Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/MLj0HRXug42snTI3exHycURWN4o.roa
File: MLj0HRXug42snTI3exHycURWN4o.roa (raw, json)
Hash identifier: xJKLvTdbNMXqCYHOb4B05A8GTOes3IfFBCCBocmIHSU=
Subject key identifier: 30:B8:F4:1D:15:EE:83:8D:AC:9D:32:37:7B:11:F2:71:44:56:37:8A
Certificate issuer: /CN=e7478550068bf78220408c25d612bc2fb02460c1
Certificate serial: 018A276E15104013321EE87579EFAF7F88C7
Authority key identifier: E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/MLj0HRXug42snTI3exHycURWN4o.roa
Signing time: Thu 24 Aug 2023 12:04:00 +0000
ROA not before: Thu 24 Aug 2023 12:04:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21507
IP address blocks: 217.142.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:27:6e:15:10:40:13:32:1e:e8:75:79:ef:af:7f:88:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7478550068bf78220408c25d612bc2fb02460c1
Validity
Not Before: Aug 24 12:04:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30b8f41d15ee838dac9d32377b11f2714456378a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:73:e1:81:f0:94:f8:c8:38:de:3c:67:1f:85:
00:78:cd:cf:49:43:ff:d2:8d:fd:c1:ca:c3:24:c2:
68:ce:86:33:c1:24:54:3f:88:c7:3d:f4:39:37:4d:
d0:34:49:34:69:6b:e1:8b:b1:72:31:ee:36:d9:4e:
cd:18:7f:10:24:24:39:41:ef:aa:c7:37:da:d6:98:
f9:36:dc:b6:8a:a4:d4:29:f4:a2:d3:24:70:2e:d1:
92:9f:02:bd:37:72:35:56:4c:15:07:2b:74:ef:d5:
9d:48:86:39:df:48:4b:74:56:b4:2e:ae:28:da:b8:
ff:7c:8b:d0:94:29:78:f0:a9:70:c4:a7:b6:fb:44:
fe:16:0b:54:4a:82:c2:8f:de:eb:dd:40:20:32:33:
52:38:19:7f:72:57:8c:3f:40:6b:bc:3f:b2:ea:ed:
ad:e7:e8:7a:ec:9b:e1:31:94:81:4e:3b:ae:3f:71:
b9:0a:e4:20:37:55:3d:c7:91:83:46:d4:6f:3e:9f:
1b:02:ca:1c:1e:3d:8e:98:77:2c:c3:13:05:af:c0:
92:6f:bf:93:4e:19:5a:88:bf:1b:fc:17:f5:88:bd:
4f:1f:4d:ff:5c:be:56:e4:e4:86:f6:72:6c:b1:97:
d4:5d:2d:27:b5:54:5c:3e:90:3c:22:bc:60:a2:f9:
52:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:B8:F4:1D:15:EE:83:8D:AC:9D:32:37:7B:11:F2:71:44:56:37:8A
X509v3 Authority Key Identifier:
keyid:E7:47:85:50:06:8B:F7:82:20:40:8C:25:D6:12:BC:2F:B0:24:60:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50eFUAaL94IgQIwl1hK8L7AkYME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/MLj0HRXug42snTI3exHycURWN4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/635511-71f3-4f57-9139-7da3cd253bf6/1/50eFUAaL94IgQIwl1hK8L7AkYME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.142.64.0/18
Signature Algorithm: sha256WithRSAEncryption
7d:db:fd:bf:39:7f:a3:92:3b:f1:f0:cb:a0:9a:b8:bc:85:98:
9c:56:e0:e1:60:ca:27:72:2c:2d:11:98:66:10:d9:17:dc:22:
b3:1a:e8:5e:af:60:49:5b:94:f1:d1:c6:d2:bc:20:bb:dc:78:
9b:c0:af:a5:90:dd:e8:94:4d:36:39:90:6e:57:1c:4e:54:78:
2a:51:af:0e:63:66:63:53:c3:99:dc:40:3b:46:eb:79:cc:c6:
04:02:dc:5c:32:00:c3:d6:d6:32:40:ee:1b:dd:c3:d9:c4:58:
19:28:68:63:2c:b0:2f:7d:db:bb:1a:c0:94:69:22:19:b5:15:
28:34:98:b9:3a:f8:d9:a7:d6:29:91:74:08:d0:f0:97:42:0b:
92:0d:38:1d:7f:d9:5b:a2:bd:2c:da:93:8d:4a:8c:81:80:bc:
d3:c9:4b:53:6a:7c:c6:f4:21:6e:64:c5:ec:10:98:a2:f2:86:
aa:c4:ee:50:d1:8a:36:61:75:9b:1f:28:c2:27:b8:fe:a3:f3:
90:99:4f:78:72:b9:9f:61:30:46:03:64:71:49:25:df:a5:e7:
0f:87:27:b1:68:4c:f0:dd:2d:1c:76:65:0d:1d:85:dc:c3:95:
00:1a:84:30:57:6c:04:db:64:29:e5:a1:33:92:63:2f:b7:1c:
36:40:43:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYonbhUQQBMyHuh1ee+vf4jHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NDc4NTUwMDY4YmY3ODIyMDQwOGMyNWQ2MTJiYzJmYjAy
NDYwYzEwHhcNMjMwODI0MTIwNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGI4ZjQxZDE1ZWU4MzhkYWM5ZDMyMzc3YjExZjI3MTQ0NTYzNzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3PhgfCU+Mg43jxnH4UAeM3PSUP/
0o39wcrDJMJozoYzwSRUP4jHPfQ5N03QNEk0aWvhi7FyMe422U7NGH8QJCQ5Qe+q
xzfa1pj5Nty2iqTUKfSi0yRwLtGSnwK9N3I1VkwVByt079WdSIY530hLdFa0Lq4o
2rj/fIvQlCl48KlwxKe2+0T+FgtUSoLCj97r3UAgMjNSOBl/cleMP0BrvD+y6u2t
5+h67JvhMZSBTjuuP3G5CuQgN1U9x5GDRtRvPp8bAsocHj2OmHcswxMFr8CSb7+T
ThlaiL8b/Bf1iL1PH03/XL5W5OSG9nJssZfUXS0ntVRcPpA8IrxgovlSNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDC49B0V7oONrJ0yN3sR8nFEVjeKMB8GA1UdIwQY
MBaAFOdHhVAGi/eCIECMJdYSvC+wJGDBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTBlRlVBYUw5NElnUUl3bDFoSzhMN0FrWU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82MzU1MTEtNzFmMy00ZjU3LTkxMzkt
N2RhM2NkMjUzYmY2LzEvTUxqMEhSWHVnNDJzblRJM2V4SHljVVJXTjRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82MzU1MTEtNzFmMy00ZjU3LTkxMzktN2RhM2NkMjUzYmY2
LzEvNTBlRlVBYUw5NElnUUl3bDFoSzhMN0FrWU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG2Y5AMA0G
CSqGSIb3DQEBCwUAA4IBAQB92/2/OX+jkjvx8Mugmri8hZicVuDhYMonciwtEZhm
ENkX3CKzGuher2BJW5Tx0cbSvCC73HibwK+lkN3olE02OZBuVxxOVHgqUa8OY2Zj
U8OZ3EA7Rut5zMYEAtxcMgDD1tYyQO4b3cPZxFgZKGhjLLAvfdu7GsCUaSIZtRUo
NJi5OvjZp9YpkXQI0PCXQguSDTgdf9lbor0s2pONSoyBgLzTyUtTanzG9CFuZMXs
EJii8oaqxO5Q0Yo2YXWbHyjCJ7j+o/OQmU94crmfYTBGA2RxSSXfpecPhyexaEzw
3S0cdmUNHYXcw5UAGoQwV2wE22Qp5aEzkmMvtxw2QEOm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:59 2024 by rpki-client on console-ams.rpki-client.org