Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/MhvUsxUVZJqheAkLM2Rb0DUFrwQ.roa
File: MhvUsxUVZJqheAkLM2Rb0DUFrwQ.roa (raw, json)
Hash identifier: CR6UZpLbXprfA2X73UxXdHs2NiQrNWBJLgpy3Cffvw4=
Subject key identifier: 32:1B:D4:B3:15:15:64:9A:A1:78:09:0B:33:64:5B:D0:35:05:AF:04
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 01821B6B7483BB39D0B296F2C4219D7D504F
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/MhvUsxUVZJqheAkLM2Rb0DUFrwQ.roa
Signing time: Wed 20 Jul 2022 11:43:23 +0000
ROA not before: Wed 20 Jul 2022 11:43:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58061
IP address blocks: 195.180.177.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1b:6b:74:83:bb:39:d0:b2:96:f2:c4:21:9d:7d:50:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jul 20 11:43:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=321bd4b31515649aa178090b33645bd03505af04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:60:70:f2:5b:8d:50:e2:24:f4:be:25:b4:71:
df:dc:36:bd:2f:00:b2:f6:62:69:6e:d8:73:61:56:
9a:58:c5:b8:69:35:3b:44:3c:0f:2e:8f:6a:8f:73:
b2:68:9f:a9:1d:03:84:c2:07:1d:5d:91:bd:66:7a:
68:9c:9b:79:f8:b1:74:52:be:ea:d9:0b:51:29:3d:
c1:70:78:50:4b:fa:88:0e:1d:f8:84:fd:27:9e:d4:
02:e8:69:74:06:89:f8:0b:89:f7:8d:9f:fa:5b:ef:
a9:de:be:79:6f:e8:9b:ca:4f:36:3c:3e:48:7e:42:
d1:1e:c4:28:2e:68:a0:b4:11:d6:37:fc:dc:4e:b3:
93:23:42:0b:f0:cc:99:19:28:e3:1e:da:b2:d3:b5:
01:e2:63:61:31:c2:31:0f:78:3a:33:d4:a2:26:de:
b2:aa:f4:4c:3c:9d:a9:8f:de:78:d3:df:33:72:3c:
e5:ec:07:bb:c0:e3:ff:c2:9d:62:9c:a0:e7:86:f0:
ac:dc:50:45:90:35:76:4c:37:38:f9:9a:a6:fb:ba:
71:b6:f8:76:cc:0b:2c:ca:91:14:78:f2:a2:d0:d7:
f3:17:d3:5f:d9:b3:b3:09:16:59:2b:6f:d9:de:81:
21:8e:4b:7b:be:a1:93:b2:eb:d1:37:94:0f:4f:0e:
89:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:1B:D4:B3:15:15:64:9A:A1:78:09:0B:33:64:5B:D0:35:05:AF:04
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/MhvUsxUVZJqheAkLM2Rb0DUFrwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.180.177.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:a3:a3:b4:23:53:68:71:31:eb:a5:0c:2e:b5:e4:c6:c0:4a:
14:59:69:f4:46:e6:05:43:40:41:a0:77:35:17:a7:f1:b8:2c:
69:8e:cc:99:1a:81:a9:ff:c4:ec:b7:de:fa:bf:93:8a:74:1f:
81:9c:17:55:5f:46:70:0f:a1:17:e4:0d:90:5e:3b:4b:90:37:
45:b8:ba:17:98:3c:58:fa:db:5b:6a:c4:1d:13:88:a3:94:b0:
e9:c8:1d:48:2f:36:4d:fe:b8:e9:0a:7b:74:83:1e:f2:41:0f:
99:76:17:32:c0:43:d0:79:c6:0f:c4:d7:bc:1f:eb:64:fb:c5:
eb:b5:c7:36:b4:af:10:d7:c5:75:b3:e7:2d:5b:dc:83:91:bc:
83:5c:b4:38:1a:af:96:bf:4c:7a:c6:29:25:8a:c3:75:5f:08:
65:f6:fd:8d:bd:6f:ee:be:59:af:34:6a:63:bd:3d:1a:61:de:
51:71:49:9f:c0:33:60:aa:51:4e:4c:c1:07:56:e3:82:dc:7e:
f2:df:b7:a3:ef:60:e8:5f:11:44:f6:8d:cb:9b:f6:73:1a:57:
76:cd:cd:c0:f3:93:7c:2e:7a:a6:50:44:26:e4:3e:0b:e6:50:
1d:57:19:66:7a:5d:62:fc:7e:d2:ef:1b:18:75:30:43:47:16:
c0:99:91:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIba3SDuznQspbyxCGdfVBPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjIwNzIwMTE0MzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjFiZDRiMzE1MTU2NDlhYTE3ODA5MGIzMzY0NWJkMDM1MDVhZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGBw8luNUOIk9L4ltHHf3Da9LwCy
9mJpbthzYVaaWMW4aTU7RDwPLo9qj3OyaJ+pHQOEwgcdXZG9ZnponJt5+LF0Ur7q
2QtRKT3BcHhQS/qIDh34hP0nntQC6Gl0Bon4C4n3jZ/6W++p3r55b+ibyk82PD5I
fkLRHsQoLmigtBHWN/zcTrOTI0IL8MyZGSjjHtqy07UB4mNhMcIxD3g6M9SiJt6y
qvRMPJ2pj954098zcjzl7Ae7wOP/wp1inKDnhvCs3FBFkDV2TDc4+Zqm+7pxtvh2
zAssypEUePKi0NfzF9Nf2bOzCRZZK2/Z3oEhjkt7vqGTsuvRN5QPTw6J0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDIb1LMVFWSaoXgJCzNkW9A1Ba8EMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvTWh2VXN4VVZaSnFoZUFrTE0yUmIwRFVGcndRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7SxMA0G
CSqGSIb3DQEBCwUAA4IBAQBro6O0I1NocTHrpQwuteTGwEoUWWn0RuYFQ0BBoHc1
F6fxuCxpjsyZGoGp/8Tst976v5OKdB+BnBdVX0ZwD6EX5A2QXjtLkDdFuLoXmDxY
+ttbasQdE4ijlLDpyB1ILzZN/rjpCnt0gx7yQQ+ZdhcywEPQecYPxNe8H+tk+8Xr
tcc2tK8Q18V1s+ctW9yDkbyDXLQ4Gq+Wv0x6xiklisN1Xwhl9v2NvW/uvlmvNGpj
vT0aYd5RcUmfwDNgqlFOTMEHVuOC3H7y37ej72DoXxFE9o3Lm/ZzGld2zc3A85N8
LnqmUEQm5D4L5lAdVxlmel1i/H7S7xsYdTBDRxbAmZEa
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:52 2025 by rpki-client