Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/ffcFzYp4qxriqUkjWUFtEBu5gzA.roa
File: ffcFzYp4qxriqUkjWUFtEBu5gzA.roa (raw, json)
Hash identifier: PPWtMGKlYkY7FNGX/u/Iw5BFyVGLNziLxj1NMymmA3c=
Subject key identifier: 7D:F7:05:CD:8A:78:AB:1A:E2:A9:49:23:59:41:6D:10:1B:B9:83:30
Certificate issuer: /CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Certificate serial: 0848DE5B
Authority key identifier: AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/ffcFzYp4qxriqUkjWUFtEBu5gzA.roa
Signing time: Tue 26 Apr 2022 12:15:34 +0000
ROA not before: Tue 26 Apr 2022 12:15:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62005
IP address blocks: 193.200.16.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138993243 (0x848de5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Validity
Not Before: Apr 26 12:15:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7df705cd8a78ab1ae2a9492359416d101bb98330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b0:ae:7d:2d:61:79:e9:97:84:3e:6c:71:57:
93:a6:43:41:8b:db:5d:9b:12:21:1b:d7:6c:53:ec:
2b:c2:06:cc:62:55:c7:9b:a8:b1:cb:00:77:1c:9c:
7c:80:a8:ce:63:0f:92:db:54:01:a1:10:5a:0d:ed:
4e:40:d8:2e:c2:82:75:98:a8:24:2a:53:2a:95:a1:
a2:dd:07:9f:45:40:f9:da:c5:c4:dd:b6:88:c8:bf:
c3:d7:9b:06:76:9a:88:82:e6:cb:9e:ea:85:bf:85:
29:0f:b1:05:b1:c5:f0:57:a0:f1:38:be:28:fe:75:
e8:78:2c:e9:d2:93:54:33:2f:6d:04:8f:8a:e5:c4:
35:f6:ca:e0:29:ed:f3:c3:44:bf:bd:76:7f:26:44:
0a:6a:78:9a:de:d3:4c:6b:28:82:1c:ae:64:58:1a:
f0:94:3e:cc:d4:1e:41:d6:19:31:cd:c7:a9:e6:57:
a5:16:77:28:c3:23:b9:cd:6e:ea:20:ef:13:13:03:
4b:09:0f:ae:5c:13:a4:10:a8:cf:a5:68:d9:a6:7c:
96:b9:2e:a9:af:d9:e6:4a:b0:68:35:ee:5a:cc:1b:
6d:a5:a5:02:f8:7e:60:94:05:f4:ab:0c:81:88:8d:
7b:e2:61:2e:14:43:8a:c0:8a:c2:03:ab:a0:1c:bd:
0f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:F7:05:CD:8A:78:AB:1A:E2:A9:49:23:59:41:6D:10:1B:B9:83:30
X509v3 Authority Key Identifier:
keyid:AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/ffcFzYp4qxriqUkjWUFtEBu5gzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/raJar-Ophw6VJK-gJlmH7VpaTaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.16.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:95:2a:68:94:d6:a0:f7:8a:14:98:cd:1f:bf:99:b0:56:f2:
24:3c:8d:61:2c:37:5a:3f:f3:bb:4b:79:86:ae:df:b5:ca:d8:
09:9e:8b:04:84:6e:f1:65:72:cb:6f:3f:1a:4e:39:31:f2:c7:
79:66:e6:3b:92:fe:3b:da:5f:b2:31:36:b0:a1:36:3a:92:c0:
6e:1e:d0:77:96:b9:d8:bc:4d:06:d9:9d:5a:43:24:62:20:ec:
63:a7:d2:aa:dc:b7:4f:49:c0:97:db:ce:7e:ef:2b:ae:1e:17:
ed:cc:ec:43:53:21:18:e9:4b:b7:fc:63:2d:66:12:53:0f:7a:
ff:ad:0e:80:8c:23:f3:99:70:8d:63:12:79:be:a4:8a:86:b0:
32:3d:ef:82:f6:d2:3f:72:77:f5:22:aa:20:fd:d8:24:ca:70:
f0:cd:be:cd:5c:24:5a:d3:10:a5:9d:24:bc:48:02:94:6c:b8:
ec:c0:c0:0d:12:48:bf:f4:1c:25:e0:c6:87:79:c1:50:be:17:
26:66:39:75:70:4a:22:50:f5:e0:8c:f7:06:aa:d4:57:88:0b:
34:08:e4:40:e9:5b:4f:f9:bc:7d:1d:e2:3a:45:ef:8e:9d:da:
8f:24:c3:20:5c:6f:e9:eb:a4:d3:0b:8e:76:b1:92:3d:81:b5:
7c:b9:1d:e2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECEjeWzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGEyNWFhZmUzYTk4NzBlOTUyNGFmYTAyNjU5ODdlZDVhNWE0ZGEzMB4XDTIyMDQy
NjEyMTUzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2RmNzA1Y2Q4YTc4
YWIxYWUyYTk0OTIzNTk0MTZkMTAxYmI5ODMzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALewrn0tYXnpl4Q+bHFXk6ZDQYvbXZsSIRvXbFPsK8IGzGJV
x5uoscsAdxycfICozmMPkttUAaEQWg3tTkDYLsKCdZioJCpTKpWhot0Hn0VA+drF
xN22iMi/w9ebBnaaiILmy57qhb+FKQ+xBbHF8Feg8Ti+KP516Hgs6dKTVDMvbQSP
iuXENfbK4Cnt88NEv712fyZECmp4mt7TTGsoghyuZFga8JQ+zNQeQdYZMc3HqeZX
pRZ3KMMjuc1u6iDvExMDSwkPrlwTpBCoz6Vo2aZ8lrkuqa/Z5kqwaDXuWswbbaWl
Avh+YJQF9KsMgYiNe+JhLhRDisCKwgOroBy9DxcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR99wXNinirGuKpSSNZQW0QG7mDMDAfBgNVHSMEGDAWgBStolqv46mHDpUk
r6AmWYftWlpNozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JhSmFyLU9waHc2VkpLLWdKbG1IN1ZwYVRhTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvODEwZDI0LWFjYmUtNGNiMi05YWM1LTlkNTg3NWQ4NjM3My8x
L2ZmY0Z6WXA0cXhyaXFVa2pXVUZ0RUJ1NWd6QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
ODEwZDI0LWFjYmUtNGNiMi05YWM1LTlkNTg3NWQ4NjM3My8xL3JhSmFyLU9waHc2
VkpLLWdKbG1IN1ZwYVRhTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcHIEDANBgkqhkiG9w0BAQsFAAOC
AQEAL5UqaJTWoPeKFJjNH7+ZsFbyJDyNYSw3Wj/zu0t5hq7ftcrYCZ6LBIRu8WVy
y28/Gk45MfLHeWbmO5L+O9pfsjE2sKE2OpLAbh7Qd5a52LxNBtmdWkMkYiDsY6fS
qty3T0nAl9vOfu8rrh4X7czsQ1MhGOlLt/xjLWYSUw96/60OgIwj85lwjWMSeb6k
ioawMj3vgvbSP3J39SKqIP3YJMpw8M2+zVwkWtMQpZ0kvEgClGy47MDADRJIv/Qc
JeDGh3nBUL4XJmY5dXBKIlD14Iz3BqrUV4gLNAjkQOlbT/m8fR3iOkXvjp3ajyTD
IFxv6euk0wuOdrGSPYG1fLkd4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:01 2024 by rpki-client on console-fra.rpki-client.org