Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/q-4jg5ac_bp41LE5wVzUmw0DHm8.roa
File: q-4jg5ac_bp41LE5wVzUmw0DHm8.roa (raw, json)
Hash identifier: GUxjvlK0o8KwGghl7IY29o0pR+o4SO2jSMS+jj/BSS4=
Subject key identifier: AB:EE:23:83:96:9C:FD:BA:78:D4:B1:39:C1:5C:D4:9B:0D:03:1E:6F
Certificate issuer: /CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Certificate serial: 018570429867C05D0300B367D0BFAE8D7BA1
Authority key identifier: AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/q-4jg5ac_bp41LE5wVzUmw0DHm8.roa
Signing time: Mon 02 Jan 2023 02:14:50 +0000
ROA not before: Mon 02 Jan 2023 02:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 45.86.230.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:98:67:c0:5d:03:00:b3:67:d0:bf:ae:8d:7b:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Validity
Not Before: Jan 2 02:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abee2383969cfdba78d4b139c15cd49b0d031e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:74:01:32:36:60:80:13:af:b7:ee:af:e5:b2:
70:e2:74:3d:9c:fe:01:67:a8:7c:af:01:c1:43:3a:
ba:68:bc:88:be:35:a9:87:d9:34:10:35:46:dc:32:
de:17:a2:15:de:d9:5b:32:57:8b:0d:35:33:2c:4f:
7e:36:40:0e:54:0b:25:78:29:a9:ef:ce:4d:88:e7:
2c:1b:87:ef:95:54:53:df:b4:b5:f1:00:14:0b:0c:
e7:00:a2:e3:f3:50:18:f0:a3:6a:f3:79:a7:5b:91:
e5:9d:c5:f8:0a:56:93:41:e3:5b:3c:13:11:0e:7d:
8f:e4:45:8b:25:4e:a8:2e:fe:43:bd:bc:17:aa:88:
98:1a:66:e3:ac:9d:e8:84:53:d8:a3:3a:f6:3e:c0:
d0:9b:3c:68:1e:2f:57:3b:dd:8e:0b:66:d7:2b:1f:
25:3c:f9:bf:67:34:20:08:ce:af:02:73:68:88:a6:
c8:35:58:fb:69:61:d6:02:89:75:3e:df:46:6a:00:
42:dc:71:f3:75:6f:c4:cd:1a:81:6d:79:57:66:54:
06:65:3d:29:73:17:44:32:66:95:67:20:c3:7d:8c:
3d:40:ba:0d:02:e1:0e:b9:94:f9:26:bb:6d:07:8c:
68:4e:fa:c7:0b:8d:f2:2c:32:2b:d6:dd:a4:12:04:
c4:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:EE:23:83:96:9C:FD:BA:78:D4:B1:39:C1:5C:D4:9B:0D:03:1E:6F
X509v3 Authority Key Identifier:
keyid:AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/q-4jg5ac_bp41LE5wVzUmw0DHm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/raJar-Ophw6VJK-gJlmH7VpaTaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.230.0/24
Signature Algorithm: sha256WithRSAEncryption
16:13:c6:a6:de:d8:2b:9a:ba:d0:b7:fc:30:9a:99:40:e7:5c:
c0:31:0e:22:14:97:ca:18:ef:d8:cc:3d:b7:64:41:22:e1:b2:
3b:3e:92:4d:35:dd:6b:2f:ed:14:43:97:69:3f:03:96:a4:d3:
89:0e:07:e5:9c:fd:4b:b8:11:64:8d:ab:5c:2b:b3:14:dd:e1:
31:49:c8:7f:5d:a5:3b:1f:db:0b:12:c2:25:21:2c:83:81:66:
dc:60:5a:16:9d:59:86:b8:49:dc:78:b8:e8:fa:58:46:bc:3a:
f2:48:15:4e:85:29:18:7f:5d:65:9e:f1:73:16:05:f8:e2:8e:
8b:05:f8:a6:45:0e:45:0c:31:99:01:97:31:69:4b:4e:21:1a:
e0:14:16:3a:2c:34:78:c5:a6:ea:b9:2a:85:1b:48:6e:14:0f:
33:0f:48:49:46:b3:c9:63:d7:90:90:8a:5c:14:9f:78:bb:ee:
c7:85:b0:23:33:df:30:ba:bd:53:bc:25:72:81:99:ce:25:0c:
bf:21:aa:cb:dc:56:4e:df:81:8f:ec:40:72:b5:3e:3b:a8:47:
e1:61:ae:e7:f2:c5:01:17:b0:04:f6:d3:db:bd:f2:1f:94:a4:
f3:24:c0:6e:cc:9c:12:26:ca:a0:9d:b6:a2:6c:70:61:f8:bd:
65:dd:b2:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQphnwF0DALNn0L+ujXuhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTI1YWFmZTNhOTg3MGU5NTI0YWZhMDI2NTk4N2VkNWE1
YTRkYTMwHhcNMjMwMTAyMDIxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmVlMjM4Mzk2OWNmZGJhNzhkNGIxMzljMTVjZDQ5YjBkMDMxZTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnQBMjZggBOvt+6v5bJw4nQ9nP4B
Z6h8rwHBQzq6aLyIvjWph9k0EDVG3DLeF6IV3tlbMleLDTUzLE9+NkAOVAsleCmp
785NiOcsG4fvlVRT37S18QAUCwznAKLj81AY8KNq83mnW5HlncX4ClaTQeNbPBMR
Dn2P5EWLJU6oLv5DvbwXqoiYGmbjrJ3ohFPYozr2PsDQmzxoHi9XO92OC2bXKx8l
PPm/ZzQgCM6vAnNoiKbINVj7aWHWAol1Pt9GagBC3HHzdW/EzRqBbXlXZlQGZT0p
cxdEMmaVZyDDfYw9QLoNAuEOuZT5JrttB4xoTvrHC43yLDIr1t2kEgTE9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKvuI4OWnP26eNSxOcFc1JsNAx5vMB8GA1UdIwQY
MBaAFK2iWq/jqYcOlSSvoCZZh+1aWk2jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUt
OWQ1ODc1ZDg2MzczLzEvcS00amc1YWNfYnA0MUxFNXdWelVtdzBESG04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUtOWQ1ODc1ZDg2Mzcz
LzEvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVbmMA0G
CSqGSIb3DQEBCwUAA4IBAQAWE8am3tgrmrrQt/wwmplA51zAMQ4iFJfKGO/YzD23
ZEEi4bI7PpJNNd1rL+0UQ5dpPwOWpNOJDgflnP1LuBFkjatcK7MU3eExSch/XaU7
H9sLEsIlISyDgWbcYFoWnVmGuEnceLjo+lhGvDrySBVOhSkYf11lnvFzFgX44o6L
BfimRQ5FDDGZAZcxaUtOIRrgFBY6LDR4xabquSqFG0huFA8zD0hJRrPJY9eQkIpc
FJ94u+7HhbAjM98wur1TvCVygZnOJQy/IarL3FZO34GP7EBytT47qEfhYa7n8sUB
F7AE9tPbvfIflKTzJMBuzJwSJsqgnbaibHBh+L1l3bKX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:41 2024 by rpki-client on console-ams.rpki-client.org