Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/MV1yvsV5KbvtPQdgrdQ1i4CqGO8.roa
File: MV1yvsV5KbvtPQdgrdQ1i4CqGO8.roa (raw, json)
Hash identifier: oPCV25Lv3SVYRzXHGQp38AicREkm/BcqPA3HJHes78Q=
Subject key identifier: 31:5D:72:BE:C5:79:29:BB:ED:3D:07:60:AD:D4:35:8B:80:AA:18:EF
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 018D13D7EC43D7A7E2EC44734F2E74032660
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/MV1yvsV5KbvtPQdgrdQ1i4CqGO8.roa
Signing time: Tue 16 Jan 2024 19:55:34 +0000
ROA not before: Tue 16 Jan 2024 19:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 195.96.141.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:ec:43:d7:a7:e2:ec:44:73:4f:2e:74:03:26:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Jan 16 19:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=315d72bec57929bbed3d0760add4358b80aa18ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:25:6b:c9:c5:d9:15:c7:c9:3b:ac:91:4c:f9:
80:c3:bc:fd:f8:a1:29:9e:1f:19:fd:54:57:92:c2:
4c:e7:75:28:58:86:ac:a1:02:bb:30:8a:cd:bc:77:
e1:9b:b5:4f:1a:e6:c7:ca:58:e8:ae:29:60:a0:14:
39:03:da:5d:43:21:89:5c:25:17:b7:75:5e:64:b3:
d7:fd:10:cc:60:f9:2d:c2:b1:fb:f3:80:eb:65:c9:
38:a0:74:cd:b7:de:52:1b:7a:e1:ac:18:38:4f:c2:
97:ab:89:13:99:6a:5c:06:3a:23:50:32:0a:2b:b4:
67:f5:50:ed:79:da:13:10:0f:c3:79:91:b5:c4:70:
6f:5b:db:5f:fd:06:85:b5:64:56:f9:81:04:ca:e3:
14:69:f5:4c:58:ca:93:da:e4:75:cb:d4:c6:f4:c3:
24:25:78:59:f4:33:a7:31:79:63:ae:d9:a4:e1:fd:
d4:07:ad:0e:29:f3:1b:94:06:54:01:1f:7a:e2:53:
f0:4c:da:a6:54:db:a1:56:af:4e:ee:ce:a2:ad:8b:
4e:54:c9:b9:3a:73:59:a4:11:0a:82:39:b3:f2:c5:
09:ee:cf:cc:74:e9:2d:15:b3:0f:7c:b8:24:e9:a4:
e2:65:a0:76:58:87:8b:5e:f0:b1:e3:0c:aa:97:f6:
00:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:5D:72:BE:C5:79:29:BB:ED:3D:07:60:AD:D4:35:8B:80:AA:18:EF
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/MV1yvsV5KbvtPQdgrdQ1i4CqGO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.141.0/24
Signature Algorithm: sha256WithRSAEncryption
63:b6:43:c9:f9:87:e1:62:38:90:33:48:3f:a4:56:ef:56:75:
0e:07:24:d6:92:5a:b2:68:37:3a:0e:99:f8:b4:e6:04:49:d0:
7a:56:f3:35:22:e7:f3:c6:1e:2f:df:b1:72:94:67:a4:66:5b:
15:4e:89:ff:f2:a1:cb:bf:39:e6:0d:06:80:13:94:1c:5e:3d:
74:49:9d:35:89:9f:5e:c6:0e:45:45:05:37:d0:97:92:9c:c8:
06:dc:3b:5c:e4:55:04:82:8d:95:a1:c4:68:0c:07:ce:80:2c:
26:8c:17:2f:08:5e:3e:e1:ec:57:35:16:40:d1:13:03:96:f8:
56:ca:fa:38:80:ad:23:53:e0:21:80:5b:21:7a:fc:ea:fa:69:
34:73:3a:e2:ae:0b:7e:9f:e9:54:07:26:78:2f:d0:9a:b2:61:
ba:fd:fb:8b:55:ba:70:1f:4b:92:60:4c:d9:b0:78:e5:a6:6d:
7a:24:05:62:63:70:57:fd:88:50:53:af:39:50:cb:c0:13:52:
27:24:69:eb:bf:5b:5e:a8:f8:4c:ac:29:f1:94:57:32:b9:1a:
af:68:5c:1c:42:4a:18:f5:9c:53:37:47:13:0a:50:11:67:b3:
34:64:c5:08:98:e6:73:bb:42:75:21:41:23:c9:ad:2f:f5:76:
b6:f4:04:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0T1+xD16fi7ERzTy50AyZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQwMTE2MTk1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTVkNzJiZWM1NzkyOWJiZWQzZDA3NjBhZGQ0MzU4YjgwYWExOGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyVrycXZFcfJO6yRTPmAw7z9+KEp
nh8Z/VRXksJM53UoWIasoQK7MIrNvHfhm7VPGubHyljorilgoBQ5A9pdQyGJXCUX
t3VeZLPX/RDMYPktwrH784DrZck4oHTNt95SG3rhrBg4T8KXq4kTmWpcBjojUDIK
K7Rn9VDtedoTEA/DeZG1xHBvW9tf/QaFtWRW+YEEyuMUafVMWMqT2uR1y9TG9MMk
JXhZ9DOnMXljrtmk4f3UB60OKfMblAZUAR964lPwTNqmVNuhVq9O7s6irYtOVMm5
OnNZpBEKgjmz8sUJ7s/MdOktFbMPfLgk6aTiZaB2WIeLXvCx4wyql/YA4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDFdcr7FeSm77T0HYK3UNYuAqhjvMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvTVYxeXZzVjVLYnZ0UFFkZ3JkUTFpNENxR084LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CNMA0G
CSqGSIb3DQEBCwUAA4IBAQBjtkPJ+YfhYjiQM0g/pFbvVnUOByTWklqyaDc6Dpn4
tOYESdB6VvM1Iufzxh4v37FylGekZlsVTon/8qHLvznmDQaAE5QcXj10SZ01iZ9e
xg5FRQU30JeSnMgG3Dtc5FUEgo2VocRoDAfOgCwmjBcvCF4+4exXNRZA0RMDlvhW
yvo4gK0jU+AhgFshevzq+mk0czrirgt+n+lUByZ4L9CasmG6/fuLVbpwH0uSYEzZ
sHjlpm16JAViY3BX/YhQU685UMvAE1InJGnrv1teqPhMrCnxlFcyuRqvaFwcQkoY
9ZxTN0cTClARZ7M0ZMUImOZzu0J1IUEjya0v9Xa29ASS
-----END CERTIFICATE-----
Generated at Tue Apr 2 17:16:02 2024 by rpki-client on console-fra.rpki-client.org