Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/j9JA83GCPkYEwbbImb2U_EWUsGc.roa
File: j9JA83GCPkYEwbbImb2U_EWUsGc.roa (raw, json)
Hash identifier: qclXNuxeDTg4nAFbK7HL/y/EJamkWgOzpRbazc7XBqo=
Subject key identifier: 8F:D2:40:F3:71:82:3E:46:04:C1:B6:C8:99:BD:94:FC:45:94:B0:67
Certificate issuer: /CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Certificate serial: 29F46058
Authority key identifier: 10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/j9JA83GCPkYEwbbImb2U_EWUsGc.roa
Signing time: Sat 01 Jan 2022 13:54:29 +0000
ROA not before: Sat 01 Jan 2022 13:54:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201302
IP address blocks: 95.85.85.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 703881304 (0x29f46058)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1045dacc837798c3e6cf31f4d27946a33b0de661
Validity
Not Before: Jan 1 13:54:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8fd240f371823e4604c1b6c899bd94fc4594b067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6e:1b:4a:af:63:58:49:3a:c3:6a:fd:81:11:
a4:4d:f4:17:c0:6c:46:22:f9:c2:b7:cd:31:5e:aa:
89:ee:3e:e6:d0:1a:b0:4b:5f:ef:85:43:39:d7:7a:
62:29:ec:23:fc:b8:99:a4:34:7f:b9:89:62:f0:cc:
0e:8f:e4:b2:e7:ac:f9:f5:c7:78:ba:85:5a:7a:10:
cc:ee:31:2f:f4:e1:ae:50:3b:64:38:39:af:6d:c6:
64:16:30:ca:1e:ac:52:65:25:4e:24:5e:2b:5c:88:
5c:bb:aa:82:50:03:c3:d1:51:c9:c3:27:e6:7b:d1:
cb:ab:49:44:9a:4e:ac:44:f8:d1:a8:18:c8:9c:d4:
f0:90:57:c4:fa:c8:a7:55:26:e4:3f:69:79:fb:21:
21:fa:a0:1a:6c:25:f0:c4:76:06:ef:bd:da:53:43:
37:a9:04:0b:cf:9c:9f:04:ee:b1:5d:30:ec:04:cb:
2b:fc:80:ae:74:64:29:90:52:a5:4f:dc:c4:fd:5f:
a7:36:82:64:17:72:b3:1e:cd:17:bf:f9:d4:3f:34:
13:81:94:95:45:a7:f0:97:bc:20:3e:d6:0f:9b:c0:
db:9a:fc:c6:24:fb:99:36:aa:b0:10:50:3a:4f:c8:
64:8e:b0:f7:ff:45:c7:e6:d0:2b:ac:54:2d:5d:61:
11:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D2:40:F3:71:82:3E:46:04:C1:B6:C8:99:BD:94:FC:45:94:B0:67
X509v3 Authority Key Identifier:
keyid:10:45:DA:CC:83:77:98:C3:E6:CF:31:F4:D2:79:46:A3:3B:0D:E6:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EEXazIN3mMPmzzH00nlGozsN5mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/j9JA83GCPkYEwbbImb2U_EWUsGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/266caf-3b43-49e0-b6e1-9c174e53e4fe/1/EEXazIN3mMPmzzH00nlGozsN5mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.85.85.0/24
Signature Algorithm: sha256WithRSAEncryption
88:0e:08:b4:28:ee:f0:28:63:28:96:58:6c:21:4a:16:ad:a3:
9b:d5:fc:85:4b:dd:ca:a8:9f:4b:87:3a:68:14:a9:42:15:2b:
52:47:14:1a:c3:c3:0d:35:3f:2c:f8:7c:e2:53:a7:37:4e:e2:
3c:8b:77:5a:b6:db:fc:f8:ea:8b:ea:67:96:45:d2:26:1f:19:
a0:b8:b0:32:ef:ee:71:9d:3a:22:74:29:72:dd:2b:38:06:a9:
81:0b:b0:3e:60:5e:60:35:1b:31:fd:aa:93:54:a1:ae:0a:fa:
5c:5f:2e:20:58:0a:79:e7:d8:91:a3:ea:ea:b4:61:05:ad:bf:
93:cb:ce:26:4e:84:9d:24:01:9a:01:c0:9f:59:65:12:0c:75:
41:29:e5:bf:17:27:71:1f:1b:74:24:96:65:a5:bd:a3:8b:73:
a6:47:24:62:8e:8d:0c:81:38:af:97:3d:61:7e:71:7e:a9:2d:
6d:60:6f:8f:e8:98:3f:89:b0:c3:82:04:6d:f5:c9:eb:e9:50:
35:d7:fe:9f:6c:6b:f9:74:f2:74:d1:13:a1:58:89:be:d7:61:
54:0c:12:4c:64:04:c9:d6:e7:df:fd:8f:e6:d4:07:08:18:69:
14:1a:af:f0:33:a8:9d:00:7a:36:63:b4:1b:2a:38:2d:28:fc:
d8:39:38:50
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKfRgWDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDQ1ZGFjYzgzNzc5OGMzZTZjZjMxZjRkMjc5NDZhMzNiMGRlNjYxMB4XDTIyMDEw
MTEzNTQyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGZkMjQwZjM3MTgy
M2U0NjA0YzFiNmM4OTliZDk0ZmM0NTk0YjA2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKVuG0qvY1hJOsNq/YERpE30F8BsRiL5wrfNMV6qie4+5tAa
sEtf74VDOdd6YinsI/y4maQ0f7mJYvDMDo/ksues+fXHeLqFWnoQzO4xL/ThrlA7
ZDg5r23GZBYwyh6sUmUlTiReK1yIXLuqglADw9FRycMn5nvRy6tJRJpOrET40agY
yJzU8JBXxPrIp1Um5D9pefshIfqgGmwl8MR2Bu+92lNDN6kEC8+cnwTusV0w7ATL
K/yArnRkKZBSpU/cxP1fpzaCZBdysx7NF7/51D80E4GUlUWn8Je8ID7WD5vA25r8
xiT7mTaqsBBQOk/IZI6w9/9Fx+bQK6xULV1hEVsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSP0kDzcYI+RgTBtsiZvZT8RZSwZzAfBgNVHSMEGDAWgBQQRdrMg3eYw+bP
MfTSeUajOw3mYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VFWGF6SU4zbU1QbXp6SDAwbmxHb3pzTjVtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8x
L2o5SkE4M0dDUGtZRXdiYkltYjJVX0VXVXNHYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MjY2Y2FmLTNiNDMtNDllMC1iNmUxLTljMTc0ZTUzZTRmZS8xL0VFWGF6SU4zbU1Q
bXp6SDAwbmxHb3pzTjVtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF9VVTANBgkqhkiG9w0BAQsFAAOC
AQEAiA4ItCju8ChjKJZYbCFKFq2jm9X8hUvdyqifS4c6aBSpQhUrUkcUGsPDDTU/
LPh84lOnN07iPIt3Wrbb/Pjqi+pnlkXSJh8ZoLiwMu/ucZ06InQpct0rOAapgQuw
PmBeYDUbMf2qk1Shrgr6XF8uIFgKeefYkaPq6rRhBa2/k8vOJk6EnSQBmgHAn1ll
Egx1QSnlvxcncR8bdCSWZaW9o4tzpkckYo6NDIE4r5c9YX5xfqktbWBvj+iYP4mw
w4IEbfXJ6+lQNdf+n2xr+XTydNEToViJvtdhVAwSTGQEydbn3/2P5tQHCBhpFBqv
8DOonQB6NmO0Gyo4LSj82Dk4UA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:13 2023 by rpki-client on console-ams.rpki-client.org