Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/9xzrQvGIE5CCAyw3HWf16iObFK0.roa
File: 9xzrQvGIE5CCAyw3HWf16iObFK0.roa (raw, json)
Hash identifier: LYU3oRroObFwBO0JReHzGXMCbkJI3xIoVCo2fq5BtcQ=
Subject key identifier: F7:1C:EB:42:F1:88:13:90:82:03:2C:37:1D:67:F5:EA:23:9B:14:AD
Certificate issuer: /CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Certificate serial: 0185704297E48764F33A6F66ABEFBD0674F3
Authority key identifier: AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/9xzrQvGIE5CCAyw3HWf16iObFK0.roa
Signing time: Mon 02 Jan 2023 02:14:50 +0000
ROA not before: Mon 02 Jan 2023 02:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62005
IP address blocks: 193.200.16.0/23 maxlen: 24
45.86.228.0/24 maxlen: 24
45.86.229.0/24 maxlen: 24
45.86.231.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:97:e4:87:64:f3:3a:6f:66:ab:ef:bd:06:74:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Validity
Not Before: Jan 2 02:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f71ceb42f188139082032c371d67f5ea239b14ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fc:83:00:39:ef:7d:c8:e2:c6:a3:76:50:d6:
01:09:1d:69:4b:57:50:ae:41:7a:7b:21:2d:38:9a:
41:b4:be:0b:92:15:41:6f:9e:d4:97:65:57:41:d9:
bf:28:4f:d4:2f:4e:35:36:e9:1e:e2:fd:51:b8:c6:
72:e1:45:49:ca:c4:84:28:5a:6e:e1:99:91:ca:b2:
da:9c:77:39:51:6b:9e:f0:e3:c9:86:55:a3:3b:8a:
a0:9e:b9:0d:4b:26:d2:60:1f:8f:40:fa:09:df:c3:
9e:e3:2c:82:ce:03:92:c4:d6:dc:64:c9:19:76:fe:
bd:4d:a6:14:38:79:7a:5d:20:8a:cd:ba:cd:ac:32:
d0:5e:5e:3b:fe:f3:cc:ae:19:d6:a2:f0:af:1e:ea:
b7:34:62:eb:1e:80:77:f2:08:01:da:f8:36:45:9d:
e2:bf:b7:06:36:30:2b:e7:8f:51:c7:93:1c:06:af:
3b:85:1a:1b:88:6f:cd:07:56:e1:2c:11:54:5c:81:
91:5b:af:a8:5a:44:9b:d0:e4:31:e7:19:10:8d:61:
58:97:d1:ad:c4:1b:9d:1e:ca:89:9f:04:6c:ca:6a:
cb:1e:88:f7:af:97:a8:05:90:3a:22:65:40:06:57:
9e:9f:ee:ec:9d:7d:93:d6:5a:95:d0:43:11:89:5a:
dc:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:1C:EB:42:F1:88:13:90:82:03:2C:37:1D:67:F5:EA:23:9B:14:AD
X509v3 Authority Key Identifier:
keyid:AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/9xzrQvGIE5CCAyw3HWf16iObFK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/raJar-Ophw6VJK-gJlmH7VpaTaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.228.0/23
45.86.231.0/24
193.200.16.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:4a:68:bd:35:2b:92:6b:03:f9:91:0b:7d:39:a9:cc:bd:12:
b4:5e:40:07:f5:b3:23:e0:85:35:04:3f:df:58:ba:50:9b:17:
82:25:bd:88:16:b5:d9:d1:cb:e9:74:91:81:47:4e:86:16:f5:
6c:c4:52:9a:4c:32:79:48:b0:78:db:b0:34:fc:f6:53:36:fb:
d5:c0:07:ea:b3:55:e2:35:f1:62:c1:52:74:c2:f0:aa:62:cd:
82:74:85:fa:0b:b9:3b:32:0c:98:9d:cd:30:74:a8:30:76:b6:
a3:41:fa:da:5b:d4:8e:6f:76:a3:9f:1b:12:0c:ad:26:fa:29:
71:db:cf:19:d3:87:78:40:01:5e:97:00:ae:6b:4b:4b:04:b7:
16:38:37:78:b1:74:94:25:e9:18:1d:26:38:b9:1a:a8:5c:fa:
2e:c4:6f:76:09:7e:9a:5d:87:46:fd:62:e2:10:e6:6f:7c:61:
14:cd:bd:ee:0a:6a:c6:f3:0e:b8:d8:8d:a1:f0:7e:58:3e:56:
3b:ad:81:69:79:d2:ef:4d:a0:d5:88:7d:de:57:d1:e3:8c:c2:
ac:d6:75:b0:0c:b2:59:ad:d2:8b:52:d8:21:d8:5e:54:7e:eb:
94:86:e2:b9:b7:2b:be:42:db:dd:de:be:42:cc:e2:17:81:77:
1a:c0:dc:e7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwQpfkh2TzOm9mq++9BnTzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTI1YWFmZTNhOTg3MGU5NTI0YWZhMDI2NTk4N2VkNWE1
YTRkYTMwHhcNMjMwMTAyMDIxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzFjZWI0MmYxODgxMzkwODIwMzJjMzcxZDY3ZjVlYTIzOWIxNGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvyDADnvfcjixqN2UNYBCR1pS1dQ
rkF6eyEtOJpBtL4LkhVBb57Ul2VXQdm/KE/UL041Nuke4v1RuMZy4UVJysSEKFpu
4ZmRyrLanHc5UWue8OPJhlWjO4qgnrkNSybSYB+PQPoJ38Oe4yyCzgOSxNbcZMkZ
dv69TaYUOHl6XSCKzbrNrDLQXl47/vPMrhnWovCvHuq3NGLrHoB38ggB2vg2RZ3i
v7cGNjAr549Rx5McBq87hRobiG/NB1bhLBFUXIGRW6+oWkSb0OQx5xkQjWFYl9Gt
xBudHsqJnwRsymrLHoj3r5eoBZA6ImVABleen+7snX2T1lqV0EMRiVrcEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPcc60LxiBOQggMsNx1n9eojmxStMB8GA1UdIwQY
MBaAFK2iWq/jqYcOlSSvoCZZh+1aWk2jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUt
OWQ1ODc1ZDg2MzczLzEvOXh6clF2R0lFNUNDQXl3M0hXZjE2aU9iRkswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUtOWQ1ODc1ZDg2Mzcz
LzEvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLVbkAwQA
LVbnAwQBwcgQMA0GCSqGSIb3DQEBCwUAA4IBAQBeSmi9NSuSawP5kQt9OanMvRK0
XkAH9bMj4IU1BD/fWLpQmxeCJb2IFrXZ0cvpdJGBR06GFvVsxFKaTDJ5SLB427A0
/PZTNvvVwAfqs1XiNfFiwVJ0wvCqYs2CdIX6C7k7MgyYnc0wdKgwdrajQfraW9SO
b3ajnxsSDK0m+ilx288Z04d4QAFelwCua0tLBLcWODd4sXSUJekYHSY4uRqoXPou
xG92CX6aXYdG/WLiEOZvfGEUzb3uCmrG8w642I2h8H5YPlY7rYFpedLvTaDViH3e
V9HjjMKs1nWwDLJZrdKLUtgh2F5UfuuUhuK5tyu+Qtvd3r5CzOIXgXcawNzn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:41 2024 by rpki-client on console-ams.rpki-client.org