Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/OhRXLyClIBiTntSzNuxmlOCl5GU.roa
File: OhRXLyClIBiTntSzNuxmlOCl5GU.roa (raw, json)
Hash identifier: xYcBZl7smaFxTpuRtV3JfHWyuup+Myrd61h3WoUPe74=
Subject key identifier: 3A:14:57:2F:20:A5:20:18:93:9E:D4:B3:36:EC:66:94:E0:A5:E4:65
Certificate issuer: /CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Certificate serial: 08C857EB
Authority key identifier: AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/OhRXLyClIBiTntSzNuxmlOCl5GU.roa
Signing time: Thu 16 Jun 2022 16:17:44 +0000
ROA not before: Thu 16 Jun 2022 16:17:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 45.86.230.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147347435 (0x8c857eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Validity
Not Before: Jun 16 16:17:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a14572f20a52018939ed4b336ec6694e0a5e465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7d:e4:84:b6:0a:f7:b8:6c:f5:68:cf:30:f2:
8f:88:18:65:b2:97:85:e6:89:9c:5e:07:aa:de:1f:
be:d1:44:35:88:84:a1:7f:89:62:a9:9f:f8:17:cb:
8c:bc:8e:e5:27:f4:d7:ab:f6:0d:04:97:bf:35:4e:
8f:8c:91:3c:b2:cf:e9:9e:e9:e6:4f:ad:2f:ca:38:
09:aa:55:31:db:d5:80:50:bc:60:71:df:75:04:00:
f4:70:ec:cf:25:90:ae:b9:50:a7:95:28:98:58:37:
d5:39:ae:e7:0c:ca:a8:9e:05:72:9b:7f:e8:54:e5:
b2:a9:93:f9:cb:7f:15:1a:7c:ea:c6:8e:38:09:2e:
f5:e2:85:65:42:ee:e5:0a:a3:06:a9:6c:29:4b:15:
2a:68:06:09:11:3c:4e:b1:1d:8d:c4:d7:49:5b:0c:
e2:b0:89:9a:90:0f:9f:23:f5:33:32:71:77:01:02:
c6:dd:2f:38:37:eb:b2:3e:00:8f:a7:af:49:85:c0:
51:d0:1a:bb:1f:b1:4a:ab:da:54:25:09:a4:8b:59:
46:10:3f:a4:9c:f3:5a:01:37:b7:f1:1a:f1:61:7c:
f6:d7:8f:7c:ee:d4:45:b5:93:f0:c4:5b:22:ff:9a:
1c:d5:c1:5b:e9:91:cb:76:1b:a2:52:45:bb:7b:f4:
53:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:14:57:2F:20:A5:20:18:93:9E:D4:B3:36:EC:66:94:E0:A5:E4:65
X509v3 Authority Key Identifier:
keyid:AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/OhRXLyClIBiTntSzNuxmlOCl5GU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/raJar-Ophw6VJK-gJlmH7VpaTaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.230.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:aa:db:a4:4e:90:46:f4:ab:eb:a4:bb:64:8f:5e:a5:98:e9:
1f:1b:d2:78:6e:9d:25:72:85:f9:f1:47:d3:47:b0:09:0f:23:
23:5f:60:62:ec:83:a9:4b:f5:a4:95:75:58:c9:60:2f:d0:40:
d3:ae:64:45:74:8a:fa:7f:02:bb:d8:ff:c5:56:04:54:3c:45:
a5:2e:64:9f:90:7c:ae:38:7d:ea:83:a2:74:68:96:66:4f:53:
a7:14:8b:9f:49:08:87:c0:14:00:02:be:cf:7c:02:84:32:ca:
7c:c7:a6:77:ae:4b:f5:1b:20:5b:36:39:84:dc:61:71:03:f4:
6e:f5:d4:c8:65:23:df:ad:a6:87:30:61:82:ae:d6:4f:a9:36:
02:99:e2:f0:38:e6:c4:47:af:79:99:c3:fc:d7:7e:e3:4f:75:
49:46:a6:29:ba:75:2d:ef:94:36:81:fd:8a:22:cf:dc:d4:5c:
99:13:d9:6d:6b:32:69:af:59:09:0a:91:52:24:13:06:f1:2f:
c5:90:f1:5f:29:78:58:c7:0b:95:6e:7a:cf:e7:14:e9:48:0f:
38:17:68:6e:7d:68:e7:1a:84:02:21:21:00:55:78:a3:6e:dd:
26:ff:95:fa:74:8b:14:5b:d2:22:23:b7:5d:7d:79:a8:38:3f:
e5:d1:13:6c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECMhX6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGEyNWFhZmUzYTk4NzBlOTUyNGFmYTAyNjU5ODdlZDVhNWE0ZGEzMB4XDTIyMDYx
NjE2MTc0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ExNDU3MmYyMGE1
MjAxODkzOWVkNGIzMzZlYzY2OTRlMGE1ZTQ2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANF95IS2Cve4bPVozzDyj4gYZbKXheaJnF4Hqt4fvtFENYiE
oX+JYqmf+BfLjLyO5Sf016v2DQSXvzVOj4yRPLLP6Z7p5k+tL8o4CapVMdvVgFC8
YHHfdQQA9HDszyWQrrlQp5UomFg31Tmu5wzKqJ4Fcpt/6FTlsqmT+ct/FRp86saO
OAku9eKFZULu5QqjBqlsKUsVKmgGCRE8TrEdjcTXSVsM4rCJmpAPnyP1MzJxdwEC
xt0vODfrsj4Aj6evSYXAUdAaux+xSqvaVCUJpItZRhA/pJzzWgE3t/Ea8WF89teP
fO7URbWT8MRbIv+aHNXBW+mRy3YbolJFu3v0U7UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ6FFcvIKUgGJOe1LM27GaU4KXkZTAfBgNVHSMEGDAWgBStolqv46mHDpUk
r6AmWYftWlpNozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JhSmFyLU9waHc2VkpLLWdKbG1IN1ZwYVRhTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvODEwZDI0LWFjYmUtNGNiMi05YWM1LTlkNTg3NWQ4NjM3My8x
L09oUlhMeUNsSUJpVG50U3pOdXhtbE9DbDVHVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
ODEwZDI0LWFjYmUtNGNiMi05YWM1LTlkNTg3NWQ4NjM3My8xL3JhSmFyLU9waHc2
VkpLLWdKbG1IN1ZwYVRhTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1W5jANBgkqhkiG9w0BAQsFAAOC
AQEAPqrbpE6QRvSr66S7ZI9epZjpHxvSeG6dJXKF+fFH00ewCQ8jI19gYuyDqUv1
pJV1WMlgL9BA065kRXSK+n8Cu9j/xVYEVDxFpS5kn5B8rjh96oOidGiWZk9TpxSL
n0kIh8AUAAK+z3wChDLKfMemd65L9RsgWzY5hNxhcQP0bvXUyGUj362mhzBhgq7W
T6k2Apni8DjmxEeveZnD/Nd+4091SUamKbp1Le+UNoH9iiLP3NRcmRPZbWsyaa9Z
CQqRUiQTBvEvxZDxXyl4WMcLlW56z+cU6UgPOBdobn1o5xqEAiEhAFV4o27dJv+V
+nSLFFvSIiO3XX15qDg/5dETbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:41 2024 by rpki-client on console-ams.rpki-client.org