Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2fbf83-b28b-4d36-b118-eb1086075167/1/HfrF4qrVmtVnrLQRmysmd_MZF48.roa
File: HfrF4qrVmtVnrLQRmysmd_MZF48.roa (raw, json)
Hash identifier: yKYP++MSQmBZ90XZXQAMzTnkleoV0i3HBi/lMczXDII=
Subject key identifier: 1D:FA:C5:E2:AA:D5:9A:D5:67:AC:B4:11:9B:2B:26:77:F3:19:17:8F
Certificate issuer: /CN=6827dc221544fc74215112a5812de196a2872e86
Certificate serial: 0186273858A6C043D46889EAE8F9E9CB31DC
Authority key identifier: 68:27:DC:22:15:44:FC:74:21:51:12:A5:81:2D:E1:96:A2:87:2E:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCfcIhVE_HQhURKlgS3hlqKHLoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/2fbf83-b28b-4d36-b118-eb1086075167/1/HfrF4qrVmtVnrLQRmysmd_MZF48.roa
Signing time: Mon 06 Feb 2023 14:54:09 +0000
ROA not before: Mon 06 Feb 2023 14:54:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12616
IP address blocks: 195.128.50.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:27:38:58:a6:c0:43:d4:68:89:ea:e8:f9:e9:cb:31:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6827dc221544fc74215112a5812de196a2872e86
Validity
Not Before: Feb 6 14:54:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1dfac5e2aad59ad567acb4119b2b2677f319178f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:db:c6:5e:7f:a0:49:f9:7f:8c:11:86:8c:e1:
c2:20:d3:7c:03:c2:bf:6b:2f:01:de:2c:cd:06:71:
df:45:6f:48:e5:fb:42:93:f9:6a:f2:8b:88:7e:ae:
26:6c:a6:2a:fe:8d:01:49:b9:0c:43:17:27:47:6d:
fd:c2:9b:14:d5:33:cf:14:9d:34:8e:6f:65:1e:a8:
d7:a5:11:ac:c2:c7:62:e7:31:b1:69:c7:1a:09:41:
23:6c:41:e4:66:71:f6:ea:06:3b:7f:51:ca:8a:a8:
0f:30:6c:e4:17:df:aa:99:01:83:06:ac:ef:3b:3b:
08:47:6b:f2:a7:d3:fb:ee:41:46:38:cb:6d:b5:83:
f3:17:0c:cd:a1:ea:76:11:5c:1b:1d:36:4b:db:05:
2b:fb:19:b8:4f:20:dd:1a:c2:43:b3:e4:3c:53:32:
3f:32:af:28:4e:6c:a5:2e:b2:47:90:51:03:c0:06:
58:4a:a3:db:e4:ca:bb:74:fe:a7:6c:0d:6c:17:16:
71:c3:71:ca:55:13:fb:cb:7f:26:f4:4a:52:4a:ba:
75:83:fb:c2:94:71:4d:ba:8f:22:3a:45:5c:42:f8:
04:c0:8b:59:b0:be:f1:ca:96:16:9f:87:65:1f:cb:
83:df:81:28:2b:a5:80:c8:c0:44:19:19:99:60:cd:
aa:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FA:C5:E2:AA:D5:9A:D5:67:AC:B4:11:9B:2B:26:77:F3:19:17:8F
X509v3 Authority Key Identifier:
keyid:68:27:DC:22:15:44:FC:74:21:51:12:A5:81:2D:E1:96:A2:87:2E:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCfcIhVE_HQhURKlgS3hlqKHLoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2fbf83-b28b-4d36-b118-eb1086075167/1/HfrF4qrVmtVnrLQRmysmd_MZF48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2fbf83-b28b-4d36-b118-eb1086075167/1/aCfcIhVE_HQhURKlgS3hlqKHLoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.50.0/24
Signature Algorithm: sha256WithRSAEncryption
30:2f:40:56:2b:14:d4:f7:d9:99:01:3f:6e:75:ff:c9:cd:f0:
87:16:2b:2d:f6:42:8a:5a:67:39:00:68:84:f0:cf:d8:c4:79:
c0:3d:cd:05:87:02:ba:42:bc:41:04:bb:d5:36:b1:40:74:d7:
9b:07:5d:60:a0:34:a3:25:6e:93:45:16:85:7c:80:ba:9f:13:
46:ab:dc:8c:6b:0c:c5:5d:64:51:38:60:0d:e6:5a:5c:2c:52:
e3:3d:ef:52:f7:83:52:a0:2b:07:cb:9d:21:00:04:81:0c:9c:
6c:46:c3:84:0f:9c:1a:d3:01:40:73:d8:b8:d2:2b:a2:53:c4:
76:b5:58:38:4c:64:ab:1f:16:37:f1:23:cc:65:93:1a:01:6b:
93:c6:ac:c2:0e:11:f4:bb:78:94:35:6f:11:70:a9:32:51:80:
22:5f:0b:92:f7:f1:ed:e5:81:01:da:6b:f7:d2:7c:3c:2b:90:
39:2c:62:2c:cc:82:d6:0f:ad:4b:e5:6f:d8:97:1b:e1:fd:b5:
f7:68:28:6e:7f:49:f2:e4:0f:8d:5e:94:a7:ff:f7:14:7a:53:
bf:0a:4d:d1:d3:e3:18:2d:27:88:63:c8:57:11:8a:18:6b:8e:
da:55:53:58:b2:94:d3:87:4e:4a:2a:d8:77:87:44:18:fb:0f:
4a:3d:43:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYnOFimwEPUaInq6PnpyzHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MjdkYzIyMTU0NGZjNzQyMTUxMTJhNTgxMmRlMTk2YTI4
NzJlODYwHhcNMjMwMjA2MTQ1NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGZhYzVlMmFhZDU5YWQ1NjdhY2I0MTE5YjJiMjY3N2YzMTkxNzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdvGXn+gSfl/jBGGjOHCINN8A8K/
ay8B3izNBnHfRW9I5ftCk/lq8ouIfq4mbKYq/o0BSbkMQxcnR239wpsU1TPPFJ00
jm9lHqjXpRGswsdi5zGxaccaCUEjbEHkZnH26gY7f1HKiqgPMGzkF9+qmQGDBqzv
OzsIR2vyp9P77kFGOMtttYPzFwzNoep2EVwbHTZL2wUr+xm4TyDdGsJDs+Q8UzI/
Mq8oTmylLrJHkFEDwAZYSqPb5Mq7dP6nbA1sFxZxw3HKVRP7y38m9EpSSrp1g/vC
lHFNuo8iOkVcQvgEwItZsL7xypYWn4dlH8uD34EoK6WAyMBEGRmZYM2q6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB36xeKq1ZrVZ6y0EZsrJnfzGRePMB8GA1UdIwQY
MBaAFGgn3CIVRPx0IVESpYEt4Zaihy6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUNmY0loVkVfSFFoVVJLbGdTM2hscUtITG9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZmJmODMtYjI4Yi00ZDM2LWIxMTgt
ZWIxMDg2MDc1MTY3LzEvSGZyRjRxclZtdFZuckxRUm15c21kX01aRjQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZmJmODMtYjI4Yi00ZDM2LWIxMTgtZWIxMDg2MDc1MTY3
LzEvYUNmY0loVkVfSFFoVVJLbGdTM2hscUtITG9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4AyMA0G
CSqGSIb3DQEBCwUAA4IBAQAwL0BWKxTU99mZAT9udf/JzfCHFist9kKKWmc5AGiE
8M/YxHnAPc0FhwK6QrxBBLvVNrFAdNebB11goDSjJW6TRRaFfIC6nxNGq9yMawzF
XWRROGAN5lpcLFLjPe9S94NSoCsHy50hAASBDJxsRsOED5wa0wFAc9i40iuiU8R2
tVg4TGSrHxY38SPMZZMaAWuTxqzCDhH0u3iUNW8RcKkyUYAiXwuS9/Ht5YEB2mv3
0nw8K5A5LGIszILWD61L5W/Ylxvh/bX3aChuf0ny5A+NXpSn//cUelO/Ck3R0+MY
LSeIY8hXEYoYa47aVVNYspTTh05KKth3h0QY+w9KPUMV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:53 2024 by rpki-client on console-ams.rpki-client.org