Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/l7bmWx9bu90-be17n_ncjUqxTH4.roa
File: l7bmWx9bu90-be17n_ncjUqxTH4.roa (raw, json)
Hash identifier: TN4Wi4P2HhP4UZ9jRE5vgKMVxqd6WrsqRrzbc7ndcQ8=
Subject key identifier: 97:B6:E6:5B:1F:5B:BB:DD:3E:6D:ED:7B:9F:F9:DC:8D:4A:B1:4C:7E
Certificate issuer: /CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Certificate serial: 0189DEB19186E92C8413B32278B7185E22F5
Authority key identifier: AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/l7bmWx9bu90-be17n_ncjUqxTH4.roa
Signing time: Thu 10 Aug 2023 09:05:26 +0000
ROA not before: Thu 10 Aug 2023 09:05:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62005
IP address blocks: 193.200.16.0/23 maxlen: 24
45.86.229.0/24 maxlen: 24
45.86.231.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:de:b1:91:86:e9:2c:84:13:b3:22:78:b7:18:5e:22:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Validity
Not Before: Aug 10 09:05:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97b6e65b1f5bbbdd3e6ded7b9ff9dc8d4ab14c7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a2:8f:ab:66:5f:a3:1e:0b:c5:99:ea:2d:27:
9b:76:7f:52:91:45:d2:c5:3c:d9:15:e1:ee:35:b5:
f5:35:bd:5c:f1:61:78:33:04:c1:c5:87:32:20:9a:
17:12:91:49:80:9f:eb:92:15:43:25:07:92:b0:9f:
db:8a:90:64:85:31:88:0a:08:fc:46:b4:0f:b1:84:
f7:5e:4c:78:01:11:2a:11:e6:10:d9:50:f8:38:87:
bb:da:df:01:46:bb:c3:ff:c0:7d:08:d1:6e:d8:01:
86:bd:b7:0c:44:0c:61:9f:a0:a7:e1:38:d3:80:a2:
ef:70:eb:27:5b:e3:c8:50:9f:17:a2:1e:0d:bd:20:
8a:72:ab:02:2b:5d:e8:0b:34:7a:51:38:f6:91:20:
85:e4:bd:e6:27:91:9b:67:88:39:ad:83:7f:c5:3c:
d7:14:d9:d9:75:6c:aa:78:09:58:92:a3:70:70:bc:
4e:71:88:da:07:8d:72:37:80:46:f6:af:53:32:d4:
2a:64:34:b7:22:c7:3d:4d:83:af:34:ef:6a:3d:89:
c7:fb:be:e3:93:bb:69:54:ca:d4:83:1e:53:35:3b:
34:dc:2b:24:0c:3d:bf:6b:8d:4b:fb:ab:02:ad:fb:
53:09:9b:9d:b0:40:1c:4c:9a:4f:f5:9f:c8:1a:60:
96:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B6:E6:5B:1F:5B:BB:DD:3E:6D:ED:7B:9F:F9:DC:8D:4A:B1:4C:7E
X509v3 Authority Key Identifier:
keyid:AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/l7bmWx9bu90-be17n_ncjUqxTH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/raJar-Ophw6VJK-gJlmH7VpaTaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.229.0/24
45.86.231.0/24
193.200.16.0/23
Signature Algorithm: sha256WithRSAEncryption
65:9a:05:95:88:32:7e:04:75:a9:ff:2e:62:99:91:71:52:c4:
a7:ba:21:ff:0e:96:59:0a:f1:8f:ef:26:ff:9f:c9:7a:9d:de:
44:84:d4:a6:81:73:54:ff:6f:b7:a4:78:39:1a:62:f6:f0:92:
d2:28:19:7f:00:46:62:f3:26:ef:d7:c6:60:d9:f6:35:55:78:
43:c4:94:72:1d:ed:49:de:72:8b:4e:e7:9b:97:b3:6f:2e:12:
cc:fa:1d:61:23:c6:9e:67:67:11:db:89:13:32:ad:4c:d6:39:
12:cb:03:5b:38:29:d1:1e:85:be:64:85:3c:67:ae:c8:d7:96:
7e:7e:be:dd:d4:8b:65:e8:28:ae:87:97:64:60:7c:4e:1f:3e:
4c:36:31:72:22:3a:4a:d4:db:47:7f:7a:f9:34:74:b4:82:82:
8a:10:39:21:a7:dc:7f:3b:4d:5d:4f:fa:c9:87:58:d1:d6:81:
a3:10:cd:ac:15:03:a5:b2:e0:74:e5:be:2a:82:ce:f6:ef:bd:
f8:a6:85:bd:eb:1d:52:84:76:ff:8c:85:03:61:5d:87:10:ed:
91:c9:8e:d2:69:8c:04:e4:7b:86:db:d3:85:9e:d0:ab:d6:60:
3f:68:14:ba:bb:71:25:47:6f:bc:26:34:08:9c:ae:fb:44:73:
41:c8:a3:90
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnesZGG6SyEE7MieLcYXiL1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTI1YWFmZTNhOTg3MGU5NTI0YWZhMDI2NTk4N2VkNWE1
YTRkYTMwHhcNMjMwODEwMDkwNTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2I2ZTY1YjFmNWJiYmRkM2U2ZGVkN2I5ZmY5ZGM4ZDRhYjE0YzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6KPq2Zfox4LxZnqLSebdn9SkUXS
xTzZFeHuNbX1Nb1c8WF4MwTBxYcyIJoXEpFJgJ/rkhVDJQeSsJ/bipBkhTGICgj8
RrQPsYT3Xkx4AREqEeYQ2VD4OIe72t8BRrvD/8B9CNFu2AGGvbcMRAxhn6Cn4TjT
gKLvcOsnW+PIUJ8Xoh4NvSCKcqsCK13oCzR6UTj2kSCF5L3mJ5GbZ4g5rYN/xTzX
FNnZdWyqeAlYkqNwcLxOcYjaB41yN4BG9q9TMtQqZDS3Isc9TYOvNO9qPYnH+77j
k7tpVMrUgx5TNTs03CskDD2/a41L+6sCrftTCZudsEAcTJpP9Z/IGmCWtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJe25lsfW7vdPm3te5/53I1KsUx+MB8GA1UdIwQY
MBaAFK2iWq/jqYcOlSSvoCZZh+1aWk2jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUt
OWQ1ODc1ZDg2MzczLzEvbDdibVd4OWJ1OTAtYmUxN25fbmNqVXF4VEg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUtOWQ1ODc1ZDg2Mzcz
LzEvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVblAwQA
LVbnAwQBwcgQMA0GCSqGSIb3DQEBCwUAA4IBAQBlmgWViDJ+BHWp/y5imZFxUsSn
uiH/DpZZCvGP7yb/n8l6nd5EhNSmgXNU/2+3pHg5GmL28JLSKBl/AEZi8ybv18Zg
2fY1VXhDxJRyHe1J3nKLTuebl7NvLhLM+h1hI8aeZ2cR24kTMq1M1jkSywNbOCnR
HoW+ZIU8Z67I15Z+fr7d1Itl6Ciuh5dkYHxOHz5MNjFyIjpK1NtHf3r5NHS0goKK
EDkhp9x/O01dT/rJh1jR1oGjEM2sFQOlsuB05b4qgs727734poW96x1ShHb/jIUD
YV2HEO2RyY7SaYwE5HuG29OFntCr1mA/aBS6u3ElR2+8JjQInK77RHNByKOQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:41 2024 by rpki-client on console-ams.rpki-client.org