Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/P4ha0dR10j_OUBC1YUrgo8RJFuQ.roa
File: P4ha0dR10j_OUBC1YUrgo8RJFuQ.roa (raw, json)
Hash identifier: Ewu5Qi4bXZbnl5/euI7MdKGoRZYT7rP1Jsm25VtUbd4=
Subject key identifier: 3F:88:5A:D1:D4:75:D2:3F:CE:50:10:B5:61:4A:E0:A3:C4:49:16:E4
Certificate issuer: /CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Certificate serial: 0185704294F0ECD0C39EB84CE13F8C370153
Authority key identifier: AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/P4ha0dR10j_OUBC1YUrgo8RJFuQ.roa
Signing time: Mon 02 Jan 2023 02:14:49 +0000
ROA not before: Mon 02 Jan 2023 02:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 193.200.12.0/23 maxlen: 24
2a0d:c3c6::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:94:f0:ec:d0:c3:9e:b8:4c:e1:3f:8c:37:01:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Validity
Not Before: Jan 2 02:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f885ad1d475d23fce5010b5614ae0a3c44916e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:1b:59:3d:b3:19:fd:2b:9a:2b:1d:23:7e:b2:
59:bb:4a:8d:b8:08:2e:e0:63:b5:2a:a2:64:69:8c:
3a:cc:cd:f8:da:98:ef:f2:80:2c:38:11:d0:a2:d3:
bd:a1:b2:d4:43:f1:aa:90:0f:d9:9f:a5:3b:9e:17:
4a:ea:0f:1d:b0:d1:e1:c4:b4:93:c2:73:02:6f:48:
59:07:0e:d3:40:41:3b:dd:f6:f4:1b:13:8c:3b:9d:
71:15:d0:8d:e6:62:06:d9:fa:86:57:cb:ae:62:00:
cc:e8:6f:56:c6:3b:ab:37:da:8d:ea:55:38:89:15:
51:b3:b4:95:0b:35:2b:01:f8:15:16:21:c2:34:c3:
89:45:16:bf:c2:92:52:6e:55:12:7a:ef:2a:73:18:
7d:0e:d0:46:52:21:6e:09:1e:0f:57:18:06:54:d9:
ed:6c:67:36:ce:a3:14:38:1e:e3:cd:99:60:04:2b:
c2:85:5c:7e:de:08:89:19:21:e4:8b:a6:6f:28:4c:
e8:78:ac:cb:13:fd:97:35:14:df:61:e1:1e:a1:e2:
bc:66:30:e5:3f:5e:a2:ba:ee:0a:8a:a3:6e:0f:11:
53:57:ef:1e:a4:43:15:1a:7f:77:9d:d3:de:3b:2b:
94:8e:b8:70:e2:09:1a:e7:66:55:7c:60:06:01:03:
60:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:88:5A:D1:D4:75:D2:3F:CE:50:10:B5:61:4A:E0:A3:C4:49:16:E4
X509v3 Authority Key Identifier:
keyid:AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/P4ha0dR10j_OUBC1YUrgo8RJFuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/raJar-Ophw6VJK-gJlmH7VpaTaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.12.0/23
IPv6:
2a0d:c3c6::/32
Signature Algorithm: sha256WithRSAEncryption
21:2c:c7:66:32:d0:dd:55:7b:3d:d2:e9:2a:eb:61:36:c9:16:
b8:db:1a:7b:c9:42:0d:e0:97:a0:eb:1c:8a:e3:7e:ba:53:14:
ed:ba:ff:84:8b:f8:44:66:55:9c:41:d8:37:36:17:55:e1:d6:
b7:19:f7:b1:fd:2c:d9:d2:ae:8f:45:38:40:9f:34:f4:52:0e:
5a:1f:c9:ba:88:be:7f:ab:10:f2:1b:bb:c4:59:74:2c:a6:50:
46:97:f0:2c:7d:6d:f6:03:8f:59:b9:95:3e:33:5b:f5:09:9c:
d1:56:bd:8d:ac:6d:35:a8:d8:4a:11:bb:77:1a:c6:5b:b2:58:
45:44:c3:6b:91:d1:70:77:8e:3e:de:e9:34:8c:d7:17:96:36:
93:7d:fe:61:59:dd:94:b0:b5:63:c4:f9:9f:29:34:7f:68:0a:
7c:9b:e2:d5:be:e2:c3:2b:ad:03:e1:84:49:a7:fc:c7:c0:a6:
08:4d:a4:25:fe:94:87:d6:ae:1f:1a:3b:b5:ea:9e:25:65:d7:
d8:8a:80:2b:c3:e5:23:f0:4d:b9:55:84:a1:a6:58:ce:f7:48:
16:7c:0a:ac:3a:b5:20:e4:40:8f:db:1b:d7:04:df:9e:e6:17:
cf:1e:46:7c:8a:23:6f:92:0e:5d:22:76:bf:1d:c2:9b:89:e6:
0d:19:52:14
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwQpTw7NDDnrhM4T+MNwFTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTI1YWFmZTNhOTg3MGU5NTI0YWZhMDI2NTk4N2VkNWE1
YTRkYTMwHhcNMjMwMTAyMDIxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjg4NWFkMWQ0NzVkMjNmY2U1MDEwYjU2MTRhZTBhM2M0NDkxNmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhtZPbMZ/SuaKx0jfrJZu0qNuAgu
4GO1KqJkaYw6zM342pjv8oAsOBHQotO9obLUQ/GqkA/Zn6U7nhdK6g8dsNHhxLST
wnMCb0hZBw7TQEE73fb0GxOMO51xFdCN5mIG2fqGV8uuYgDM6G9WxjurN9qN6lU4
iRVRs7SVCzUrAfgVFiHCNMOJRRa/wpJSblUSeu8qcxh9DtBGUiFuCR4PVxgGVNnt
bGc2zqMUOB7jzZlgBCvChVx+3giJGSHki6ZvKEzoeKzLE/2XNRTfYeEeoeK8ZjDl
P16iuu4KiqNuDxFTV+8epEMVGn93ndPeOyuUjrhw4gka52ZVfGAGAQNgmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD+IWtHUddI/zlAQtWFK4KPESRbkMB8GA1UdIwQY
MBaAFK2iWq/jqYcOlSSvoCZZh+1aWk2jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUt
OWQ1ODc1ZDg2MzczLzEvUDRoYTBkUjEwal9PVUJDMVlVcmdvOFJKRnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUtOWQ1ODc1ZDg2Mzcz
LzEvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBwcgMMA0E
AgACMAcDBQAqDcPGMA0GCSqGSIb3DQEBCwUAA4IBAQAhLMdmMtDdVXs90ukq62E2
yRa42xp7yUIN4Jeg6xyK4366UxTtuv+Ei/hEZlWcQdg3NhdV4da3Gfex/SzZ0q6P
RThAnzT0Ug5aH8m6iL5/qxDyG7vEWXQsplBGl/AsfW32A49ZuZU+M1v1CZzRVr2N
rG01qNhKEbt3GsZbslhFRMNrkdFwd44+3uk0jNcXljaTff5hWd2UsLVjxPmfKTR/
aAp8m+LVvuLDK60D4YRJp/zHwKYITaQl/pSH1q4fGju16p4lZdfYioArw+Uj8E25
VYShpljO90gWfAqsOrUg5ECP2xvXBN+e5hfPHkZ8iiNvkg5dIna/HcKbieYNGVIU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:01 2024 by rpki-client on console-fra.rpki-client.org