Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/fDlIZ54F9OhisJ_DE1mDHJnm_rY.roa
File: fDlIZ54F9OhisJ_DE1mDHJnm_rY.roa (raw, json)
Hash identifier: H91Aw+YXpZUs+WIsMtZqM2wlMd/XQhYJhsbMhIS4GP0=
Subject key identifier: 7C:39:48:67:9E:05:F4:E8:62:B0:9F:C3:13:59:83:1C:99:E6:FE:B6
Certificate issuer: /CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Certificate serial: 01841361DFBA64165D88C2E70F988A4132F6
Authority key identifier: AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/fDlIZ54F9OhisJ_DE1mDHJnm_rY.roa
Signing time: Wed 26 Oct 2022 08:21:31 +0000
ROA not before: Wed 26 Oct 2022 08:21:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62005
IP address blocks: 193.200.16.0/23 maxlen: 24
45.86.228.0/24 maxlen: 24
45.86.229.0/24 maxlen: 24
45.86.231.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:13:61:df:ba:64:16:5d:88:c2:e7:0f:98:8a:41:32:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Validity
Not Before: Oct 26 08:21:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c3948679e05f4e862b09fc31359831c99e6feb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a7:ae:2d:50:0e:ff:20:8f:fb:31:82:80:b7:
0f:aa:72:ec:b4:fe:70:62:1a:1b:97:9f:27:97:95:
0e:87:65:cb:a0:7a:e6:ba:fd:48:f2:82:f1:c8:50:
76:65:43:30:4f:88:aa:e8:35:81:08:a4:63:75:a7:
7a:35:9f:aa:14:a5:a2:af:37:98:f2:cd:68:b0:2c:
19:d7:fb:da:6a:80:9c:29:b5:01:b1:1d:ef:ef:04:
a5:50:a4:69:7d:9f:30:05:51:21:f0:fe:ca:63:90:
63:1c:d8:1a:9e:ca:9b:e1:51:4d:47:71:97:ed:03:
03:60:21:dd:4c:61:1c:64:d3:d6:4d:85:c8:66:25:
03:ff:5e:d3:21:18:7f:5e:cd:5f:ab:b9:15:e6:de:
42:cc:49:a6:72:2f:2f:fa:80:b5:d4:54:bd:5f:af:
d8:52:9b:2d:3d:7a:9a:19:ca:53:6b:3f:15:1f:43:
fe:b1:bd:f1:32:1e:80:f0:d3:1c:d4:44:b7:20:b1:
8c:b0:97:bc:00:59:69:e3:d9:d3:a1:b6:0a:71:42:
ac:47:71:82:20:0a:4a:38:9c:41:39:13:2d:9e:ba:
d1:a9:bd:d8:81:fc:86:df:10:48:26:a0:f8:aa:20:
b0:68:07:51:f5:83:12:02:fe:ee:71:9d:7d:1c:36:
4f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:39:48:67:9E:05:F4:E8:62:B0:9F:C3:13:59:83:1C:99:E6:FE:B6
X509v3 Authority Key Identifier:
keyid:AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/fDlIZ54F9OhisJ_DE1mDHJnm_rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/raJar-Ophw6VJK-gJlmH7VpaTaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.228.0/23
45.86.231.0/24
193.200.16.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:55:fa:95:59:f4:4c:58:4c:58:05:9f:88:78:53:7f:3e:16:
96:d0:89:a6:3c:90:3e:17:1c:fe:11:d7:a5:0f:e7:7c:d1:47:
82:7e:ee:d4:55:36:9e:8c:37:c2:8c:89:6c:de:45:e3:7c:3a:
88:87:26:8d:ae:0e:e8:0f:f0:96:21:5a:21:ab:29:31:aa:9b:
cc:e4:61:8a:2b:12:c9:af:7a:fe:5f:3f:b5:1f:22:9f:bc:58:
ac:3e:5f:9c:1f:5f:7d:f0:2d:c5:81:83:84:34:02:e3:1a:c0:
43:8f:02:a0:7f:71:6e:a1:85:0f:98:92:75:74:89:2b:98:9a:
51:88:95:0c:39:aa:99:74:8a:1c:26:f0:3d:c2:75:16:fa:c3:
da:33:cf:cd:16:15:54:fc:c5:e0:20:46:96:e2:e2:2c:6a:5f:
49:73:55:20:f2:4c:fb:04:5c:02:22:f1:88:d1:7e:bf:b5:d5:
4d:25:72:94:73:9c:ec:f9:8d:22:22:bf:3b:c9:d6:54:da:9f:
5b:70:c7:cd:fa:39:18:c1:9d:89:23:96:02:81:48:44:62:fa:
70:a4:ce:64:a5:90:ec:14:c9:a8:c1:b9:3f:cd:1b:be:6b:72:
85:b1:e0:67:fd:dc:00:46:ab:03:bc:c9:25:ff:df:80:01:80:
7a:95:88:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQTYd+6ZBZdiMLnD5iKQTL2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTI1YWFmZTNhOTg3MGU5NTI0YWZhMDI2NTk4N2VkNWE1
YTRkYTMwHhcNMjIxMDI2MDgyMTMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzM5NDg2NzllMDVmNGU4NjJiMDlmYzMxMzU5ODMxYzk5ZTZmZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaeuLVAO/yCP+zGCgLcPqnLstP5w
Yhobl58nl5UOh2XLoHrmuv1I8oLxyFB2ZUMwT4iq6DWBCKRjdad6NZ+qFKWirzeY
8s1osCwZ1/vaaoCcKbUBsR3v7wSlUKRpfZ8wBVEh8P7KY5BjHNgansqb4VFNR3GX
7QMDYCHdTGEcZNPWTYXIZiUD/17TIRh/Xs1fq7kV5t5CzEmmci8v+oC11FS9X6/Y
UpstPXqaGcpTaz8VH0P+sb3xMh6A8NMc1ES3ILGMsJe8AFlp49nTobYKcUKsR3GC
IApKOJxBORMtnrrRqb3YgfyG3xBIJqD4qiCwaAdR9YMSAv7ucZ19HDZPFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHw5SGeeBfToYrCfwxNZgxyZ5v62MB8GA1UdIwQY
MBaAFK2iWq/jqYcOlSSvoCZZh+1aWk2jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUt
OWQ1ODc1ZDg2MzczLzEvZkRsSVo1NEY5T2hpc0pfREUxbURISm5tX3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUtOWQ1ODc1ZDg2Mzcz
LzEvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLVbkAwQA
LVbnAwQBwcgQMA0GCSqGSIb3DQEBCwUAA4IBAQB/VfqVWfRMWExYBZ+IeFN/PhaW
0ImmPJA+Fxz+EdelD+d80UeCfu7UVTaejDfCjIls3kXjfDqIhyaNrg7oD/CWIVoh
qykxqpvM5GGKKxLJr3r+Xz+1HyKfvFisPl+cH1998C3FgYOENALjGsBDjwKgf3Fu
oYUPmJJ1dIkrmJpRiJUMOaqZdIocJvA9wnUW+sPaM8/NFhVU/MXgIEaW4uIsal9J
c1Ug8kz7BFwCIvGI0X6/tdVNJXKUc5zs+Y0iIr87ydZU2p9bcMfN+jkYwZ2JI5YC
gUhEYvpwpM5kpZDsFMmowbk/zRu+a3KFseBn/dwARqsDvMkl/9+AAYB6lYgF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:01 2024 by rpki-client on console-fra.rpki-client.org