Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/mfWOnosjegxwJGJ4kHVo-lc2_KM.roa
File: mfWOnosjegxwJGJ4kHVo-lc2_KM.roa (raw, json)
Hash identifier: rlvaIaynYQEkm2083rbYN6pBcI3B966J/QaSjNyzlSw=
Subject key identifier: 99:F5:8E:9E:8B:23:7A:0C:70:24:62:78:90:75:68:FA:57:36:FC:A3
Certificate issuer: /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial: 0189BA081233E5C5197ED6A546621ED728AA
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/mfWOnosjegxwJGJ4kHVo-lc2_KM.roa
Signing time: Thu 03 Aug 2023 06:13:58 +0000
ROA not before: Thu 03 Aug 2023 06:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203061
IP address blocks: 195.225.81.0/24 maxlen: 24
31.223.187.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:08:12:33:e5:c5:19:7e:d6:a5:46:62:1e:d7:28:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Validity
Not Before: Aug 3 06:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99f58e9e8b237a0c70246278907568fa5736fca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:72:44:7a:1d:7b:bb:5c:f9:30:7c:11:fe:ad:
48:d4:9a:c0:37:68:39:79:5c:86:61:10:72:91:35:
76:fb:77:33:0b:29:d5:18:b2:5f:25:77:c4:82:d8:
65:99:b5:fc:7d:2b:58:8a:e1:08:ee:aa:7b:22:53:
4e:52:be:37:3b:87:a5:c3:47:53:d8:b0:08:8c:51:
a0:03:6c:a1:d6:81:09:27:18:0f:98:6e:69:61:0f:
c8:4c:37:e9:84:19:27:49:aa:7a:08:7e:27:cd:a4:
32:a8:c2:78:1a:d9:bc:67:82:42:a4:23:84:a1:e8:
33:c5:65:42:79:36:67:ae:90:c7:4f:b0:eb:db:a9:
db:7a:3e:75:ac:de:e8:0b:49:e4:77:6d:6c:a5:6d:
5a:78:db:cf:d6:24:97:da:db:f6:62:be:bb:28:d2:
de:c9:bc:5b:b3:48:24:b4:ad:c1:e4:2d:37:7e:91:
5d:bb:42:4e:7f:2e:5e:cd:b5:34:eb:b9:d9:00:de:
91:13:6e:03:63:90:15:9a:bd:57:84:5c:1b:21:bf:
d0:37:6f:0d:b6:6a:4b:5e:fd:52:2c:63:30:3b:93:
bf:f0:8a:b9:ab:5d:3a:75:d0:57:79:92:f8:81:84:
59:39:12:0d:5d:ba:e4:15:80:63:14:ad:d9:43:55:
bb:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F5:8E:9E:8B:23:7A:0C:70:24:62:78:90:75:68:FA:57:36:FC:A3
X509v3 Authority Key Identifier:
keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/mfWOnosjegxwJGJ4kHVo-lc2_KM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.187.0/24
195.225.81.0/24
Signature Algorithm: sha256WithRSAEncryption
55:43:3d:85:81:ce:b3:21:0b:46:b0:44:14:f2:6e:91:ed:40:
5b:4a:18:b4:39:f5:3d:97:dc:3d:53:b0:fc:e2:4a:06:fc:58:
79:59:9f:47:77:b9:de:b1:71:66:2d:ac:63:5a:92:39:e1:e5:
93:59:30:ff:a2:93:e8:59:a9:c6:5b:d4:00:da:d5:64:8f:25:
cc:4a:ad:e7:c1:b0:29:c4:29:57:ff:2b:2f:23:85:23:57:12:
ec:7d:66:d1:64:77:d1:b4:a3:02:97:2d:dc:d2:5f:be:d2:c5:
20:70:5d:fc:3d:2d:ca:6f:45:95:9c:12:d5:bd:4d:f6:4a:94:
3d:67:70:05:3e:3d:58:19:84:6c:ff:14:5f:3f:34:cc:16:10:
38:77:ad:8c:00:19:49:e3:22:34:99:79:30:d4:37:61:2c:43:
86:0d:20:a7:a7:3f:b2:44:a6:c5:a6:76:7a:59:d6:11:57:18:
ad:45:ae:20:ad:f2:4d:55:e8:8e:ba:50:3f:39:72:dc:f8:17:
61:10:04:e3:7a:8b:92:23:b4:5d:d7:9b:54:7c:90:ba:63:ec:
13:d6:e7:4c:73:86:bc:5a:89:14:89:33:37:9d:8b:87:3d:8c:
f8:2f:3f:8f:ac:59:52:5d:ac:f0:f9:90:01:5a:50:07:00:87:
a0:2b:1d:1f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYm6CBIz5cUZftalRmIe1yiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOTkxYWZjZDQ1NWViMWIxNzRmY2Y4OWY4ZTEwZWFmN2Y3
MGIzNTUwHhcNMjMwODAzMDYxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWY1OGU5ZThiMjM3YTBjNzAyNDYyNzg5MDc1NjhmYTU3MzZmY2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnJEeh17u1z5MHwR/q1I1JrAN2g5
eVyGYRBykTV2+3czCynVGLJfJXfEgthlmbX8fStYiuEI7qp7IlNOUr43O4elw0dT
2LAIjFGgA2yh1oEJJxgPmG5pYQ/ITDfphBknSap6CH4nzaQyqMJ4Gtm8Z4JCpCOE
oegzxWVCeTZnrpDHT7Dr26nbej51rN7oC0nkd21spW1aeNvP1iSX2tv2Yr67KNLe
ybxbs0gktK3B5C03fpFdu0JOfy5ezbU067nZAN6RE24DY5AVmr1XhFwbIb/QN28N
tmpLXv1SLGMwO5O/8Iq5q106ddBXeZL4gYRZORINXbrkFYBjFK3ZQ1W7OwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJn1jp6LI3oMcCRieJB1aPpXNvyjMB8GA1UdIwQY
MBaAFIOZGvzUVesbF0/PifjhDq9/cLNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmIt
ZTE1NDM3MzgwMDk5LzEvbWZXT25vc2plZ3h3SkdKNGtIVm8tbGMyX0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmItZTE1NDM3MzgwMDk5
LzEvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH9+7AwQA
w+FRMA0GCSqGSIb3DQEBCwUAA4IBAQBVQz2Fgc6zIQtGsEQU8m6R7UBbShi0OfU9
l9w9U7D84koG/Fh5WZ9Hd7nesXFmLaxjWpI54eWTWTD/opPoWanGW9QA2tVkjyXM
Sq3nwbApxClX/ysvI4UjVxLsfWbRZHfRtKMCly3c0l++0sUgcF38PS3Kb0WVnBLV
vU32SpQ9Z3AFPj1YGYRs/xRfPzTMFhA4d62MABlJ4yI0mXkw1DdhLEOGDSCnpz+y
RKbFpnZ6WdYRVxitRa4grfJNVeiOulA/OXLc+BdhEATjeouSI7Rd15tUfJC6Y+wT
1udMc4a8WokUiTM3nYuHPYz4Lz+PrFlSXazw+ZABWlAHAIegKx0f
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:53 2024 by rpki-client on console-ams.rpki-client.org