Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/Jx2_QzTkkXanszkEszb_40BHlfg.roa
File: Jx2_QzTkkXanszkEszb_40BHlfg.roa (raw, json)
Hash identifier: A1/PmK1HAn/w4wt9120bIlsRCNsIwIx4Qd6PF8E1Z30=
Subject key identifier: 27:1D:BF:43:34:E4:91:76:A7:B3:39:04:B3:36:FF:E3:40:47:95:F8
Certificate issuer: /CN=39019f9c0ab29b42e0db12e9ac87b327bfc55af9
Certificate serial: 091292A5
Authority key identifier: 39:01:9F:9C:0A:B2:9B:42:E0:DB:12:E9:AC:87:B3:27:BF:C5:5A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/Jx2_QzTkkXanszkEszb_40BHlfg.roa
Signing time: Thu 12 May 2022 10:44:03 +0000
ROA not before: Thu 12 May 2022 10:44:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13238
IP address blocks: 2a0e:fd87::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152212133 (0x91292a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39019f9c0ab29b42e0db12e9ac87b327bfc55af9
Validity
Not Before: May 12 10:44:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=271dbf4334e49176a7b33904b336ffe3404795f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:08:87:77:be:d0:66:38:db:a6:a6:a9:06:f4:
29:60:ca:1b:d1:13:98:39:3b:6b:66:5f:42:a9:41:
cc:e9:5e:6c:04:ba:79:51:02:c0:1a:00:64:e3:47:
94:d3:63:85:1d:f2:20:1d:08:03:44:4d:b5:da:1f:
fb:f2:9a:b6:86:b0:b3:2b:1f:93:29:7b:8e:bd:34:
e3:07:6b:fe:3b:19:00:09:ec:a1:89:c1:2b:8d:2a:
60:fb:b4:88:eb:7d:af:2b:53:3e:f5:f8:9b:ec:14:
86:ea:88:4f:87:34:3d:05:9a:5f:6b:8f:b7:cf:f7:
9b:75:7c:7b:f1:0e:b0:bd:61:eb:8d:a1:ad:70:c3:
ca:a4:b0:12:56:46:c6:11:78:4b:48:0b:4d:0b:85:
e5:39:54:f5:41:42:71:ac:71:91:f5:bc:0e:85:be:
1e:54:6c:b3:d5:b3:e0:f9:04:b8:6b:1d:01:ea:88:
16:ca:c5:de:d4:a0:f7:19:cd:f7:3e:b9:0f:50:b0:
c8:bc:cc:8a:4e:74:11:a7:3f:1b:3d:04:9e:99:cf:
fb:db:ca:f0:2f:09:12:05:45:da:52:24:fd:dd:a6:
22:6e:57:f8:d4:6c:e1:0e:b4:ee:ea:b8:21:b7:26:
c0:3c:4b:7c:c6:01:61:18:42:58:69:e8:13:91:0d:
f7:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:1D:BF:43:34:E4:91:76:A7:B3:39:04:B3:36:FF:E3:40:47:95:F8
X509v3 Authority Key Identifier:
keyid:39:01:9F:9C:0A:B2:9B:42:E0:DB:12:E9:AC:87:B3:27:BF:C5:5A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/Jx2_QzTkkXanszkEszb_40BHlfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:fd87::/32
Signature Algorithm: sha256WithRSAEncryption
03:e0:02:08:85:43:e2:c2:4f:2e:36:9c:69:e4:7c:6e:f3:c3:
81:87:9a:3d:73:22:6b:dc:b3:59:f2:de:9e:e4:4f:bb:0b:b0:
86:48:8d:1d:41:96:6d:58:ba:cf:ae:85:fc:fa:b9:70:06:53:
ca:65:3a:ea:ad:2c:7b:86:0f:1e:7c:0f:16:59:57:89:41:8b:
cb:a1:62:dd:ad:fd:81:8a:c5:78:ec:02:38:31:23:37:43:f6:
5d:d3:8d:53:ab:94:16:da:8c:f3:e1:96:7b:84:11:b5:e9:35:
35:40:88:8b:a5:8a:73:cd:f4:94:94:7f:46:fa:28:b8:3e:e3:
2b:a7:c0:00:a4:34:19:12:cf:c2:99:57:ed:cd:32:b1:7a:8e:
e7:a0:89:6c:a7:aa:de:73:48:fb:fe:92:50:48:29:d0:67:21:
ca:d8:e4:27:7f:ba:87:53:dc:b9:d1:aa:b7:a4:7b:5a:44:f8:
a2:cf:4c:63:1c:2b:89:36:0c:96:0f:68:f9:fe:7a:d1:ad:50:
9a:3e:d5:dd:96:33:6d:67:26:80:a3:fe:d7:81:f0:c5:b7:8f:
4f:a7:db:7f:7e:c1:53:94:67:2e:e8:9c:7c:49:68:bc:bd:75:
17:93:1f:8a:5f:56:0f:e3:e1:63:6c:ad:d1:56:3d:b8:d4:2f:
b1:78:e5:db
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECRKSpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OTAxOWY5YzBhYjI5YjQyZTBkYjEyZTlhYzg3YjMyN2JmYzU1YWY5MB4XDTIyMDUx
MjEwNDQwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjcxZGJmNDMzNGU0
OTE3NmE3YjMzOTA0YjMzNmZmZTM0MDQ3OTVmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIIh3e+0GY426amqQb0KWDKG9ETmDk7a2ZfQqlBzOlebAS6
eVECwBoAZONHlNNjhR3yIB0IA0RNtdof+/Katoawsysfkyl7jr004wdr/jsZAAns
oYnBK40qYPu0iOt9rytTPvX4m+wUhuqIT4c0PQWaX2uPt8/3m3V8e/EOsL1h642h
rXDDyqSwElZGxhF4S0gLTQuF5TlU9UFCcaxxkfW8DoW+HlRss9Wz4PkEuGsdAeqI
FsrF3tSg9xnN9z65D1CwyLzMik50Eac/Gz0EnpnP+9vK8C8JEgVF2lIk/d2mIm5X
+NRs4Q607uq4IbcmwDxLfMYBYRhCWGnoE5EN9wECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQnHb9DNOSRdqezOQSzNv/jQEeV+DAfBgNVHSMEGDAWgBQ5AZ+cCrKbQuDb
Eumsh7Mnv8Va+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09RR2ZuQXF5bTBMZzJ4THBySWV6SjdfRld2ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvNDMwYzgxLWVlNGItNGU4OC1hMzZmLTc4OGY1YTU4MDQ0Zi8x
L0p4Ml9RelRra1hhbnN6a0VzemJfNDBCSGxmZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
NDMwYzgxLWVlNGItNGU4OC1hMzZmLTc4OGY1YTU4MDQ0Zi8xL09RR2ZuQXF5bTBM
ZzJ4THBySWV6SjdfRld2ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoO/YcwDQYJKoZIhvcNAQELBQAD
ggEBAAPgAgiFQ+LCTy42nGnkfG7zw4GHmj1zImvcs1ny3p7kT7sLsIZIjR1Blm1Y
us+uhfz6uXAGU8plOuqtLHuGDx58DxZZV4lBi8uhYt2t/YGKxXjsAjgxIzdD9l3T
jVOrlBbajPPhlnuEEbXpNTVAiIulinPN9JSUf0b6KLg+4yunwACkNBkSz8KZV+3N
MrF6juegiWynqt5zSPv+klBIKdBnIcrY5Cd/uodT3LnRqreke1pE+KLPTGMcK4k2
DJYPaPn+etGtUJo+1d2WM21nJoCj/teB8MW3j0+n239+wVOUZy7onHxJaLy9dReT
H4pfVg/j4WNsrdFWPbjUL7F45ds=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:22 2024 by rpki-client on console-fra.rpki-client.org