Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/l8SkAjbEu4Omhrtx9GcU4FuWAkE.roa
File: l8SkAjbEu4Omhrtx9GcU4FuWAkE.roa (raw, json)
Hash identifier: ofoE8nEB6ReREiM4F1VUskRMXoCrni6p9er8Age+hj4=
Subject key identifier: 97:C4:A4:02:36:C4:BB:83:A6:86:BB:71:F4:67:14:E0:5B:96:02:41
Certificate issuer: /CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Certificate serial: 0189F3CABA23F0245692057D10E22288D8F9
Authority key identifier: AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/l8SkAjbEu4Omhrtx9GcU4FuWAkE.roa
Signing time: Mon 14 Aug 2023 11:24:56 +0000
ROA not before: Mon 14 Aug 2023 11:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62005
IP address blocks: 193.200.16.0/23 maxlen: 24
45.86.231.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f3:ca:ba:23:f0:24:56:92:05:7d:10:e2:22:88:d8:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Validity
Not Before: Aug 14 11:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97c4a40236c4bb83a686bb71f46714e05b960241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:78:c5:01:d5:17:9d:81:58:6c:83:ff:e2:23:
de:f4:88:cb:db:2b:fd:31:15:1c:86:5a:18:d6:90:
ed:f8:5a:33:0b:bf:f6:6e:24:64:f7:64:61:d3:49:
95:db:0b:4f:0e:55:0b:e0:d9:7c:94:4c:45:0c:d1:
0f:38:db:40:73:5f:02:06:4a:65:27:be:ec:f7:2e:
a7:4c:ac:5f:eb:90:8d:ba:6e:7b:ed:96:d1:10:f8:
32:0c:4b:f9:0b:e2:e5:11:c1:35:f3:dd:19:21:47:
42:35:e1:d2:99:07:a6:6f:58:8b:e0:29:98:e6:d2:
2d:4d:c1:d6:67:f0:71:7c:d6:19:cf:70:30:bd:f0:
90:34:fe:69:3e:f6:17:19:26:67:ba:1a:99:00:96:
9e:e9:71:0b:a4:69:90:f2:fd:7a:a3:47:f4:48:33:
b8:5a:f1:4b:28:d7:1e:c0:fe:13:c7:96:74:58:f1:
36:e3:e3:d1:31:63:c3:c7:e7:fa:a9:64:e7:b9:d6:
f9:44:83:04:fb:d1:a6:a7:1e:43:b6:62:1b:2f:91:
e4:0d:b8:50:09:f4:a3:a5:72:33:59:2b:14:2e:44:
35:70:ad:dc:6e:2b:6a:5d:8d:2e:3a:fb:01:31:d0:
ab:d5:26:4a:66:65:0c:2a:4d:0c:9b:40:55:9e:31:
19:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C4:A4:02:36:C4:BB:83:A6:86:BB:71:F4:67:14:E0:5B:96:02:41
X509v3 Authority Key Identifier:
keyid:AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/l8SkAjbEu4Omhrtx9GcU4FuWAkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/raJar-Ophw6VJK-gJlmH7VpaTaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.231.0/24
193.200.16.0/23
Signature Algorithm: sha256WithRSAEncryption
30:80:79:cf:4e:e5:12:f5:20:bd:5d:d8:29:07:a2:4c:c0:8b:
80:6f:3c:cf:fa:ca:0f:15:e1:60:37:92:db:23:c8:4a:d9:8d:
61:9f:3f:13:b0:0f:a3:17:c5:b6:a8:60:48:6a:f4:b8:d6:b8:
c6:14:a6:b4:6b:ba:42:76:55:05:dc:2f:b7:03:3e:7f:31:db:
03:39:6a:33:70:37:17:3f:1d:1e:50:2b:42:06:c5:3b:a4:31:
83:6f:3e:c0:d4:d0:7a:1f:9a:64:33:e1:22:46:fc:c1:79:f1:
f4:a1:ce:8a:2a:af:3d:cc:f1:14:3e:ba:00:5c:a2:ab:a4:c0:
77:08:af:6b:61:be:9f:9f:48:14:f7:bf:ee:0c:65:28:c5:e6:
63:ed:c4:8e:8a:c1:41:61:6b:e6:41:58:7d:78:ac:1c:59:cc:
6b:35:8b:e3:b3:60:e1:6c:83:c8:5c:1c:83:93:aa:e3:67:d5:
b3:cf:69:82:bb:a5:c5:56:59:61:68:09:ff:8a:f3:65:fc:75:
e7:fc:74:c4:64:b0:51:67:b3:48:ee:fb:48:b6:a9:b0:d0:f8:
9b:a6:05:e1:93:12:27:cf:0d:c4:a2:2a:c8:45:50:26:f0:f1:
11:fc:ab:9d:27:38:2c:29:7b:ce:8a:b3:78:d6:d1:4c:03:7a:
b8:46:93:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnzyroj8CRWkgV9EOIiiNj5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTI1YWFmZTNhOTg3MGU5NTI0YWZhMDI2NTk4N2VkNWE1
YTRkYTMwHhcNMjMwODE0MTEyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2M0YTQwMjM2YzRiYjgzYTY4NmJiNzFmNDY3MTRlMDViOTYwMjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHjFAdUXnYFYbIP/4iPe9IjL2yv9
MRUchloY1pDt+FozC7/2biRk92Rh00mV2wtPDlUL4Nl8lExFDNEPONtAc18CBkpl
J77s9y6nTKxf65CNum577ZbREPgyDEv5C+LlEcE1890ZIUdCNeHSmQemb1iL4CmY
5tItTcHWZ/BxfNYZz3AwvfCQNP5pPvYXGSZnuhqZAJae6XELpGmQ8v16o0f0SDO4
WvFLKNcewP4Tx5Z0WPE24+PRMWPDx+f6qWTnudb5RIME+9Gmpx5DtmIbL5HkDbhQ
CfSjpXIzWSsULkQ1cK3cbitqXY0uOvsBMdCr1SZKZmUMKk0Mm0BVnjEZdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJfEpAI2xLuDpoa7cfRnFOBblgJBMB8GA1UdIwQY
MBaAFK2iWq/jqYcOlSSvoCZZh+1aWk2jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUt
OWQ1ODc1ZDg2MzczLzEvbDhTa0FqYkV1NE9taHJ0eDlHY1U0RnVXQWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUtOWQ1ODc1ZDg2Mzcz
LzEvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVbnAwQB
wcgQMA0GCSqGSIb3DQEBCwUAA4IBAQAwgHnPTuUS9SC9XdgpB6JMwIuAbzzP+soP
FeFgN5LbI8hK2Y1hnz8TsA+jF8W2qGBIavS41rjGFKa0a7pCdlUF3C+3Az5/MdsD
OWozcDcXPx0eUCtCBsU7pDGDbz7A1NB6H5pkM+EiRvzBefH0oc6KKq89zPEUProA
XKKrpMB3CK9rYb6fn0gU97/uDGUoxeZj7cSOisFBYWvmQVh9eKwcWcxrNYvjs2Dh
bIPIXByDk6rjZ9Wzz2mCu6XFVllhaAn/ivNl/HXn/HTEZLBRZ7NI7vtItqmw0Pib
pgXhkxInzw3EoirIRVAm8PER/KudJzgsKXvOirN41tFMA3q4RpN0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:01 2024 by rpki-client on console-fra.rpki-client.org