Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/J7PjH9i12wHkbvf4-JJpQrgYWUI.roa
File: J7PjH9i12wHkbvf4-JJpQrgYWUI.roa (raw, json)
Hash identifier: gG8ch1Q7O/miAiDTIlsWuMhaJJnKsK1geUM/yRItJrc=
Subject key identifier: 27:B3:E3:1F:D8:B5:DB:01:E4:6E:F7:F8:F8:92:69:42:B8:18:59:42
Certificate issuer: /CN=91d8c32a703972aaea093a01f8dedf57f9675575
Certificate serial: 0995A022
Authority key identifier: 91:D8:C3:2A:70:39:72:AA:EA:09:3A:01:F8:DE:DF:57:F9:67:55:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdjDKnA5cqrqCToB-N7fV_lnVXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/J7PjH9i12wHkbvf4-JJpQrgYWUI.roa
Signing time: Sat 01 Jan 2022 09:56:32 +0000
ROA not before: Sat 01 Jan 2022 09:56:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41887
IP address blocks: 81.23.231.0/24 maxlen: 24
81.23.230.0/24 maxlen: 24
81.23.230.0/23 maxlen: 23
81.173.34.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160800802 (0x995a022)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d8c32a703972aaea093a01f8dedf57f9675575
Validity
Not Before: Jan 1 09:56:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=27b3e31fd8b5db01e46ef7f8f8926942b8185942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:15:d6:5f:e9:95:8b:5f:97:a9:9a:9e:b2:5a:
e8:e6:42:49:7a:2a:33:0a:61:1a:cf:7c:2c:0f:ec:
9c:a2:2d:da:1d:d9:06:a6:6b:ee:9a:aa:13:b4:fc:
b9:ae:31:c8:9c:f8:9f:3a:f6:75:e1:f3:ee:ca:4b:
3a:09:4e:41:45:17:f2:cb:4a:eb:5c:cf:12:76:29:
ef:4b:d4:38:51:a5:35:22:28:2d:d0:0d:73:a6:5a:
f5:97:8f:3b:8b:61:2c:66:f5:76:f2:ef:25:73:68:
a8:93:4a:9e:17:d8:12:2a:de:dc:b6:3a:b6:ce:c2:
21:47:a9:00:2f:74:b1:60:f8:d9:5d:26:5e:4a:e6:
3a:65:43:b1:a6:7a:7f:da:3c:e0:67:c5:d9:2a:bf:
b5:a5:e5:34:cb:0d:c5:05:86:e2:51:24:84:2e:38:
9e:71:77:48:e6:fa:2d:7f:90:32:f8:d8:60:35:f2:
9a:46:2d:56:b4:5a:b3:e9:36:35:b1:73:6e:15:ca:
a2:a6:0c:d3:a2:fc:b4:08:78:fd:80:d5:1a:18:f0:
f8:0e:97:09:9c:ad:a6:bd:bb:2f:e6:24:ec:1a:c3:
28:53:65:90:63:61:3f:40:07:90:cc:7c:7f:c0:f9:
40:7d:37:46:b5:39:d0:e1:8f:0a:b2:f4:8d:9f:e7:
25:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:B3:E3:1F:D8:B5:DB:01:E4:6E:F7:F8:F8:92:69:42:B8:18:59:42
X509v3 Authority Key Identifier:
keyid:91:D8:C3:2A:70:39:72:AA:EA:09:3A:01:F8:DE:DF:57:F9:67:55:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdjDKnA5cqrqCToB-N7fV_lnVXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/J7PjH9i12wHkbvf4-JJpQrgYWUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/kdjDKnA5cqrqCToB-N7fV_lnVXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.23.230.0/23
81.173.34.0/24
Signature Algorithm: sha256WithRSAEncryption
84:c1:9b:f4:74:09:38:3b:f1:d9:73:97:d3:33:03:91:57:65:
23:a5:c2:8c:05:ac:94:cb:8a:46:81:68:ee:b7:f5:75:df:9c:
91:65:ae:b7:5d:f8:6b:e0:22:64:46:ab:08:0b:22:e5:57:36:
ca:fb:50:14:83:92:0b:3c:87:cc:0e:c6:69:1d:f2:25:6d:e6:
34:42:8b:97:8e:6d:c1:3e:cc:46:61:0a:7c:9d:27:0e:63:d9:
d2:98:7a:cb:65:93:ee:01:e2:c9:e2:3a:f6:77:21:cc:7b:2f:
f7:2b:10:cf:04:7d:3f:9f:1d:00:65:3d:05:39:b3:cf:09:45:
e5:79:a1:c3:85:39:77:80:03:e4:50:4e:4e:33:95:6e:89:02:
d0:67:86:58:75:0a:60:f3:54:b8:83:c9:d4:ea:61:d1:08:c3:
3d:3e:6c:cc:55:29:ee:02:4f:bb:c4:0f:8a:d5:6e:d8:4e:5f:
12:df:21:97:57:d0:60:ea:c0:bb:70:62:e1:6f:b5:71:c7:9a:
0d:af:cd:f4:71:91:0a:a5:e7:11:f0:49:40:d4:00:b6:46:6d:
67:f8:14:86:ac:17:8d:13:85:f1:a7:d9:e9:3d:b1:41:8a:b0:
05:42:79:9b:59:19:d1:a4:c8:7e:15:2b:b7:97:cf:32:44:26:
7b:8d:11:e9
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECZWgIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MWQ4YzMyYTcwMzk3MmFhZWEwOTNhMDFmOGRlZGY1N2Y5Njc1NTc1MB4XDTIyMDEw
MTA5NTYzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjdiM2UzMWZkOGI1
ZGIwMWU0NmVmN2Y4Zjg5MjY5NDJiODE4NTk0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMYV1l/plYtfl6manrJa6OZCSXoqMwphGs98LA/snKIt2h3Z
BqZr7pqqE7T8ua4xyJz4nzr2deHz7spLOglOQUUX8stK61zPEnYp70vUOFGlNSIo
LdANc6Za9ZePO4thLGb1dvLvJXNoqJNKnhfYEire3LY6ts7CIUepAC90sWD42V0m
XkrmOmVDsaZ6f9o84GfF2Sq/taXlNMsNxQWG4lEkhC44nnF3SOb6LX+QMvjYYDXy
mkYtVrRas+k2NbFzbhXKoqYM06L8tAh4/YDVGhjw+A6XCZytpr27L+Yk7BrDKFNl
kGNhP0AHkMx8f8D5QH03RrU50OGPCrL0jZ/nJQcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQns+Mf2LXbAeRu9/j4kmlCuBhZQjAfBgNVHSMEGDAWgBSR2MMqcDlyquoJ
OgH43t9X+WdVdTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tkakRLbkE1Y3FycUNUb0ItTjdmVl9sblZYVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvNGU4MTZkLWQ4ZWMtNDM3Yy05ODZhLTNjMTI3ODFlMjAyZC8x
L0o3UGpIOWkxMndIa2J2ZjQtSkpwUXJnWVdVSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
NGU4MTZkLWQ4ZWMtNDM3Yy05ODZhLTNjMTI3ODFlMjAyZC8xL2tkakRLbkE1Y3Fy
cUNUb0ItTjdmVl9sblZYVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAVEX5gMEAFGtIjANBgkqhkiG9w0B
AQsFAAOCAQEAhMGb9HQJODvx2XOX0zMDkVdlI6XCjAWslMuKRoFo7rf1dd+ckWWu
t134a+AiZEarCAsi5Vc2yvtQFIOSCzyHzA7GaR3yJW3mNEKLl45twT7MRmEKfJ0n
DmPZ0ph6y2WT7gHiyeI69nchzHsv9ysQzwR9P58dAGU9BTmzzwlF5Xmhw4U5d4AD
5FBOTjOVbokC0GeGWHUKYPNUuIPJ1Oph0QjDPT5szFUp7gJPu8QPitVu2E5fEt8h
l1fQYOrAu3Bi4W+1cceaDa/N9HGRCqXnEfBJQNQAtkZtZ/gUhqwXjROF8afZ6T2x
QYqwBUJ5m1kZ0aTIfhUrt5fPMkQme40R6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:27 2024 by rpki-client on console-ams.rpki-client.org