Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/MX8csOg99v7x48qNKUV71h6Z-vM.roa
File: MX8csOg99v7x48qNKUV71h6Z-vM.roa (raw, json)
Hash identifier: Q1JKQ3yOszO1esc2tZ2eaJ3tv0Ab8rgw9s+gMh722yo=
Subject key identifier: 31:7F:1C:B0:E8:3D:F6:FE:F1:E3:CA:8D:29:45:7B:D6:1E:99:FA:F3
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 01856E2FBD4B941BB45E938E213CB31722CD
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/MX8csOg99v7x48qNKUV71h6Z-vM.roa
Signing time: Sun 01 Jan 2023 16:35:00 +0000
ROA not before: Sun 01 Jan 2023 16:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35830
IP address blocks: 89.191.228.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:bd:4b:94:1b:b4:5e:93:8e:21:3c:b3:17:22:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 1 16:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=317f1cb0e83df6fef1e3ca8d29457bd61e99faf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a1:13:fa:7a:2b:72:57:e9:a8:39:22:86:c0:
a2:76:13:4e:8d:2d:63:74:f4:1e:7e:f5:d9:23:0a:
d3:6e:ee:4b:55:d2:17:0f:12:ed:e1:67:e2:6b:63:
b1:92:bb:a4:46:4b:d7:f7:73:1a:68:1e:cb:5e:0a:
7d:46:72:dc:b7:56:b9:f1:7c:86:41:20:93:fb:05:
86:f7:7c:2e:00:8f:dc:c2:40:6f:90:ec:8d:2d:d4:
8a:95:a2:e2:87:18:f5:f5:6b:f6:1e:e1:0a:12:15:
bb:61:65:9d:58:37:a4:c9:3b:ab:fa:3a:0b:13:0a:
05:18:00:49:41:8b:f2:bd:aa:ae:e3:29:c0:79:64:
ac:e9:96:ac:fb:f2:fd:fb:62:77:db:09:b7:fb:e3:
f2:61:9e:0a:a4:71:76:5b:74:b1:ac:41:cd:f3:7d:
43:7e:da:6b:c0:7e:c1:d7:5c:7d:9f:5c:8c:27:a6:
b6:84:98:03:ab:2e:95:8f:f6:d7:d9:a2:7c:75:10:
c0:52:0a:45:f5:a2:9a:f6:27:fe:c2:07:92:b9:a6:
6c:27:c9:fb:6d:d9:84:a2:be:19:bd:69:39:ed:90:
69:60:40:4c:72:a1:af:c8:bd:e8:bb:1f:48:d3:18:
38:02:d1:95:2a:41:58:8b:79:3d:12:36:1d:a7:ee:
7d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:7F:1C:B0:E8:3D:F6:FE:F1:E3:CA:8D:29:45:7B:D6:1E:99:FA:F3
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/MX8csOg99v7x48qNKUV71h6Z-vM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.191.228.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:34:f3:b5:b1:21:54:aa:74:20:72:ed:cf:6e:4c:42:0b:e8:
a7:96:9b:52:5c:63:17:03:c4:35:40:22:a1:33:08:08:87:79:
38:d0:36:95:41:c6:90:81:48:42:38:a6:bb:1b:47:c6:83:c9:
94:a1:98:26:30:d4:5a:aa:85:2b:e0:6e:9f:14:44:ec:67:00:
bc:5f:fc:0e:08:c0:ac:81:44:05:ec:4f:92:8b:75:11:75:60:
0f:5b:0b:a3:a4:fc:d0:3a:ea:3e:54:a4:9d:3d:f4:60:5e:9c:
3b:b5:37:08:4f:c8:89:6d:01:a4:af:35:e8:0f:45:2a:ef:7e:
8c:c4:9d:36:03:0f:3e:50:63:e3:91:5f:d4:7a:9d:30:ae:e3:
db:6d:cb:93:ad:fb:d7:f4:fe:64:b5:93:99:45:aa:f2:84:63:
53:a8:90:3c:e7:c1:f2:c3:82:4f:a7:25:a2:87:a7:7a:18:05:
96:61:e6:ea:58:d6:9d:7d:d9:23:c7:35:44:3b:42:41:a4:5d:
cf:d4:4d:51:a7:98:a2:c5:ce:58:26:1a:04:2b:06:6d:4f:b5:
6c:f2:cf:45:a5:a2:39:ef:40:4a:85:8d:6c:a7:2f:25:79:2e:
7a:5f:c5:c3:53:33:9c:64:ac:2b:94:33:a7:d0:8a:d5:b8:ad:
c3:aa:16:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL71LlBu0XpOOITyzFyLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMTAxMTYzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTdmMWNiMGU4M2RmNmZlZjFlM2NhOGQyOTQ1N2JkNjFlOTlmYWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqET+norclfpqDkihsCidhNOjS1j
dPQefvXZIwrTbu5LVdIXDxLt4Wfia2OxkrukRkvX93MaaB7LXgp9RnLct1a58XyG
QSCT+wWG93wuAI/cwkBvkOyNLdSKlaLihxj19Wv2HuEKEhW7YWWdWDekyTur+joL
EwoFGABJQYvyvaqu4ynAeWSs6Zas+/L9+2J32wm3++PyYZ4KpHF2W3SxrEHN831D
ftprwH7B11x9n1yMJ6a2hJgDqy6Vj/bX2aJ8dRDAUgpF9aKa9if+wgeSuaZsJ8n7
bdmEor4ZvWk57ZBpYEBMcqGvyL3oux9I0xg4AtGVKkFYi3k9EjYdp+59mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDF/HLDoPfb+8ePKjSlFe9YemfrzMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvTVg4Y3NPZzk5djd4NDhxTktVVjcxaDZaLXZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWb/kMA0G
CSqGSIb3DQEBCwUAA4IBAQAKNPO1sSFUqnQgcu3PbkxCC+inlptSXGMXA8Q1QCKh
MwgIh3k40DaVQcaQgUhCOKa7G0fGg8mUoZgmMNRaqoUr4G6fFETsZwC8X/wOCMCs
gUQF7E+Si3URdWAPWwujpPzQOuo+VKSdPfRgXpw7tTcIT8iJbQGkrzXoD0Uq736M
xJ02Aw8+UGPjkV/Uep0wruPbbcuTrfvX9P5ktZOZRaryhGNTqJA858Hyw4JPpyWi
h6d6GAWWYebqWNadfdkjxzVEO0JBpF3P1E1Rp5iixc5YJhoEKwZtT7Vs8s9FpaI5
70BKhY1spy8leS56X8XDUzOcZKwrlDOn0IrVuK3DqhZd
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:47 2023 by rpki-client on console-ams.rpki-client.org