Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/a9e8a6-1cf2-4c87-b49a-5228823fb97b/1/3eAMaQSjrBbvQgRQ-L1WO7aayow.roa
File: 3eAMaQSjrBbvQgRQ-L1WO7aayow.roa (raw, json)
Hash identifier: /K3hjeLTRLGIPopSaYi6uIy8Lksp6QjFg9KWCWvEvkY=
Subject key identifier: DD:E0:0C:69:04:A3:AC:16:EF:42:04:50:F8:BD:56:3B:B6:9A:CA:8C
Certificate issuer: /CN=839d363b28f1c9084e1c1986876bb409b79a138c
Certificate serial: 053765
Authority key identifier: 83:9D:36:3B:28:F1:C9:08:4E:1C:19:86:87:6B:B4:09:B7:9A:13:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g502OyjxyQhOHBmGh2u0CbeaE4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/a9e8a6-1cf2-4c87-b49a-5228823fb97b/1/3eAMaQSjrBbvQgRQ-L1WO7aayow.roa
Signing time: Sat 29 Jan 2022 19:34:55 +0000
ROA not before: Sat 29 Jan 2022 19:34:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399641
IP address blocks: 94.45.166.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 341861 (0x53765)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=839d363b28f1c9084e1c1986876bb409b79a138c
Validity
Not Before: Jan 29 19:34:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dde00c6904a3ac16ef420450f8bd563bb69aca8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:81:40:84:b4:94:72:09:d5:66:06:ef:9d:ae:
db:06:f4:4c:d0:16:19:25:c3:e9:1b:6c:f8:97:0f:
da:6a:ad:c6:67:a6:ca:84:f7:90:a5:77:17:fb:76:
e0:99:bb:12:80:ba:c7:ba:05:65:8c:86:13:92:d6:
fb:d3:21:62:2b:94:e8:c3:f4:01:4e:2e:de:8f:60:
fc:05:50:a2:40:4f:68:64:61:c1:17:c1:bd:cd:a4:
bb:0a:92:ed:b3:dd:39:d5:c3:39:e9:86:16:bb:4e:
6d:6a:5c:82:89:50:77:67:73:5e:14:fb:bb:54:1c:
1d:3c:c1:c1:e1:bf:92:e5:15:d3:d3:56:7f:3c:92:
5f:e5:9f:7d:27:95:af:ca:38:41:47:31:2f:4b:0c:
a2:f1:5e:f2:b4:43:d8:ff:aa:b4:ae:97:7b:af:4d:
d8:22:19:ab:a3:18:4e:b8:e2:65:26:9e:f3:c9:a5:
dd:e9:a3:7a:25:e8:f1:26:a4:54:a8:b7:8e:52:f5:
1f:0e:e4:c1:33:81:79:1f:32:31:1e:c1:14:62:54:
26:ef:d4:bc:aa:02:84:e9:55:d1:5a:0f:ad:e9:c5:
2b:77:9f:05:d4:58:a7:bb:e3:9e:7e:f4:1c:31:c2:
6e:c5:2e:30:85:93:5b:cd:21:81:4c:5f:0d:5c:19:
21:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:E0:0C:69:04:A3:AC:16:EF:42:04:50:F8:BD:56:3B:B6:9A:CA:8C
X509v3 Authority Key Identifier:
keyid:83:9D:36:3B:28:F1:C9:08:4E:1C:19:86:87:6B:B4:09:B7:9A:13:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g502OyjxyQhOHBmGh2u0CbeaE4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a9e8a6-1cf2-4c87-b49a-5228823fb97b/1/3eAMaQSjrBbvQgRQ-L1WO7aayow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/a9e8a6-1cf2-4c87-b49a-5228823fb97b/1/g502OyjxyQhOHBmGh2u0CbeaE4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.45.166.0/24
Signature Algorithm: sha256WithRSAEncryption
30:23:09:0f:ff:52:23:e0:75:b5:d3:8f:64:52:86:2a:8e:9b:
bc:ce:1f:1e:34:5e:ac:90:55:22:da:d8:e2:52:88:57:ec:87:
cd:bf:44:74:1a:26:2e:20:da:e3:7c:b9:e7:7f:1b:74:f2:2a:
95:a1:73:3c:2a:d7:79:c6:13:23:6d:ab:94:7e:77:e2:ad:35:
43:af:02:5b:30:59:13:56:1a:d8:3d:de:bf:62:5a:f9:82:eb:
ef:32:ee:a7:c5:45:48:ad:38:5d:5f:9a:b2:da:7d:bc:eb:e9:
f9:df:90:52:19:3d:e6:e5:07:fd:ac:8e:1d:96:c9:47:ae:5c:
c6:de:f2:2e:1a:f5:62:64:7f:25:b0:db:1f:c9:9a:87:c0:b3:
42:01:ce:ea:a7:d0:d3:ce:99:55:88:aa:cd:6a:da:b4:7e:bf:
2f:06:b8:39:40:2c:a9:98:98:4f:44:75:8d:87:03:0e:44:0c:
49:b7:7b:3b:cd:47:b3:ba:10:85:0d:f4:a4:79:96:5e:ca:35:
a3:72:08:b4:c2:e8:b2:32:77:a7:53:a6:71:f1:9d:6b:ce:6c:
ea:f3:e9:df:a8:98:60:27:1d:5c:a5:84:ad:84:b0:9c:07:7a:
a6:df:6b:9f:b5:86:97:7a:36:56:b1:77:1e:62:6f:4a:0e:aa:
e9:40:49:b1
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDBTdlMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDgz
OWQzNjNiMjhmMWM5MDg0ZTFjMTk4Njg3NmJiNDA5Yjc5YTEzOGMwHhcNMjIwMTI5
MTkzNDU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkZGUwMGM2OTA0YTNh
YzE2ZWY0MjA0NTBmOGJkNTYzYmI2OWFjYThjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAi4FAhLSUcgnVZgbvna7bBvRM0BYZJcPpG2z4lw/aaq3GZ6bK
hPeQpXcX+3bgmbsSgLrHugVljIYTktb70yFiK5Tow/QBTi7ej2D8BVCiQE9oZGHB
F8G9zaS7CpLts9051cM56YYWu05talyCiVB3Z3NeFPu7VBwdPMHB4b+S5RXT01Z/
PJJf5Z99J5WvyjhBRzEvSwyi8V7ytEPY/6q0rpd7r03YIhmroxhOuOJlJp7zyaXd
6aN6JejxJqRUqLeOUvUfDuTBM4F5HzIxHsEUYlQm79S8qgKE6VXRWg+t6cUrd58F
1Finu+OefvQcMcJuxS4whZNbzSGBTF8NXBkhDQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFN3gDGkEo6wW70IEUPi9Vju2msqMMB8GA1UdIwQYMBaAFIOdNjso8ckIThwZ
hodrtAm3mhOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZzUwMk95anh5UWhPSEJtR2gydTBDYmVhRTR3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Zi9hOWU4YTYtMWNmMi00Yzg3LWI0OWEtNTIyODgyM2ZiOTdiLzEv
M2VBTWFRU2pyQmJ2UWdSUS1MMVdPN2FheW93LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9h
OWU4YTYtMWNmMi00Yzg3LWI0OWEtNTIyODgyM2ZiOTdiLzEvZzUwMk95anh5UWhP
SEJtR2gydTBDYmVhRTR3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXi2mMA0GCSqGSIb3DQEBCwUAA4IB
AQAwIwkP/1Ij4HW1049kUoYqjpu8zh8eNF6skFUi2tjiUohX7IfNv0R0GiYuINrj
fLnnfxt08iqVoXM8Ktd5xhMjbauUfnfirTVDrwJbMFkTVhrYPd6/Ylr5guvvMu6n
xUVIrThdX5qy2n286+n535BSGT3m5Qf9rI4dlslHrlzG3vIuGvViZH8lsNsfyZqH
wLNCAc7qp9DTzplViKrNatq0fr8vBrg5QCypmJhPRHWNhwMORAxJt3s7zUezuhCF
DfSkeZZeyjWjcgi0wuiyMnenU6Zx8Z1rzmzq8+nfqJhgJx1cpYSthLCcB3qm32uf
tYaXejZWsXceYm9KDqrpQEmx
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:51 2023 by rpki-client on console-fra.rpki-client.org