Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/KJXG8_S26Mxdo8HTuc7UXhtSNa4.roa
File: KJXG8_S26Mxdo8HTuc7UXhtSNa4.roa (raw, json)
Hash identifier: Mnj+PidFPxhwLXyzN13H7YbZYn7I91pf/LK7rOThUx0=
Subject key identifier: 28:95:C6:F3:F4:B6:E8:CC:5D:A3:C1:D3:B9:CE:D4:5E:1B:52:35:AE
Certificate issuer: /CN=39019f9c0ab29b42e0db12e9ac87b327bfc55af9
Certificate serial: 09133A38
Authority key identifier: 39:01:9F:9C:0A:B2:9B:42:E0:DB:12:E9:AC:87:B3:27:BF:C5:5A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/KJXG8_S26Mxdo8HTuc7UXhtSNa4.roa
Signing time: Thu 12 May 2022 10:44:04 +0000
ROA not before: Thu 12 May 2022 10:44:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44534
IP address blocks: 2a0e:fd87::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152255032 (0x9133a38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39019f9c0ab29b42e0db12e9ac87b327bfc55af9
Validity
Not Before: May 12 10:44:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2895c6f3f4b6e8cc5da3c1d3b9ced45e1b5235ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0c:9c:dd:ea:ad:c5:a1:97:e6:c9:de:02:61:
c0:13:59:ab:af:b2:71:d0:b7:78:1c:61:aa:c5:f8:
3a:b6:6e:e0:61:56:1f:a5:ed:7c:85:c0:36:fd:fd:
f9:c5:c4:8a:97:54:f0:7a:14:15:a2:37:9e:42:e5:
74:07:cc:5b:10:2e:30:02:52:ca:bf:1d:30:58:f6:
c3:54:a7:c0:8f:8d:6a:48:dd:dc:bd:4f:71:cd:8c:
ec:5d:6e:05:90:3d:58:ac:b1:4b:93:9e:01:0e:34:
77:e1:32:3c:00:6b:b1:1c:3d:8b:46:5c:06:f4:cf:
8b:ce:69:ea:6e:03:08:c8:7a:97:d0:6c:f6:4b:e1:
c1:41:a6:3a:92:fd:71:5c:8b:de:fb:c0:7a:32:a4:
11:0a:75:fb:5e:6e:43:c5:ac:34:5e:49:ad:25:39:
6e:90:7e:b8:ff:75:5d:83:30:6a:8d:41:37:dc:b4:
2a:be:1a:6e:20:ea:99:ad:21:f8:33:49:75:69:90:
c6:58:1e:83:ec:c0:85:82:33:de:28:95:b2:03:a7:
b1:01:c0:7e:4e:7c:e4:dc:25:4c:6e:21:d5:2a:16:
d1:02:cd:e1:8f:44:a0:1b:4b:e5:01:81:54:2c:f8:
0e:bd:67:2e:c1:0d:a2:4c:fa:67:1a:54:fe:9b:70:
fc:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:95:C6:F3:F4:B6:E8:CC:5D:A3:C1:D3:B9:CE:D4:5E:1B:52:35:AE
X509v3 Authority Key Identifier:
keyid:39:01:9F:9C:0A:B2:9B:42:E0:DB:12:E9:AC:87:B3:27:BF:C5:5A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/KJXG8_S26Mxdo8HTuc7UXhtSNa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:fd87::/32
Signature Algorithm: sha256WithRSAEncryption
a7:db:41:04:50:77:80:a1:6a:65:bf:ec:91:09:9a:38:6e:02:
c3:8f:d7:89:a5:10:27:00:19:88:f1:30:f7:66:c5:14:f3:07:
b3:c4:5d:e6:ca:1e:d5:40:7e:b4:2f:04:cd:36:24:4c:4b:13:
f8:18:89:81:37:51:61:66:8f:1f:fc:e3:57:29:e6:2d:9e:1f:
4a:46:0d:3f:05:da:42:1d:a9:d1:e0:51:9e:a0:59:ab:25:07:
42:d0:1c:8c:1b:84:12:eb:16:c6:cf:90:d2:c4:47:9e:66:d0:
d9:57:ea:a3:92:a2:5d:95:cb:9b:a3:3f:02:d1:11:c8:5f:af:
ae:ce:7e:4a:48:07:c6:5e:45:b3:34:e4:95:04:bb:ca:fd:9b:
75:4e:34:ca:61:63:fd:2a:ba:35:72:14:59:0a:b4:5c:cd:4c:
f8:07:1e:2c:ae:e7:66:d1:62:cb:2d:14:4f:4b:15:d6:0e:8a:
81:d4:d5:8f:9c:04:ba:4e:d0:db:5b:a5:dc:a2:3c:38:e3:04:
b3:99:f7:d3:df:cc:f2:92:af:8a:09:12:33:f9:41:fc:1d:54:
34:7c:eb:ac:d1:f0:7b:ee:11:3a:9f:87:85:47:e4:30:8e:7a:
ac:1f:99:b9:f9:e3:7c:3a:e5:c9:c1:d1:30:23:7a:6b:d8:1b:
0c:1d:77:35
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECRM6ODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OTAxOWY5YzBhYjI5YjQyZTBkYjEyZTlhYzg3YjMyN2JmYzU1YWY5MB4XDTIyMDUx
MjEwNDQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjg5NWM2ZjNmNGI2
ZThjYzVkYTNjMWQzYjljZWQ0NWUxYjUyMzVhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4MnN3qrcWhl+bJ3gJhwBNZq6+ycdC3eBxhqsX4OrZu4GFW
H6XtfIXANv39+cXEipdU8HoUFaI3nkLldAfMWxAuMAJSyr8dMFj2w1SnwI+Nakjd
3L1Pcc2M7F1uBZA9WKyxS5OeAQ40d+EyPABrsRw9i0ZcBvTPi85p6m4DCMh6l9Bs
9kvhwUGmOpL9cVyL3vvAejKkEQp1+15uQ8WsNF5JrSU5bpB+uP91XYMwao1BN9y0
Kr4abiDqma0h+DNJdWmQxlgeg+zAhYIz3iiVsgOnsQHAfk585NwlTG4h1SoW0QLN
4Y9EoBtL5QGBVCz4Dr1nLsENokz6ZxpU/ptw/BsCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBQolcbz9LbozF2jwdO5ztReG1I1rjAfBgNVHSMEGDAWgBQ5AZ+cCrKbQuDb
Eumsh7Mnv8Va+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09RR2ZuQXF5bTBMZzJ4THBySWV6SjdfRld2ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvNDMwYzgxLWVlNGItNGU4OC1hMzZmLTc4OGY1YTU4MDQ0Zi8x
L0tKWEc4X1MyNk14ZG84SFR1YzdVWGh0U05hNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
NDMwYzgxLWVlNGItNGU4OC1hMzZmLTc4OGY1YTU4MDQ0Zi8xL09RR2ZuQXF5bTBM
ZzJ4THBySWV6SjdfRld2ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoO/YcwDQYJKoZIhvcNAQELBQAD
ggEBAKfbQQRQd4ChamW/7JEJmjhuAsOP14mlECcAGYjxMPdmxRTzB7PEXebKHtVA
frQvBM02JExLE/gYiYE3UWFmjx/841cp5i2eH0pGDT8F2kIdqdHgUZ6gWaslB0LQ
HIwbhBLrFsbPkNLER55m0NlX6qOSol2Vy5ujPwLREchfr67OfkpIB8ZeRbM05JUE
u8r9m3VONMphY/0qujVyFFkKtFzNTPgHHiyu52bRYsstFE9LFdYOioHU1Y+cBLpO
0NtbpdyiPDjjBLOZ99PfzPKSr4oJEjP5QfwdVDR866zR8HvuETqfh4VH5DCOeqwf
mbn543w65cnB0TAjemvYGwwddzU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:14 2024 by rpki-client on console-ams.rpki-client.org