Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/mLkVZzOpdsi3FOjVIEJoqNKIKvY.roa
File: mLkVZzOpdsi3FOjVIEJoqNKIKvY.roa (raw, json)
Hash identifier: 3R3PJ6OMUpulrSc6amT49ydFU49Cv4BlcLLqugK208w=
Subject key identifier: 98:B9:15:67:33:A9:76:C8:B7:14:E8:D5:20:42:68:A8:D2:88:2A:F6
Certificate issuer: /CN=28fd66e43a104633b27bac539b98bdf8ebfac9ae
Certificate serial: 018CC4255598C1936AFFB3CE0FB7BBEF58B1
Authority key identifier: 28:FD:66:E4:3A:10:46:33:B2:7B:AC:53:9B:98:BD:F8:EB:FA:C9:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KP1m5DoQRjOye6xTm5i9-Ov6ya4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/mLkVZzOpdsi3FOjVIEJoqNKIKvY.roa
Signing time: Mon 01 Jan 2024 08:30:30 +0000
ROA not before: Mon 01 Jan 2024 08:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203377
IP address blocks: 194.147.216.0/24 maxlen: 24
2a0a:37c0::/48 maxlen: 48
2a0a:37c0:1::/48 maxlen: 48
2a0a:37c0:2::/48 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:55:98:c1:93:6a:ff:b3:ce:0f:b7:bb:ef:58:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28fd66e43a104633b27bac539b98bdf8ebfac9ae
Validity
Not Before: Jan 1 08:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98b9156733a976c8b714e8d5204268a8d2882af6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bb:ef:fa:3f:cc:8a:31:18:73:cd:59:0a:e6:
6d:bf:29:68:50:6d:61:61:f6:b1:c1:5c:c1:cd:9f:
15:78:d8:24:19:e2:6c:d2:a4:d7:63:47:af:50:a7:
34:f8:3a:62:49:11:6d:eb:b9:91:d6:65:a5:1e:c3:
67:ea:30:dd:d3:ee:6d:6f:5b:a7:ae:26:47:bb:64:
79:4b:7a:78:dd:61:6c:e8:30:ca:bc:0b:41:57:b2:
fc:52:3b:9e:37:53:02:ad:f5:47:f7:c7:55:04:c0:
4a:e1:f2:c3:53:27:9e:d4:85:40:9c:e6:39:8f:43:
9b:40:03:d5:f2:eb:c2:01:a5:65:00:72:f0:22:20:
30:58:a4:f6:f9:ed:d0:4b:51:96:fe:5c:91:6a:4e:
f0:74:3b:00:84:d9:a0:0d:50:2f:5c:3a:a9:36:a5:
20:9f:fb:a5:7d:1b:2e:a9:83:49:46:10:d4:58:35:
7d:2a:f3:41:5f:90:8b:58:45:9b:22:4e:34:3c:25:
06:63:78:30:4b:c7:67:f8:f5:5d:44:bc:96:bf:03:
f0:78:48:b8:aa:52:44:9a:ca:c8:67:c0:89:4b:21:
13:f9:12:92:8f:88:48:0b:0c:2e:bc:10:50:42:49:
f2:aa:42:ca:08:33:15:72:5b:68:9a:5d:01:64:2b:
62:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:B9:15:67:33:A9:76:C8:B7:14:E8:D5:20:42:68:A8:D2:88:2A:F6
X509v3 Authority Key Identifier:
keyid:28:FD:66:E4:3A:10:46:33:B2:7B:AC:53:9B:98:BD:F8:EB:FA:C9:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KP1m5DoQRjOye6xTm5i9-Ov6ya4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/mLkVZzOpdsi3FOjVIEJoqNKIKvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/KP1m5DoQRjOye6xTm5i9-Ov6ya4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.216.0/24
IPv6:
2a0a:37c0::-2a0a:37c0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
59:d2:e0:ad:44:26:49:e0:34:ec:3a:c2:59:7a:03:10:e1:ac:
ee:11:6a:e2:09:96:fb:f0:a4:0d:bf:ca:41:87:9b:43:8d:dd:
2c:08:c9:c1:8c:04:fa:19:7a:e4:75:0b:a8:f0:3f:ce:5f:94:
30:97:17:a2:b4:5b:59:7c:71:0c:47:e0:16:fe:30:39:d4:e7:
ae:e3:97:0b:45:7d:72:cd:43:fd:2d:6f:52:f1:18:03:d2:0d:
87:09:70:fe:89:e5:83:ed:eb:24:25:d5:a3:a4:d8:5c:31:85:
0c:58:51:c5:cd:38:23:f0:56:0d:18:3a:2b:60:30:9b:f5:ad:
36:dd:dc:e1:a8:be:97:9b:c7:40:de:69:e6:cb:75:84:5c:ed:
2a:e9:fb:f8:a8:79:e1:57:99:99:5b:24:52:67:e9:6b:e4:6c:
74:16:38:44:12:cd:75:53:d5:bd:37:91:46:35:9f:fb:57:99:
5f:4b:7b:33:f0:90:cd:b3:ac:64:a6:16:61:d4:9c:4f:2b:68:
84:0e:56:f6:5c:96:95:96:4b:7e:3b:65:0e:d9:c9:3e:9f:34:
5b:47:f7:0a:bd:24:21:33:28:7d:86:da:db:eb:cc:00:46:4d:
64:d2:fa:6d:ae:05:5c:fa:49:6c:06:12:b8:ca:e3:21:3a:07:
6f:c1:75:b4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzEJVWYwZNq/7POD7e771ixMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZmQ2NmU0M2ExMDQ2MzNiMjdiYWM1MzliOThiZGY4ZWJm
YWM5YWUwHhcNMjQwMTAxMDgzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGI5MTU2NzMzYTk3NmM4YjcxNGU4ZDUyMDQyNjhhOGQyODgyYWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrvv+j/MijEYc81ZCuZtvyloUG1h
YfaxwVzBzZ8VeNgkGeJs0qTXY0evUKc0+DpiSRFt67mR1mWlHsNn6jDd0+5tb1un
riZHu2R5S3p43WFs6DDKvAtBV7L8UjueN1MCrfVH98dVBMBK4fLDUyee1IVAnOY5
j0ObQAPV8uvCAaVlAHLwIiAwWKT2+e3QS1GW/lyRak7wdDsAhNmgDVAvXDqpNqUg
n/ulfRsuqYNJRhDUWDV9KvNBX5CLWEWbIk40PCUGY3gwS8dn+PVdRLyWvwPweEi4
qlJEmsrIZ8CJSyET+RKSj4hICwwuvBBQQknyqkLKCDMVcltoml0BZCtiTQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJi5FWczqXbItxTo1SBCaKjSiCr2MB8GA1UdIwQY
MBaAFCj9ZuQ6EEYzsnusU5uYvfjr+smuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1AxbTVEb1FSak95ZTZ4VG01aTktT3Y2eWE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84ZWQzYjctYmIyZC00ZjRkLTlkYjYt
MjY3NjY5ZjM1NjQ4LzEvbUxrVlp6T3Bkc2kzRk9qVklFSm9xTktJS3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi84ZWQzYjctYmIyZC00ZjRkLTlkYjYtMjY3NjY5ZjM1NjQ4
LzEvS1AxbTVEb1FSak95ZTZ4VG01aTktT3Y2eWE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAwpPYMBgE
AgACMBIwEAMFBioKN8ADBwAqCjfAAAIwDQYJKoZIhvcNAQELBQADggEBAFnS4K1E
JkngNOw6wll6AxDhrO4RauIJlvvwpA2/ykGHm0ON3SwIycGMBPoZeuR1C6jwP85f
lDCXF6K0W1l8cQxH4Bb+MDnU567jlwtFfXLNQ/0tb1LxGAPSDYcJcP6J5YPt6yQl
1aOk2FwxhQxYUcXNOCPwVg0YOitgMJv1rTbd3OGovpebx0DeaebLdYRc7Srp+/io
eeFXmZlbJFJn6WvkbHQWOEQSzXVT1b03kUY1n/tXmV9LezPwkM2zrGSmFmHUnE8r
aIQOVvZclpWWS347ZQ7ZyT6fNFtH9wq9JCEzKH2G2tvrzABGTWTS+m2uBVz6SWwG
ErjK4yE6B2/BdbQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:19 2024 by rpki-client on console-fra.rpki-client.org