Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/3T7P5lgnhAPTj1m5gOhfAyiuXY4.roa
File: 3T7P5lgnhAPTj1m5gOhfAyiuXY4.roa (raw, json)
Hash identifier: 6VxLfp1iuWls9bJCb1FDNXewhT3lnj4npNf1CKnAoxQ=
Subject key identifier: DD:3E:CF:E6:58:27:84:03:D3:8F:59:B9:80:E8:5F:03:28:AE:5D:8E
Certificate issuer: /CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Certificate serial: 08ED5DA5
Authority key identifier: AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/3T7P5lgnhAPTj1m5gOhfAyiuXY4.roa
Signing time: Thu 30 Jun 2022 09:50:02 +0000
ROA not before: Thu 30 Jun 2022 09:50:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62005
IP address blocks: 193.200.16.0/23 maxlen: 24
45.86.228.0/24 maxlen: 24
45.86.229.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149773733 (0x8ed5da5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Validity
Not Before: Jun 30 09:50:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd3ecfe658278403d38f59b980e85f0328ae5d8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4e:2d:af:f5:43:2e:2d:d6:17:1f:2a:3f:4a:
71:26:8a:f4:f9:e5:83:4b:a0:ec:7e:95:ea:18:7b:
61:e2:aa:4b:a0:7f:0d:3a:3e:34:cd:7c:07:58:e8:
e9:d8:c0:e7:31:da:64:1f:be:2c:75:a2:cd:f1:27:
58:73:6c:30:ee:e1:4b:0c:6a:72:9d:88:4f:54:8c:
61:b9:9c:a8:6f:e1:67:9e:c9:0c:74:89:3f:cb:2c:
07:c2:2f:2e:e9:cb:14:1c:cb:a3:2a:72:c5:26:58:
5d:dd:d4:83:6e:44:aa:94:cf:1f:31:ca:12:8b:5f:
7b:85:61:f3:59:6f:83:d6:ac:91:61:54:6c:b4:f0:
8c:4c:50:3a:96:ba:35:09:78:88:d3:52:ac:12:d3:
4f:86:28:ad:79:61:c6:2d:a0:21:d3:9e:66:e1:65:
3e:ef:cd:b4:34:fc:16:51:ea:a7:a2:22:87:79:30:
f1:70:14:c1:9a:7e:8b:1a:6b:4d:41:30:59:c5:b7:
26:e9:bf:e1:11:24:ce:06:33:16:56:12:0f:0c:ae:
3c:a5:41:8d:f9:10:88:1a:e8:d2:53:96:a3:e7:03:
cf:ef:7a:5d:7b:31:c7:b1:7f:45:8e:78:71:3b:76:
a7:d3:ab:93:63:03:bc:6b:77:e9:06:c8:98:b2:0b:
ec:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:3E:CF:E6:58:27:84:03:D3:8F:59:B9:80:E8:5F:03:28:AE:5D:8E
X509v3 Authority Key Identifier:
keyid:AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/3T7P5lgnhAPTj1m5gOhfAyiuXY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/raJar-Ophw6VJK-gJlmH7VpaTaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.228.0/23
193.200.16.0/23
Signature Algorithm: sha256WithRSAEncryption
82:e1:bd:c5:a1:89:88:78:24:99:d6:24:79:8f:35:a0:2b:64:
57:cd:13:a2:d3:df:44:36:a8:30:44:7e:6f:c5:31:70:60:f3:
bc:52:c8:4a:3c:e6:ac:f1:b4:25:ae:93:94:55:9f:e8:c2:ca:
5b:aa:11:2f:29:2d:85:e0:75:21:2b:52:bc:c3:78:64:f1:63:
9a:ac:20:24:ec:ff:f5:c1:26:ca:24:9e:3c:2b:b8:b1:85:5a:
93:63:56:09:13:5b:6d:0a:ed:9f:0a:d3:d8:ee:f0:1c:b6:63:
96:b5:07:2c:f2:26:f9:a4:90:83:22:db:24:af:06:36:c0:d9:
85:e6:97:16:38:fd:68:67:c6:11:3a:e9:0c:4a:00:41:9f:3a:
24:6a:79:39:26:c2:4c:e2:7e:17:76:16:98:5d:6f:48:a2:b7:
34:f0:9c:fd:31:41:2c:92:ed:0d:a8:1b:2e:eb:8a:ab:6d:3a:
ca:3f:2e:e2:75:e2:06:09:7c:93:64:80:68:80:e2:3f:b6:0b:
76:6f:f3:e0:69:39:22:80:58:b6:cc:e8:1f:f9:46:4f:07:e6:
a7:3f:62:27:eb:2d:51:dd:ff:06:a5:8a:71:c4:12:c2:5f:69:
f1:5c:d3:11:75:25:7f:c2:92:18:f0:d5:5c:ad:ca:75:24:89:
dc:87:dd:9c
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECO1dpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGEyNWFhZmUzYTk4NzBlOTUyNGFmYTAyNjU5ODdlZDVhNWE0ZGEzMB4XDTIyMDYz
MDA5NTAwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQzZWNmZTY1ODI3
ODQwM2QzOGY1OWI5ODBlODVmMDMyOGFlNWQ4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJxOLa/1Qy4t1hcfKj9KcSaK9Pnlg0ug7H6V6hh7YeKqS6B/
DTo+NM18B1jo6djA5zHaZB++LHWizfEnWHNsMO7hSwxqcp2IT1SMYbmcqG/hZ57J
DHSJP8ssB8IvLunLFBzLoypyxSZYXd3Ug25EqpTPHzHKEotfe4Vh81lvg9askWFU
bLTwjExQOpa6NQl4iNNSrBLTT4YorXlhxi2gIdOeZuFlPu/NtDT8FlHqp6Iih3kw
8XAUwZp+ixprTUEwWcW3Jum/4REkzgYzFlYSDwyuPKVBjfkQiBro0lOWo+cDz+96
XXsxx7F/RY54cTt2p9Ork2MDvGt36QbImLIL7CsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTdPs/mWCeEA9OPWbmA6F8DKK5djjAfBgNVHSMEGDAWgBStolqv46mHDpUk
r6AmWYftWlpNozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JhSmFyLU9waHc2VkpLLWdKbG1IN1ZwYVRhTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvODEwZDI0LWFjYmUtNGNiMi05YWM1LTlkNTg3NWQ4NjM3My8x
LzNUN1A1bGduaEFQVGoxbTVnT2hmQXlpdVhZNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
ODEwZDI0LWFjYmUtNGNiMi05YWM1LTlkNTg3NWQ4NjM3My8xL3JhSmFyLU9waHc2
VkpLLWdKbG1IN1ZwYVRhTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAS1W5AMEAcHIEDANBgkqhkiG9w0B
AQsFAAOCAQEAguG9xaGJiHgkmdYkeY81oCtkV80TotPfRDaoMER+b8UxcGDzvFLI
SjzmrPG0Ja6TlFWf6MLKW6oRLyktheB1IStSvMN4ZPFjmqwgJOz/9cEmyiSePCu4
sYVak2NWCRNbbQrtnwrT2O7wHLZjlrUHLPIm+aSQgyLbJK8GNsDZheaXFjj9aGfG
ETrpDEoAQZ86JGp5OSbCTOJ+F3YWmF1vSKK3NPCc/TFBLJLtDagbLuuKq206yj8u
4nXiBgl8k2SAaIDiP7YLdm/z4Gk5IoBYtszoH/lGTwfmpz9iJ+stUd3/BqWKccQS
wl9p8VzTEXUlf8KSGPDVXK3KdSSJ3IfdnA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:01 2024 by rpki-client on console-fra.rpki-client.org