Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mnVXuBsCGZqRHcdXMVH6Hg86fcg.roa
File: mnVXuBsCGZqRHcdXMVH6Hg86fcg.roa (raw, json)
Hash identifier: QqA6JGmCBz30sXiq/wQFum+iAHl+R+qeoC+ZWYFkkSk=
Subject key identifier: 9A:75:57:B8:1B:02:19:9A:91:1D:C7:57:31:51:FA:1E:0F:3A:7D:C8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018268B2363B1147B95E2EC56BCD92A02F7E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mnVXuBsCGZqRHcdXMVH6Hg86fcg.roa
Signing time: Thu 04 Aug 2022 11:51:25 +0000
ROA not before: Thu 04 Aug 2022 11:51:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397423
IP address blocks: 176.125.252.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:68:b2:36:3b:11:47:b9:5e:2e:c5:6b:cd:92:a0:2f:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 4 11:51:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a7557b81b02199a911dc7573151fa1e0f3a7dc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c8:7b:b6:37:ed:66:27:7c:a8:5a:02:88:c6:
76:24:16:65:22:7c:eb:f5:47:c6:7b:ea:39:2e:e6:
41:f5:cc:00:38:bd:62:dc:16:4c:ca:f1:7e:c5:37:
a4:14:41:1e:7f:0d:3d:ce:46:fb:43:25:c7:9c:fe:
51:f2:7a:5c:00:8e:cc:a8:dd:45:74:09:22:af:e4:
e8:a2:8d:45:c3:7c:5e:12:3f:2f:a5:a9:b5:18:ef:
76:fa:81:3e:7c:b4:14:d1:7c:ee:52:ac:8b:f1:15:
c5:b0:fc:61:35:cc:26:b4:b4:8b:1f:31:b3:1f:a2:
a6:97:ad:9e:0b:3b:50:d3:b1:b7:b3:87:ee:6d:a9:
00:0d:99:52:a7:8f:2e:95:4a:a5:19:f2:09:be:94:
44:64:cc:1f:37:d1:18:2e:d9:0c:dd:c3:6c:a8:36:
36:17:85:7a:49:1b:fb:5f:eb:35:8b:b9:f9:fa:fe:
14:bd:52:5a:28:31:b9:c1:e3:33:53:ba:49:49:6b:
68:39:86:56:5a:05:72:6d:96:f5:4d:63:eb:9f:7e:
c1:b6:2d:24:f4:99:6a:28:d2:f3:da:3f:da:50:ef:
dc:3f:1d:ce:bd:62:05:56:fb:37:f6:b9:81:6d:53:
57:f3:03:3f:d4:00:09:5d:44:16:6c:2b:9e:1f:ba:
97:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:75:57:B8:1B:02:19:9A:91:1D:C7:57:31:51:FA:1E:0F:3A:7D:C8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mnVXuBsCGZqRHcdXMVH6Hg86fcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.252.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:9a:b5:95:50:74:10:a6:04:67:87:63:a0:ad:78:7c:0a:94:
67:72:d4:c9:1a:0d:0e:de:84:6b:66:7c:f2:56:eb:67:08:5b:
37:8f:7c:9f:89:2b:2e:3c:49:7c:0a:63:07:3a:66:a0:a0:af:
8d:31:44:ba:02:06:1f:07:c3:e5:b3:b1:49:a8:70:13:86:fe:
2c:73:90:5e:09:8b:8a:ab:19:1d:31:e0:20:3d:1a:25:d2:3c:
68:9a:7d:ff:63:54:25:80:c9:00:3e:99:9d:7d:dc:65:69:20:
45:0a:d7:24:a8:9d:8e:2d:2f:aa:a0:49:87:4e:40:25:da:cd:
28:27:33:c5:1c:73:03:da:3b:ce:8c:65:65:a7:d7:81:5d:0c:
0e:17:28:74:45:17:f8:19:9c:55:3f:fe:f6:97:29:3d:2e:7b:
34:b8:0f:34:2a:3c:cf:53:65:c4:e2:dd:d3:c1:ce:f9:25:23:
6a:a9:4e:15:3e:7e:a7:cb:3b:55:57:77:73:fe:b5:c2:9f:b8:
7d:96:47:4e:1e:25:b2:14:5e:87:08:56:a0:f1:0b:49:c3:f8:
46:f8:f8:ab:35:0e:e1:fa:fa:e0:68:d6:0a:3f:7a:62:d1:d2:
78:5d:5e:e4:d3:fb:2c:da:cb:c6:fb:b9:ea:ed:e8:00:1d:e4:
b1:ab:48:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJosjY7EUe5Xi7Fa82SoC9+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwODA0MTE1MTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTc1NTdiODFiMDIxOTlhOTExZGM3NTczMTUxZmExZTBmM2E3ZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8h7tjftZid8qFoCiMZ2JBZlInzr
9UfGe+o5LuZB9cwAOL1i3BZMyvF+xTekFEEefw09zkb7QyXHnP5R8npcAI7MqN1F
dAkir+Tooo1Fw3xeEj8vpam1GO92+oE+fLQU0XzuUqyL8RXFsPxhNcwmtLSLHzGz
H6Kml62eCztQ07G3s4fubakADZlSp48ulUqlGfIJvpREZMwfN9EYLtkM3cNsqDY2
F4V6SRv7X+s1i7n5+v4UvVJaKDG5weMzU7pJSWtoOYZWWgVybZb1TWPrn37Bti0k
9JlqKNLz2j/aUO/cPx3OvWIFVvs39rmBbVNX8wM/1AAJXUQWbCueH7qXIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJp1V7gbAhmakR3HVzFR+h4POn3IMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbW5WWHVCc0NHWnFSSGNkWE1WSDZIZzg2ZmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsH38MA0G
CSqGSIb3DQEBCwUAA4IBAQCKmrWVUHQQpgRnh2OgrXh8CpRnctTJGg0O3oRrZnzy
VutnCFs3j3yfiSsuPEl8CmMHOmagoK+NMUS6AgYfB8Pls7FJqHAThv4sc5BeCYuK
qxkdMeAgPRol0jxomn3/Y1QlgMkAPpmdfdxlaSBFCtckqJ2OLS+qoEmHTkAl2s0o
JzPFHHMD2jvOjGVlp9eBXQwOFyh0RRf4GZxVP/72lyk9Lns0uA80KjzPU2XE4t3T
wc75JSNqqU4VPn6nyztVV3dz/rXCn7h9lkdOHiWyFF6HCFag8QtJw/hG+PirNQ7h
+vrgaNYKP3pi0dJ4XV7k0/ss2svG+7nq7egAHeSxq0jG
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:42 2023 by rpki-client on console-ams.rpki-client.org