Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/746a75-d361-4e91-873a-0a770f0c7608/1/mKfB5cUG77rFTHIpfXX-obE9b08.roa
File: mKfB5cUG77rFTHIpfXX-obE9b08.roa (raw, json)
Hash identifier: 74RoOEEJngF976CiUo5e95q7QFic8Ntpj14Jeug9mTs=
Subject key identifier: 98:A7:C1:E5:C5:06:EF:BA:C5:4C:72:29:7D:75:FE:A1:B1:3D:6F:4F
Certificate issuer: /CN=e6135d639768a3a63ed9c5ff40af5ed01df741cb
Certificate serial: 018CC2DB50BCD966C6CAA8185B3761AEFEFD
Authority key identifier: E6:13:5D:63:97:68:A3:A6:3E:D9:C5:FF:40:AF:5E:D0:1D:F7:41:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5hNdY5doo6Y-2cX_QK9e0B33Qcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/746a75-d361-4e91-873a-0a770f0c7608/1/mKfB5cUG77rFTHIpfXX-obE9b08.roa
Signing time: Mon 01 Jan 2024 02:30:02 +0000
ROA not before: Mon 01 Jan 2024 02:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57419
IP address blocks: 185.207.3.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:50:bc:d9:66:c6:ca:a8:18:5b:37:61:ae:fe:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6135d639768a3a63ed9c5ff40af5ed01df741cb
Validity
Not Before: Jan 1 02:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98a7c1e5c506efbac54c72297d75fea1b13d6f4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9a:b2:92:b8:d0:0c:b6:88:7a:cb:e7:ab:b8:
ba:81:fb:98:63:2a:8a:4e:7f:58:7f:7b:ed:16:7b:
83:28:0f:5e:04:8a:08:48:4b:6f:63:a7:87:38:05:
69:3e:12:69:93:3f:31:49:75:e8:b5:ad:61:b7:8e:
69:31:31:99:11:91:7a:f2:4d:07:5e:55:51:5a:4f:
5b:5f:ca:6b:66:63:87:a8:f3:9d:16:46:c5:52:bb:
ea:13:3f:5f:d9:bd:53:8d:fa:20:73:10:1d:77:5c:
88:2e:3d:4d:93:1b:a4:c9:08:25:7b:eb:f7:4a:6d:
1e:a9:57:4a:d6:0a:0c:13:a0:52:3c:dc:46:76:2a:
a0:9d:f2:ea:4f:e5:cb:21:56:10:6e:c3:e3:1e:01:
bb:0d:d3:29:6a:5f:a8:b2:7b:9d:b9:f1:65:7a:7d:
6d:03:58:2a:69:d4:4a:3c:fc:a4:e7:79:c4:00:63:
58:68:70:ca:8e:57:db:cf:2c:05:0c:71:09:87:a6:
f6:ca:36:f1:50:33:7f:29:55:19:51:63:5c:11:55:
78:4d:c0:89:6d:c6:a3:f9:46:bd:f9:b4:d2:32:92:
49:dc:a8:38:74:7a:4b:13:d2:d3:f6:5a:51:7b:02:
77:b5:43:92:19:fd:5d:84:0e:84:e2:27:95:db:b6:
a0:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A7:C1:E5:C5:06:EF:BA:C5:4C:72:29:7D:75:FE:A1:B1:3D:6F:4F
X509v3 Authority Key Identifier:
keyid:E6:13:5D:63:97:68:A3:A6:3E:D9:C5:FF:40:AF:5E:D0:1D:F7:41:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hNdY5doo6Y-2cX_QK9e0B33Qcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/746a75-d361-4e91-873a-0a770f0c7608/1/mKfB5cUG77rFTHIpfXX-obE9b08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/746a75-d361-4e91-873a-0a770f0c7608/1/5hNdY5doo6Y-2cX_QK9e0B33Qcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.3.0/24
Signature Algorithm: sha256WithRSAEncryption
31:be:3f:6c:7d:9a:cc:86:69:5b:53:eb:43:48:1b:52:31:2f:
ad:c3:12:03:3c:51:95:eb:38:de:2b:2e:40:6e:d9:28:ed:91:
39:12:6e:db:9d:1e:1c:70:89:27:55:67:9f:a5:83:14:cb:2e:
82:1d:2e:2f:13:45:a4:0d:d9:51:89:0f:86:60:7c:a0:37:cf:
bb:57:86:b2:3b:c0:0e:64:15:18:48:73:43:32:9c:78:c5:38:
94:83:b2:7c:c7:e5:69:bc:3f:21:d8:39:3f:27:41:8c:3e:8c:
f5:62:56:28:e7:10:80:98:af:38:74:4e:c8:e3:03:62:25:02:
f1:ef:8d:eb:bf:d9:75:f1:53:90:7d:92:d2:ac:96:2a:a4:63:
8c:e3:02:c0:99:34:d5:e4:88:22:71:9c:51:d1:4f:00:7d:18:
f1:22:cc:3e:58:57:db:53:cb:9e:fe:b9:16:48:af:f0:23:85:
25:2b:08:ad:b0:53:e8:32:a1:c2:de:f2:1e:30:7d:49:14:a2:
1b:9f:52:9b:b5:cd:3a:61:a1:06:98:7e:98:3f:ac:de:b4:ad:
79:fa:7e:21:bc:11:41:e6:d6:20:b1:2c:2e:21:63:f5:56:59:
7b:91:3c:3a:7f:a1:d1:07:62:e0:6f:58:32:d5:67:75:d7:d0:
40:37:33:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC21C82WbGyqgYWzdhrv79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MTM1ZDYzOTc2OGEzYTYzZWQ5YzVmZjQwYWY1ZWQwMWRm
NzQxY2IwHhcNMjQwMTAxMDIzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGE3YzFlNWM1MDZlZmJhYzU0YzcyMjk3ZDc1ZmVhMWIxM2Q2ZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJqykrjQDLaIesvnq7i6gfuYYyqK
Tn9Yf3vtFnuDKA9eBIoISEtvY6eHOAVpPhJpkz8xSXXota1ht45pMTGZEZF68k0H
XlVRWk9bX8prZmOHqPOdFkbFUrvqEz9f2b1TjfogcxAdd1yILj1NkxukyQgle+v3
Sm0eqVdK1goME6BSPNxGdiqgnfLqT+XLIVYQbsPjHgG7DdMpal+osnudufFlen1t
A1gqadRKPPyk53nEAGNYaHDKjlfbzywFDHEJh6b2yjbxUDN/KVUZUWNcEVV4TcCJ
bcaj+Ua9+bTSMpJJ3Kg4dHpLE9LT9lpRewJ3tUOSGf1dhA6E4ieV27agLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJinweXFBu+6xUxyKX11/qGxPW9PMB8GA1UdIwQY
MBaAFOYTXWOXaKOmPtnF/0CvXtAd90HLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWhOZFk1ZG9vNlktMmNYX1FLOWUwQjMzUWNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS83NDZhNzUtZDM2MS00ZTkxLTg3M2Et
MGE3NzBmMGM3NjA4LzEvbUtmQjVjVUc3N3JGVEhJcGZYWC1vYkU5YjA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS83NDZhNzUtZDM2MS00ZTkxLTg3M2EtMGE3NzBmMGM3NjA4
LzEvNWhOZFk1ZG9vNlktMmNYX1FLOWUwQjMzUWNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc8DMA0G
CSqGSIb3DQEBCwUAA4IBAQAxvj9sfZrMhmlbU+tDSBtSMS+twxIDPFGV6zjeKy5A
btko7ZE5Em7bnR4ccIknVWefpYMUyy6CHS4vE0WkDdlRiQ+GYHygN8+7V4ayO8AO
ZBUYSHNDMpx4xTiUg7J8x+VpvD8h2Dk/J0GMPoz1YlYo5xCAmK84dE7I4wNiJQLx
743rv9l18VOQfZLSrJYqpGOM4wLAmTTV5IgicZxR0U8AfRjxIsw+WFfbU8ue/rkW
SK/wI4UlKwitsFPoMqHC3vIeMH1JFKIbn1Kbtc06YaEGmH6YP6zetK15+n4hvBFB
5tYgsSwuIWP1Vll7kTw6f6HRB2Lgb1gy1Wd119BANzOm
-----END CERTIFICATE-----
Generated at Mon Jul 29 13:52:11 2024 by rpki-client on console-fra.rpki-client.org