Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/CltMN77hBM_Ut716JU4FVf4gW28.roa
File: CltMN77hBM_Ut716JU4FVf4gW28.roa (raw, json)
Hash identifier: B2AaDRrsTMIM3NitGh/gnjQ2qNkjV8nmtDbYgQQ7ACU=
Subject key identifier: 0A:5B:4C:37:BE:E1:04:CF:D4:B7:BD:7A:25:4E:05:55:FE:20:5B:6F
Certificate issuer: /CN=6811e125cb357076f2fa3138c93e9a2681b17893
Certificate serial: 01856F429E6DBCC19010120AB12246076A6D
Authority key identifier: 68:11:E1:25:CB:35:70:76:F2:FA:31:38:C9:3E:9A:26:81:B1:78:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/CltMN77hBM_Ut716JU4FVf4gW28.roa
Signing time: Sun 01 Jan 2023 21:35:14 +0000
ROA not before: Sun 01 Jan 2023 21:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2639
IP address blocks: 31.186.226.0/24 maxlen: 24
31.186.243.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:9e:6d:bc:c1:90:10:12:0a:b1:22:46:07:6a:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6811e125cb357076f2fa3138c93e9a2681b17893
Validity
Not Before: Jan 1 21:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a5b4c37bee104cfd4b7bd7a254e0555fe205b6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:fc:fe:c3:13:ac:83:7e:70:17:7d:0b:76:24:
d8:4e:f5:cb:77:18:4b:72:c1:0d:71:98:05:9b:59:
2b:4f:16:02:6e:92:9f:ba:d4:bb:c7:7c:db:a1:df:
1c:60:73:17:bf:5d:31:cf:7b:13:c8:8e:d1:e8:b0:
20:bb:d5:78:d0:6e:47:fb:02:76:76:ce:5f:63:c4:
07:59:b5:ad:e6:e1:8e:28:a1:e5:79:4a:e6:d1:cd:
d4:87:78:37:d7:a1:63:69:93:0d:1f:4c:00:b7:62:
76:d1:5e:6b:bb:f2:a5:a5:e8:f0:bf:30:b6:e6:fb:
b7:02:29:06:cc:37:4b:1e:90:81:5e:95:bd:39:ca:
3c:02:bc:64:04:3f:d0:cc:7f:06:cb:03:9a:fb:40:
52:e7:3c:60:e4:7d:29:3a:03:ae:7c:fe:f7:08:ef:
58:e2:2a:21:58:f3:64:1d:ba:0e:a9:79:db:2f:3e:
a1:37:81:1a:85:0a:71:1b:6e:e4:d1:a7:1e:93:be:
08:a4:f5:88:7e:11:c8:df:96:cb:bf:d8:e0:3f:cd:
a4:47:df:b7:46:26:e7:24:9b:1a:1d:d2:57:3f:b0:
e3:03:4c:0d:34:d6:4a:3f:77:98:e2:d4:82:db:7f:
35:ef:49:ac:f0:5f:b4:b4:83:fb:dd:0f:2f:9f:25:
9e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:5B:4C:37:BE:E1:04:CF:D4:B7:BD:7A:25:4E:05:55:FE:20:5B:6F
X509v3 Authority Key Identifier:
keyid:68:11:E1:25:CB:35:70:76:F2:FA:31:38:C9:3E:9A:26:81:B1:78:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBHhJcs1cHby-jE4yT6aJoGxeJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/CltMN77hBM_Ut716JU4FVf4gW28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebacbd-8190-4e5a-a03a-cd439492b7ae/1/aBHhJcs1cHby-jE4yT6aJoGxeJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.226.0/24
31.186.243.0/24
Signature Algorithm: sha256WithRSAEncryption
08:56:a4:a8:c7:c9:fb:86:e9:61:3a:cb:c7:32:82:6d:87:8f:
c6:e8:b1:26:3b:c3:0c:65:8e:9b:da:ea:18:08:db:a8:ad:7c:
8e:05:19:e2:74:d4:3e:f7:b5:fa:69:98:4e:07:bc:ab:03:27:
e5:ed:83:e1:3b:60:10:e6:5d:75:3f:73:2b:ba:a4:58:29:1e:
07:96:37:10:74:30:b8:68:d8:3e:76:45:fc:8f:55:d5:71:36:
78:fd:3d:c5:17:82:70:4d:73:86:6c:61:ac:fb:fd:5f:d8:7d:
e5:48:2f:3a:ac:43:82:0c:0d:8a:7b:cb:f1:c3:23:ca:97:96:
36:69:9c:65:22:a3:cb:44:b3:c6:a5:78:e0:f3:61:0e:b1:fa:
8f:49:10:be:11:ed:f8:6d:fd:6d:d0:82:22:22:71:f7:42:f3:
91:46:0a:9e:a1:08:77:fb:c5:00:46:4c:98:a8:70:4c:27:49:
bf:ee:3a:2d:4d:ed:50:1b:af:97:ed:fc:7f:09:6f:b8:a2:91:
af:b3:8d:b8:51:19:b7:e7:5b:c4:7d:f3:5c:1b:35:79:1f:27:
c2:f7:c0:6d:1d:b8:a2:92:3e:e2:c7:a7:b3:60:e7:d6:65:b8:
b7:ef:86:8b:c1:70:ba:d9:ea:69:d1:84:ff:40:46:2e:cf:eb:
e9:54:00:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvQp5tvMGQEBIKsSJGB2ptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTFlMTI1Y2IzNTcwNzZmMmZhMzEzOGM5M2U5YTI2ODFi
MTc4OTMwHhcNMjMwMTAxMjEzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTViNGMzN2JlZTEwNGNmZDRiN2JkN2EyNTRlMDU1NWZlMjA1YjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Pz+wxOsg35wF30LdiTYTvXLdxhL
csENcZgFm1krTxYCbpKfutS7x3zbod8cYHMXv10xz3sTyI7R6LAgu9V40G5H+wJ2
ds5fY8QHWbWt5uGOKKHleUrm0c3Uh3g316FjaZMNH0wAt2J20V5ru/KlpejwvzC2
5vu3AikGzDdLHpCBXpW9Oco8ArxkBD/QzH8GywOa+0BS5zxg5H0pOgOufP73CO9Y
4iohWPNkHboOqXnbLz6hN4EahQpxG27k0acek74IpPWIfhHI35bLv9jgP82kR9+3
RibnJJsaHdJXP7DjA0wNNNZKP3eY4tSC238170ms8F+0tIP73Q8vnyWe6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFApbTDe+4QTP1Le9eiVOBVX+IFtvMB8GA1UdIwQY
MBaAFGgR4SXLNXB28voxOMk+miaBsXiTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lYmFjYmQtODE5MC00ZTVhLWEwM2Et
Y2Q0Mzk0OTJiN2FlLzEvQ2x0TU43N2hCTV9VdDcxNkpVNEZWZjRnVzI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9lYmFjYmQtODE5MC00ZTVhLWEwM2EtY2Q0Mzk0OTJiN2Fl
LzEvYUJIaEpjczFjSGJ5LWpFNHlUNmFKb0d4ZUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH7riAwQA
H7rzMA0GCSqGSIb3DQEBCwUAA4IBAQAIVqSox8n7hulhOsvHMoJth4/G6LEmO8MM
ZY6b2uoYCNuorXyOBRnidNQ+97X6aZhOB7yrAyfl7YPhO2AQ5l11P3MruqRYKR4H
ljcQdDC4aNg+dkX8j1XVcTZ4/T3FF4JwTXOGbGGs+/1f2H3lSC86rEOCDA2Ke8vx
wyPKl5Y2aZxlIqPLRLPGpXjg82EOsfqPSRC+Ee34bf1t0IIiInH3QvORRgqeoQh3
+8UARkyYqHBMJ0m/7jotTe1QG6+X7fx/CW+4opGvs424URm351vEffNcGzV5HyfC
98BtHbiikj7ix6ezYOfWZbi374aLwXC62epp0YT/QEYuz+vpVAB8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:43 2024 by rpki-client on console-fra.rpki-client.org