Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/3ajoy-_IWJFWeprvP3xJGm1DLNY.roa
File: 3ajoy-_IWJFWeprvP3xJGm1DLNY.roa (raw, json)
Hash identifier: d//yRdoHynzSNVnDAhe5X1TugkaIOza2xmVsCxIV7Wo=
Subject key identifier: DD:A8:E8:CB:EF:C8:58:91:56:7A:9A:EF:3F:7C:49:1A:6D:43:2C:D6
Certificate issuer: /CN=a29d9751f3675f51332734da68ea960260045b12
Certificate serial: 0D7B8DBE
Authority key identifier: A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/3ajoy-_IWJFWeprvP3xJGm1DLNY.roa
Signing time: Sat 01 Jan 2022 14:02:13 +0000
ROA not before: Sat 01 Jan 2022 14:02:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207490
IP address blocks: 80.72.16.0/23 maxlen: 32
80.72.26.0/23 maxlen: 32
2a00:8740:500::/40 maxlen: 64
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 226201022 (0xd7b8dbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29d9751f3675f51332734da68ea960260045b12
Validity
Not Before: Jan 1 14:02:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dda8e8cbefc85891567a9aef3f7c491a6d432cd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c7:d8:9f:32:4a:1f:10:68:37:7a:b7:a9:58:
32:55:f4:b3:f1:54:20:5a:b6:e3:51:ae:1f:82:ea:
d4:d7:e2:c2:95:7e:3f:e1:b7:2e:6e:59:47:09:7f:
02:98:29:14:07:88:08:49:da:46:de:2b:81:36:7c:
bb:8e:e8:64:e8:b7:fc:d0:d2:6f:de:97:3e:a7:e5:
65:65:d7:b5:fa:dd:12:7c:2e:e5:f2:9a:40:0b:72:
ff:b5:34:41:b5:31:6f:d3:3a:0e:fa:17:de:58:57:
93:1b:35:b8:30:64:59:56:1c:f3:7f:65:ca:4c:fb:
58:08:f8:05:d7:8b:bc:62:9c:f6:9d:c4:b0:d6:ea:
df:1a:4a:b4:8a:b0:d7:cc:3f:7e:4a:08:1e:1d:54:
2b:2c:90:f9:27:ed:e0:12:8e:93:88:49:96:ee:41:
26:b0:25:07:ce:a0:e1:97:39:dd:e9:2a:a5:5d:61:
a8:cd:3f:bd:84:2b:65:6f:d0:3d:ff:cc:28:91:53:
62:46:62:76:91:5f:b8:e0:d1:67:65:8c:78:b0:bb:
b7:c2:68:1a:40:f9:1b:ca:7e:e4:22:10:19:1d:1b:
c1:2b:aa:57:0f:fc:68:a5:bd:a2:de:68:17:2b:6f:
37:c4:fa:c7:a9:56:8c:6c:e9:92:5d:b3:55:ab:9f:
a1:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A8:E8:CB:EF:C8:58:91:56:7A:9A:EF:3F:7C:49:1A:6D:43:2C:D6
X509v3 Authority Key Identifier:
keyid:A2:9D:97:51:F3:67:5F:51:33:27:34:DA:68:EA:96:02:60:04:5B:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op2XUfNnX1EzJzTaaOqWAmAEWxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/3ajoy-_IWJFWeprvP3xJGm1DLNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e64398-9601-4b7c-b783-079ba0570f75/1/op2XUfNnX1EzJzTaaOqWAmAEWxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.16.0/23
80.72.26.0/23
IPv6:
2a00:8740:500::/40
Signature Algorithm: sha256WithRSAEncryption
80:9e:07:51:e4:28:5f:5c:bb:9a:fb:0e:73:3e:22:49:f7:e3:
01:fe:a0:fe:75:b8:ee:32:af:c9:12:a4:9b:c4:f4:76:aa:f5:
48:34:d1:5a:a9:92:b5:9f:a2:5b:a7:ff:34:4d:07:a9:b3:47:
11:73:84:7e:c0:d7:01:82:c7:c9:f5:d9:f9:eb:a1:0c:7d:c1:
d5:f2:be:a6:98:e8:1f:b9:7c:0c:f8:16:8b:21:80:26:c1:d0:
f5:32:f0:25:ab:28:fc:94:e7:cb:91:01:ef:1e:70:7c:0e:a7:
30:0f:34:fb:eb:e2:1b:7b:39:88:8e:8e:15:18:ba:9f:b6:2c:
55:81:f1:34:17:1a:b3:01:34:58:ed:b7:b7:8f:a3:92:da:0b:
4a:1e:77:23:a4:2d:52:1b:6f:1d:e9:5b:00:65:4f:d5:02:8e:
8d:44:3a:c3:da:89:10:8f:82:7e:a8:70:ed:9a:ab:04:78:d5:
04:69:41:2f:69:c0:57:c0:41:40:fa:49:df:e8:17:63:ff:7d:
eb:b4:88:17:f1:76:19:cf:fb:e8:8a:e0:bf:fd:52:27:64:db:
63:c6:c4:e4:90:e6:d0:00:5a:cc:2f:08:86:f7:29:80:d0:6b:
2f:d5:e1:05:8f:f7:0a:73:a6:5d:01:05:c2:d0:a4:3a:73:d8:
12:e7:14:d9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEDXuNvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MjlkOTc1MWYzNjc1ZjUxMzMyNzM0ZGE2OGVhOTYwMjYwMDQ1YjEyMB4XDTIyMDEw
MTE0MDIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGRhOGU4Y2JlZmM4
NTg5MTU2N2E5YWVmM2Y3YzQ5MWE2ZDQzMmNkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHH2J8ySh8QaDd6t6lYMlX0s/FUIFq241GuH4Lq1NfiwpV+
P+G3Lm5ZRwl/ApgpFAeICEnaRt4rgTZ8u47oZOi3/NDSb96XPqflZWXXtfrdEnwu
5fKaQAty/7U0QbUxb9M6DvoX3lhXkxs1uDBkWVYc839lykz7WAj4BdeLvGKc9p3E
sNbq3xpKtIqw18w/fkoIHh1UKyyQ+Sft4BKOk4hJlu5BJrAlB86g4Zc53ekqpV1h
qM0/vYQrZW/QPf/MKJFTYkZidpFfuODRZ2WMeLC7t8JoGkD5G8p+5CIQGR0bwSuq
Vw/8aKW9ot5oFytvN8T6x6lWjGzpkl2zVaufoR0CAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBTdqOjL78hYkVZ6mu8/fEkabUMs1jAfBgNVHSMEGDAWgBSinZdR82dfUTMn
NNpo6pYCYARbEjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29wMlhVZk5uWDFFekp6VGFhT3FXQW1BRVd4SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvZTY0Mzk4LTk2MDEtNGI3Yy1iNzgzLTA3OWJhMDU3MGY3NS8x
LzNham95LV9JV0pGV2VwcnZQM3hKR20xRExOWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
ZTY0Mzk4LTk2MDEtNGI3Yy1iNzgzLTA3OWJhMDU3MGY3NS8xL29wMlhVZk5uWDFF
ekp6VGFhT3FXQW1BRVd4SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwEgQCAAEwDAMEAVBIEAMEAVBIGjAOBAIAAjAIAwYA
KgCHQAUwDQYJKoZIhvcNAQELBQADggEBAICeB1HkKF9cu5r7DnM+Ikn34wH+oP51
uO4yr8kSpJvE9Haq9Ug00VqpkrWfolun/zRNB6mzRxFzhH7A1wGCx8n12fnroQx9
wdXyvqaY6B+5fAz4FoshgCbB0PUy8CWrKPyU58uRAe8ecHwOpzAPNPvr4ht7OYiO
jhUYup+2LFWB8TQXGrMBNFjtt7ePo5LaC0oedyOkLVIbbx3pWwBlT9UCjo1EOsPa
iRCPgn6ocO2aqwR41QRpQS9pwFfAQUD6Sd/oF2P/feu0iBfxdhnP++iK4L/9Uidk
22PGxOSQ5tAAWswvCIb3KYDQay/V4QWP9wpzpl0BBcLQpDpz2BLnFNk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:05 2024 by rpki-client on console-fra.rpki-client.org