Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/ea5wZi5HGqP20iNEi8z6GLnZJz0.roa
File: ea5wZi5HGqP20iNEi8z6GLnZJz0.roa (raw, json)
Hash identifier: pghy5yCAXTmIfgK1VI1NBdkbyJVKZw4P4IKLDIQ1suA=
Subject key identifier: 79:AE:70:66:2E:47:1A:A3:F6:D2:23:44:8B:CC:FA:18:B9:D9:27:3D
Certificate issuer: /CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Certificate serial: 08F53A3B
Authority key identifier: AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/ea5wZi5HGqP20iNEi8z6GLnZJz0.roa
Signing time: Mon 04 Jul 2022 19:36:27 +0000
ROA not before: Mon 04 Jul 2022 19:36:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 77.83.152.0/22 maxlen: 24
45.147.148.0/22 maxlen: 22
77.83.154.0/23 maxlen: 23
139.28.168.0/22 maxlen: 22
5.252.188.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150288955 (0x8f53a3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Validity
Not Before: Jul 4 19:36:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=79ae70662e471aa3f6d223448bccfa18b9d9273d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:12:38:06:eb:ee:f6:39:05:df:44:21:1e:88:
14:a2:d3:20:12:28:f8:64:ff:db:bb:ff:80:84:9c:
a9:03:09:40:3f:82:85:da:fd:59:bb:d3:b3:fb:9a:
0c:10:72:c2:69:b9:06:f1:d8:80:40:d1:1c:30:22:
68:48:bd:99:a8:96:5d:34:07:be:11:13:c9:fd:5e:
14:cf:9a:83:c6:6d:38:db:c4:d8:9d:fa:a2:14:8d:
23:6b:64:53:59:9d:a3:7e:28:b7:d2:a5:ac:a5:e5:
cf:84:08:18:d3:15:4a:4e:1c:6c:5c:92:a1:e2:c1:
b0:23:d2:de:7f:75:0f:98:e8:16:51:6e:a5:d5:06:
d2:54:e3:45:64:c3:56:b7:e8:d7:38:d3:fd:b2:19:
d3:2c:cd:55:e0:36:18:c5:c3:87:b2:84:30:8c:e1:
5e:80:db:a1:29:15:18:b4:61:fb:ef:27:2b:29:7b:
22:5c:9a:48:f1:ea:de:29:51:34:09:40:b6:44:31:
0d:bb:39:16:6d:2f:a2:be:6b:29:06:14:ec:b4:ca:
fe:00:3f:79:c3:a8:1d:2e:3d:61:95:55:49:76:8d:
33:a0:c7:fa:85:9d:35:24:5f:f8:3d:5b:45:0b:9d:
5b:20:bd:c8:07:46:86:cf:3d:df:0a:4f:1b:e9:91:
76:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:AE:70:66:2E:47:1A:A3:F6:D2:23:44:8B:CC:FA:18:B9:D9:27:3D
X509v3 Authority Key Identifier:
keyid:AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/ea5wZi5HGqP20iNEi8z6GLnZJz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/raJar-Ophw6VJK-gJlmH7VpaTaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.188.0/22
45.147.148.0/22
77.83.152.0/22
139.28.168.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:29:c6:97:36:db:3a:e2:ee:a4:35:1c:99:e2:0f:eb:80:20:
cf:c4:98:a5:41:84:3a:70:2e:7a:46:d1:66:cc:eb:15:9c:8c:
d1:0f:bc:f7:47:e3:f3:4f:29:8f:0c:3c:85:73:30:5a:ff:1d:
d1:b9:97:9f:f1:3e:46:76:ae:80:f4:76:ae:e8:2c:a1:23:74:
fa:5f:bc:c9:39:19:9f:55:11:a3:49:d9:e9:82:54:36:d7:93:
5d:24:a6:83:9e:4e:b0:68:24:66:6d:e0:86:1a:f4:d1:e1:a3:
83:e3:aa:65:9f:39:c9:74:bd:d9:89:18:65:e6:a3:10:c1:cc:
ac:3b:5e:99:82:62:37:f2:b9:5f:43:80:25:d2:13:bd:30:c3:
24:5e:68:85:5f:6f:67:71:e6:94:75:94:84:b4:12:67:b3:d6:
df:e6:0b:21:05:77:58:0b:1a:f2:8b:e8:e0:44:2f:9e:c4:15:
14:d1:17:c2:ff:e4:06:9c:8d:f9:20:ec:7d:2d:5f:ee:c9:e1:
95:e3:74:c4:8b:2c:ba:5d:7c:ac:ad:81:c4:7e:27:20:d9:c4:
ae:82:e5:25:e7:b6:b1:a9:36:43:d8:63:2f:6c:5e:3a:e4:da:
20:8b:80:52:78:08:ba:f3:a1:a9:d1:95:9b:8e:d4:03:12:7c:
63:74:3f:a3
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECPU6OzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGEyNWFhZmUzYTk4NzBlOTUyNGFmYTAyNjU5ODdlZDVhNWE0ZGEzMB4XDTIyMDcw
NDE5MzYyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzlhZTcwNjYyZTQ3
MWFhM2Y2ZDIyMzQ0OGJjY2ZhMThiOWQ5MjczZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8SOAbr7vY5Bd9EIR6IFKLTIBIo+GT/27v/gIScqQMJQD+C
hdr9WbvTs/uaDBBywmm5BvHYgEDRHDAiaEi9maiWXTQHvhETyf1eFM+ag8ZtONvE
2J36ohSNI2tkU1mdo34ot9KlrKXlz4QIGNMVSk4cbFySoeLBsCPS3n91D5joFlFu
pdUG0lTjRWTDVrfo1zjT/bIZ0yzNVeA2GMXDh7KEMIzhXoDboSkVGLRh++8nKyl7
IlyaSPHq3ilRNAlAtkQxDbs5Fm0vor5rKQYU7LTK/gA/ecOoHS49YZVVSXaNM6DH
+oWdNSRf+D1bRQudWyC9yAdGhs893wpPG+mRdpcCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBR5rnBmLkcao/bSI0SLzPoYudknPTAfBgNVHSMEGDAWgBStolqv46mHDpUk
r6AmWYftWlpNozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JhSmFyLU9waHc2VkpLLWdKbG1IN1ZwYVRhTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvODEwZDI0LWFjYmUtNGNiMi05YWM1LTlkNTg3NWQ4NjM3My8x
L2VhNXdaaTVIR3FQMjBpTkVpOHo2R0xuWkp6MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
ODEwZDI0LWFjYmUtNGNiMi05YWM1LTlkNTg3NWQ4NjM3My8xL3JhSmFyLU9waHc2
VkpLLWdKbG1IN1ZwYVRhTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAgX8vAMEAi2TlAMEAk1TmAMEAosc
qDANBgkqhkiG9w0BAQsFAAOCAQEAbynGlzbbOuLupDUcmeIP64Agz8SYpUGEOnAu
ekbRZszrFZyM0Q+890fj808pjww8hXMwWv8d0bmXn/E+RnaugPR2rugsoSN0+l+8
yTkZn1URo0nZ6YJUNteTXSSmg55OsGgkZm3ghhr00eGjg+OqZZ85yXS92YkYZeaj
EMHMrDtemYJiN/K5X0OAJdITvTDDJF5ohV9vZ3HmlHWUhLQSZ7PW3+YLIQV3WAsa
8ovo4EQvnsQVFNEXwv/kBpyN+SDsfS1f7snhleN0xIssul18rK2BxH4nINnEroLl
Jee2sak2Q9hjL2xeOuTaIIuAUngIuvOhqdGVm47UAxJ8Y3Q/ow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:41 2024 by rpki-client on console-ams.rpki-client.org