Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/JKBflARmJ34B2jka1mCDx1XBCUQ.roa
File: JKBflARmJ34B2jka1mCDx1XBCUQ.roa (raw, json)
Hash identifier: r9L+ROn73Wbed7xM+bA3RbEOGxFGj7oTq9G4X2brk+0=
Subject key identifier: 24:A0:5F:94:04:66:27:7E:01:DA:39:1A:D6:60:83:C7:55:C1:09:44
Certificate issuer: /CN=dbcc2bbaf3e0d4342a014f8b70f873cee9a8cac5
Certificate serial: 018CC870A65C199B98C2F0A31D6B9DEEDD4E
Authority key identifier: DB:CC:2B:BA:F3:E0:D4:34:2A:01:4F:8B:70:F8:73:CE:E9:A8:CA:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28wruvPg1DQqAU-LcPhzzumoysU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/JKBflARmJ34B2jka1mCDx1XBCUQ.roa
Signing time: Tue 02 Jan 2024 04:31:14 +0000
ROA not before: Tue 02 Jan 2024 04:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204922
IP address blocks: 193.16.234.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:a6:5c:19:9b:98:c2:f0:a3:1d:6b:9d:ee:dd:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbcc2bbaf3e0d4342a014f8b70f873cee9a8cac5
Validity
Not Before: Jan 2 04:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=24a05f940466277e01da391ad66083c755c10944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:52:1c:c0:cc:ac:0e:da:45:f2:ae:2c:d2:29:
73:59:f0:23:2b:78:2b:9e:11:7b:dd:1e:8b:b8:98:
87:21:32:b3:9f:cb:4f:d7:b8:60:5b:26:3c:7f:5e:
da:56:5c:f7:b7:b8:07:56:e3:be:71:a8:87:40:5f:
19:b8:62:f2:1d:53:75:49:c7:ff:dc:25:e5:d0:cd:
45:dc:3b:8d:07:9a:30:b8:b6:d2:6f:a6:53:4b:d2:
a5:79:9f:a8:89:f5:7f:8d:e4:14:5e:32:e3:e6:31:
a9:94:62:9a:21:b1:d3:89:0c:9d:2d:e3:69:ed:ac:
12:f1:d5:45:9f:2f:17:c2:a6:5e:f7:04:92:73:4e:
2c:45:95:bb:30:43:11:fc:e5:6f:62:c5:8c:cb:8e:
f4:99:06:d7:cb:d8:61:2d:4b:3e:01:d0:e8:08:e3:
9f:81:39:8a:a4:d7:44:c4:89:ee:a3:2e:7d:a0:6e:
c4:ea:ee:32:dc:f7:84:0b:75:8a:27:19:dd:71:c4:
1c:f4:fc:19:bb:6e:1e:a7:5d:1a:78:ff:61:92:50:
5a:47:0f:f7:9b:27:03:93:da:a7:c0:8f:a2:c6:78:
9b:22:c1:da:a4:0d:e1:c2:54:9b:fb:bc:d8:6a:57:
cf:1b:45:38:f5:00:7f:8f:ef:ed:b9:7e:e4:e4:83:
22:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A0:5F:94:04:66:27:7E:01:DA:39:1A:D6:60:83:C7:55:C1:09:44
X509v3 Authority Key Identifier:
keyid:DB:CC:2B:BA:F3:E0:D4:34:2A:01:4F:8B:70:F8:73:CE:E9:A8:CA:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28wruvPg1DQqAU-LcPhzzumoysU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/JKBflARmJ34B2jka1mCDx1XBCUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/28wruvPg1DQqAU-LcPhzzumoysU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.234.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:fb:a3:7e:3d:5b:8a:0f:56:31:29:aa:4f:9f:8e:6a:b2:90:
b5:00:b8:09:65:0e:1b:ab:b8:c4:26:85:c4:74:7c:31:1a:a9:
36:d3:aa:4b:a5:87:26:3a:22:a9:33:df:59:d1:6a:e5:96:19:
1f:ea:9c:ab:c6:f7:0a:69:0a:1b:52:c7:02:8a:c9:c5:e8:a5:
95:6a:97:fa:43:01:c6:ff:2b:ca:f5:32:7a:5c:46:dd:e4:e3:
bb:b4:27:7a:f8:6a:3d:f7:bd:ee:8f:6d:26:65:a0:8b:34:82:
2f:28:df:89:0a:a4:a2:0b:b1:b7:30:76:00:cf:ca:a9:17:4a:
6d:93:f3:29:bb:90:9a:aa:8c:76:80:98:82:52:0a:0e:65:cd:
98:90:7f:55:06:12:c6:db:ab:52:ba:93:09:83:dc:df:8f:e4:
dc:0c:a1:75:9c:34:5d:29:af:09:4a:20:d6:ae:75:cd:a1:98:
95:61:39:11:e2:8c:17:76:f9:ab:b2:2d:3c:bd:06:75:b5:ee:
0e:6a:a0:81:f1:fd:71:a2:85:15:88:89:51:13:99:26:f7:37:
6a:4c:80:79:43:74:46:c3:58:9a:78:04:9e:98:25:e2:a5:5a:
09:26:74:26:2a:e0:98:82:c8:c7:1b:f4:d9:99:c1:31:12:e8:
35:95:c6:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcKZcGZuYwvCjHWud7t1OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiY2MyYmJhZjNlMGQ0MzQyYTAxNGY4YjcwZjg3M2NlZTlh
OGNhYzUwHhcNMjQwMTAyMDQzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGEwNWY5NDA0NjYyNzdlMDFkYTM5MWFkNjYwODNjNzU1YzEwOTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1IcwMysDtpF8q4s0ilzWfAjK3gr
nhF73R6LuJiHITKzn8tP17hgWyY8f17aVlz3t7gHVuO+caiHQF8ZuGLyHVN1Scf/
3CXl0M1F3DuNB5owuLbSb6ZTS9KleZ+oifV/jeQUXjLj5jGplGKaIbHTiQydLeNp
7awS8dVFny8XwqZe9wSSc04sRZW7MEMR/OVvYsWMy470mQbXy9hhLUs+AdDoCOOf
gTmKpNdExInuoy59oG7E6u4y3PeEC3WKJxndccQc9PwZu24ep10aeP9hklBaRw/3
mycDk9qnwI+ixnibIsHapA3hwlSb+7zYalfPG0U49QB/j+/tuX7k5IMiSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCSgX5QEZid+Ado5GtZgg8dVwQlEMB8GA1UdIwQY
MBaAFNvMK7rz4NQ0KgFPi3D4c87pqMrFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjh3cnV2UGcxRFFxQVUtTGNQaHp6dW1veXNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC80MTRlZjQtNGMxZi00MjU2LTg4Yzkt
ZjRkNWU4NGFjMWRkLzEvSktCZmxBUm1KMzRCMmprYTFtQ0R4MVhCQ1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC80MTRlZjQtNGMxZi00MjU2LTg4YzktZjRkNWU4NGFjMWRk
LzEvMjh3cnV2UGcxRFFxQVUtTGNQaHp6dW1veXNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRDqMA0G
CSqGSIb3DQEBCwUAA4IBAQAP+6N+PVuKD1YxKapPn45qspC1ALgJZQ4bq7jEJoXE
dHwxGqk206pLpYcmOiKpM99Z0Wrllhkf6pyrxvcKaQobUscCisnF6KWVapf6QwHG
/yvK9TJ6XEbd5OO7tCd6+Go9973uj20mZaCLNIIvKN+JCqSiC7G3MHYAz8qpF0pt
k/Mpu5Caqox2gJiCUgoOZc2YkH9VBhLG26tSupMJg9zfj+TcDKF1nDRdKa8JSiDW
rnXNoZiVYTkR4owXdvmrsi08vQZ1te4OaqCB8f1xooUViIlRE5km9zdqTIB5Q3RG
w1iaeASemCXipVoJJnQmKuCYgsjHG/TZmcExEug1lcbD
-----END CERTIFICATE-----
Generated at Tue Oct 8 18:03:47 2024 by rpki-client on console-ams.rpki-client.org