyOGY5YzRkMTA5MDdiNTlhMGJkNDlkNWIzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMWJJP2RNbGibCaNhad/GsFcICrIU9F4Mq2CbE78n3efiVOl
QV8z/XUOaeWc/DBIksnk+hBhZ04H+IMm5P2CnQS/tVzqBBcRVzpnqr0tMF9GRKDr
Ormv8crJdiERv06jhE7Rwea2NazQxF2SwyP1maLjYpeqd4IBqgd7DGN54uJWWdJP
DA9ZW9yP/qGpiuIMCoJn/HYGgo4oaguh9TOGD+m0V+A+n/IXgB9nWN453FtSs73x
I4isiwns36T1XFuDoQuDeul5TQZf1dUzhSGf3v9Ru/zcbxmOFlsxqYV68qX6TkUo
nDgI+M6NvMbt9oYFnWDvUUuEqL3MvFBFfJBULHsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQlZQhetJ04KPnE0QkHtZoL1J1bODAfBgNVHSMEGDAWgBQQRdrMg3eYw+bP
MfTSeUajOw3mYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VFWGF6SU4zbU1QbXp6SDAwbmxHb3pzTjVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8x
L0pXVUlYclNkT0NqNXhORUpCN1dhQzlTZFd6Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8xL0VFWGF6SU4zbU1Q
bXp6SDAwbmxHb3pzTjVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALxEBjANBgkqhkiG9w0BAQsFAAOC
AQEANhImGb4sjiBVfPoIzZTYVv7WcsQBfRMRhLLYwk7qd63z4ZCZKwKvHy7K16WM
zG9n2Dhx6zNzu/3iWIymSU2erYbCyLCGy+d2f3m2zJdR0d74hIN/0ZAnUlavBT0A
4tfV3yLhPyyt5e5d3PsLtGGFvmCRV2Nx8wOpazlwgJQI9zFyH2xMxodLMyuoWFmY
wiZGGRVQSWGmrJV9/8oX5TFExtgW7B4xmIsyogt6zE+ee0174JBgjBiEE7TFWbI1
61qbUGtcsVNsaJbGSmNtiCsSXH/Dw4YxvI4Nyfg3Oy0fbLxCgfkCC0bve/zCzgH+
JnzxOsghsg7rlRWa6yF/GXB9Xg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:19 2023 by rpki-client on console-fra.rpki-client.org