Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/VZo2CrJvCBNzw9C5D6vr3ZScrqQ.roa
File: VZo2CrJvCBNzw9C5D6vr3ZScrqQ.roa (raw, json)
Hash identifier: +9NqqbocIRkGnRn7pplULYB11gRBXH/Pi4cTm8xxrww=
Subject key identifier: 55:9A:36:0A:B2:6F:08:13:73:C3:D0:B9:0F:AB:EB:DD:94:9C:AE:A4
Certificate issuer: /CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Certificate serial: 08645ED8
Authority key identifier: AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/VZo2CrJvCBNzw9C5D6vr3ZScrqQ.roa
Signing time: Thu 05 May 2022 07:01:00 +0000
ROA not before: Thu 05 May 2022 07:01:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62005
IP address blocks: 193.200.16.0/23 maxlen: 24
45.86.229.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140795608 (0x8645ed8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Validity
Not Before: May 5 07:01:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=559a360ab26f081373c3d0b90fabebdd949caea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:36:ff:e2:dc:83:5b:a1:37:65:f0:bd:53:c9:
ab:bc:4d:af:43:5c:7d:41:fe:0a:ce:32:73:7e:e0:
60:a4:82:8a:0f:4c:24:89:7b:c3:bf:88:94:c4:13:
a7:7d:4e:e1:1f:60:67:21:ee:be:17:fc:8f:43:89:
6c:c2:3e:1e:f6:23:4a:f5:87:75:ff:67:55:63:ec:
37:dd:a1:21:d4:fb:c9:a3:0d:a9:12:05:26:8e:fd:
bd:d5:31:38:cc:76:04:d4:34:b8:25:40:82:2b:47:
a8:0c:2d:38:7b:4d:22:f0:73:be:cf:99:6c:03:33:
88:db:a7:84:cc:c9:f9:1e:5d:13:12:51:48:d0:11:
17:a9:21:10:76:2a:9c:25:24:c4:e1:ee:65:a5:37:
74:06:fe:52:fe:57:b8:47:c0:34:ea:b7:7e:9c:28:
76:a5:70:b7:62:23:ce:93:65:3f:5a:ae:5f:08:40:
a1:ca:c4:51:68:9f:d1:d0:65:1b:aa:a6:b5:e0:32:
1d:cc:f6:5a:d2:7a:c8:f8:fd:52:06:4c:25:14:3d:
d7:ec:d3:24:c7:35:66:63:fc:00:50:97:5c:92:e5:
91:49:4c:26:57:01:64:f1:cf:99:54:7a:07:88:aa:
be:82:ec:fb:db:62:85:fa:1b:c6:d1:7c:7a:b7:bf:
d9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:9A:36:0A:B2:6F:08:13:73:C3:D0:B9:0F:AB:EB:DD:94:9C:AE:A4
X509v3 Authority Key Identifier:
keyid:AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/VZo2CrJvCBNzw9C5D6vr3ZScrqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/raJar-Ophw6VJK-gJlmH7VpaTaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.229.0/24
193.200.16.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:f0:7c:3e:27:b3:c4:5b:31:c1:d9:8d:ce:b0:43:b4:5b:9f:
1f:fe:90:54:e9:0f:72:03:18:a2:3a:ef:c9:46:0c:21:47:3a:
d9:7a:13:f7:d2:13:06:2a:c4:e8:8d:e7:49:ca:bd:ca:9b:6c:
09:f8:f4:a5:d9:39:7c:65:b0:08:85:86:fa:08:7c:99:41:2b:
83:a2:5e:8a:d6:bf:6c:45:42:5b:cd:33:2b:47:d8:85:73:cd:
91:cf:0f:8b:37:86:6b:94:60:df:d7:e9:55:46:51:e2:8b:c7:
ae:81:d3:54:68:92:28:fe:00:f2:89:22:03:b9:13:27:b2:46:
2d:c8:1e:13:8d:0e:44:e2:b6:45:0f:97:da:26:71:6d:21:41:
63:7c:be:c3:61:d2:7b:92:07:09:1a:b0:cb:38:5b:29:be:4f:
c6:1f:cd:24:63:f5:45:28:ae:a4:cf:fb:52:f4:d9:8f:f1:e4:
72:d0:c0:67:5c:a0:f5:79:d4:2d:92:e1:10:59:02:d3:b6:3c:
49:9d:1b:f3:c5:25:4e:22:a7:8a:fb:26:42:20:7f:42:5a:cd:
0b:a1:08:bb:7c:15:be:d3:64:08:ed:4a:97:20:4b:ad:e1:f9:
07:18:c0:68:9c:d8:03:3f:6d:46:eb:f6:f8:50:50:4e:49:cc:
90:f1:4a:80
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECGRe2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGEyNWFhZmUzYTk4NzBlOTUyNGFmYTAyNjU5ODdlZDVhNWE0ZGEzMB4XDTIyMDUw
NTA3MDEwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTU5YTM2MGFiMjZm
MDgxMzczYzNkMGI5MGZhYmViZGQ5NDljYWVhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK42/+Lcg1uhN2XwvVPJq7xNr0NcfUH+Cs4yc37gYKSCig9M
JIl7w7+IlMQTp31O4R9gZyHuvhf8j0OJbMI+HvYjSvWHdf9nVWPsN92hIdT7yaMN
qRIFJo79vdUxOMx2BNQ0uCVAgitHqAwtOHtNIvBzvs+ZbAMziNunhMzJ+R5dExJR
SNARF6khEHYqnCUkxOHuZaU3dAb+Uv5XuEfANOq3fpwodqVwt2IjzpNlP1quXwhA
ocrEUWif0dBlG6qmteAyHcz2WtJ6yPj9UgZMJRQ91+zTJMc1ZmP8AFCXXJLlkUlM
JlcBZPHPmVR6B4iqvoLs+9tihfobxtF8ere/2ZkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRVmjYKsm8IE3PD0LkPq+vdlJyupDAfBgNVHSMEGDAWgBStolqv46mHDpUk
r6AmWYftWlpNozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JhSmFyLU9waHc2VkpLLWdKbG1IN1ZwYVRhTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvODEwZDI0LWFjYmUtNGNiMi05YWM1LTlkNTg3NWQ4NjM3My8x
L1ZabzJDckp2Q0JOenc5QzVENnZyM1pTY3JxUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
ODEwZDI0LWFjYmUtNGNiMi05YWM1LTlkNTg3NWQ4NjM3My8xL3JhSmFyLU9waHc2
VkpLLWdKbG1IN1ZwYVRhTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAC1W5QMEAcHIEDANBgkqhkiG9w0B
AQsFAAOCAQEAPPB8PiezxFsxwdmNzrBDtFufH/6QVOkPcgMYojrvyUYMIUc62XoT
99ITBirE6I3nScq9yptsCfj0pdk5fGWwCIWG+gh8mUErg6Jeita/bEVCW80zK0fY
hXPNkc8PizeGa5Rg39fpVUZR4ovHroHTVGiSKP4A8okiA7kTJ7JGLcgeE40OROK2
RQ+X2iZxbSFBY3y+w2HSe5IHCRqwyzhbKb5Pxh/NJGP1RSiupM/7UvTZj/HkctDA
Z1yg9XnULZLhEFkC07Y8SZ0b88UlTiKnivsmQiB/QlrNC6EIu3wVvtNkCO1KlyBL
reH5BxjAaJzYAz9tRuv2+FBQTknMkPFKgA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:41 2024 by rpki-client on console-ams.rpki-client.org