Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/741668-d2e5-4ea2-a55a-a7514fc4eb48/1/_MYgH3DX8I-bO2qAtQipvNAyd-A.roa
File: _MYgH3DX8I-bO2qAtQipvNAyd-A.roa (raw, json)
Hash identifier: rL8KB9PkJ7HfST27sov/BRuNsoal+W7wTOn6v738Dtk=
Subject key identifier: FC:C6:20:1F:70:D7:F0:8F:9B:3B:6A:80:B5:08:A9:BC:D0:32:77:E0
Certificate issuer: /CN=108e1a53b1eb11d821be966dfa4af17f70cc08bd
Certificate serial: 03E0AE37
Authority key identifier: 10:8E:1A:53:B1:EB:11:D8:21:BE:96:6D:FA:4A:F1:7F:70:CC:08:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EI4aU7HrEdghvpZt-krxf3DMCL0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/741668-d2e5-4ea2-a55a-a7514fc4eb48/1/_MYgH3DX8I-bO2qAtQipvNAyd-A.roa
Signing time: Sat 01 Jan 2022 11:02:05 +0000
ROA not before: Sat 01 Jan 2022 11:02:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58286
IP address blocks: 185.238.162.0/24 maxlen: 24
185.240.226.0/24 maxlen: 24
185.240.224.0/24 maxlen: 24
185.240.227.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65056311 (0x3e0ae37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=108e1a53b1eb11d821be966dfa4af17f70cc08bd
Validity
Not Before: Jan 1 11:02:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fcc6201f70d7f08f9b3b6a80b508a9bcd03277e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:81:0a:0d:5c:04:f8:f9:d5:8a:6e:89:6d:54:
fe:c0:4e:84:71:86:9a:67:bd:78:16:48:29:92:8d:
42:b7:fb:02:76:7e:55:54:5e:ed:a2:46:e6:e5:71:
14:52:5e:f0:ce:6e:d9:ee:db:cd:11:26:67:4c:87:
b1:17:8d:3b:9f:19:63:a9:52:94:5f:5e:dc:7d:15:
3d:0b:43:fd:e6:b6:80:69:51:ed:8d:75:ac:71:4c:
28:a6:4a:65:eb:c6:3c:4e:90:39:05:8b:8c:1d:b2:
ef:69:ac:94:8d:73:42:1e:dc:18:7b:46:e3:b7:8e:
bb:05:b7:da:03:31:ea:3b:51:07:91:22:94:f2:9d:
ab:53:29:b3:63:a9:5d:0b:1d:ee:85:3b:6d:14:1b:
a8:06:e3:27:39:bb:76:68:d5:18:e6:47:5d:6a:08:
6a:df:d9:5f:25:44:cd:fb:24:13:30:e8:f6:f8:50:
14:65:73:0c:fb:be:58:ea:b9:76:63:11:85:27:db:
34:64:b7:2e:9d:49:68:39:80:75:41:b2:18:14:b2:
eb:47:44:17:54:d5:16:c3:8f:ad:f2:fd:46:be:67:
41:17:4f:59:a6:65:7f:4a:97:64:34:93:c8:25:06:
74:ef:b9:44:c3:4c:32:ac:7a:3e:fa:56:1c:7c:b1:
0d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:C6:20:1F:70:D7:F0:8F:9B:3B:6A:80:B5:08:A9:BC:D0:32:77:E0
X509v3 Authority Key Identifier:
keyid:10:8E:1A:53:B1:EB:11:D8:21:BE:96:6D:FA:4A:F1:7F:70:CC:08:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EI4aU7HrEdghvpZt-krxf3DMCL0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/741668-d2e5-4ea2-a55a-a7514fc4eb48/1/_MYgH3DX8I-bO2qAtQipvNAyd-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/741668-d2e5-4ea2-a55a-a7514fc4eb48/1/EI4aU7HrEdghvpZt-krxf3DMCL0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.162.0/24
185.240.224.0/24
185.240.226.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:77:63:8b:a9:8c:d2:63:e1:d1:f7:cb:82:a2:aa:f7:00:f6:
0f:aa:d5:bd:e0:51:63:cb:4b:11:cd:be:3f:b4:e8:ca:a3:2d:
c4:56:cb:93:75:95:43:25:88:15:32:37:63:37:ca:69:7a:48:
93:12:d7:ec:d2:cd:7e:a6:1d:1f:30:82:ae:67:ba:e1:c3:32:
ac:94:f3:a9:5e:51:99:8a:0c:9a:5a:6c:07:b7:53:c7:7f:cb:
db:28:11:cb:8b:93:b7:bb:f7:c0:b6:6e:1e:a5:b0:45:35:36:
7d:0b:33:b0:7e:44:dd:40:a3:2a:6d:eb:2e:ff:3b:df:91:bf:
44:4a:26:77:df:db:50:bc:e3:24:54:51:0f:bf:bb:6f:00:2a:
7d:b9:70:7b:0f:e6:82:26:66:7e:93:87:35:1b:27:a7:a0:43:
10:f0:41:29:84:7c:0b:6a:c9:b8:e8:fd:ea:39:13:bb:0d:fc:
c6:65:6a:99:f3:19:27:14:61:2c:d7:04:c7:be:ad:b8:4d:bf:
4b:00:39:6c:06:f3:a5:57:8c:8a:fd:4e:40:49:46:8c:5f:b7:
da:19:58:6b:cb:7d:1b:8b:71:18:c5:af:81:72:9b:f1:e5:28:
9f:e9:df:cc:81:9e:19:88:f1:fa:72:76:ed:49:31:e8:4e:a5:
9f:c5:48:ef
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA+CuNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDhlMWE1M2IxZWIxMWQ4MjFiZTk2NmRmYTRhZjE3ZjcwY2MwOGJkMB4XDTIyMDEw
MTExMDIwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmNjNjIwMWY3MGQ3
ZjA4ZjliM2I2YTgwYjUwOGE5YmNkMDMyNzdlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGBCg1cBPj51YpuiW1U/sBOhHGGmme9eBZIKZKNQrf7AnZ+
VVRe7aJG5uVxFFJe8M5u2e7bzREmZ0yHsReNO58ZY6lSlF9e3H0VPQtD/ea2gGlR
7Y11rHFMKKZKZevGPE6QOQWLjB2y72mslI1zQh7cGHtG47eOuwW32gMx6jtRB5Ei
lPKdq1Mps2OpXQsd7oU7bRQbqAbjJzm7dmjVGOZHXWoIat/ZXyVEzfskEzDo9vhQ
FGVzDPu+WOq5dmMRhSfbNGS3Lp1JaDmAdUGyGBSy60dEF1TVFsOPrfL9Rr5nQRdP
WaZlf0qXZDSTyCUGdO+5RMNMMqx6PvpWHHyxDQUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBT8xiAfcNfwj5s7aoC1CKm80DJ34DAfBgNVHSMEGDAWgBQQjhpTsesR2CG+
lm36SvF/cMwIvTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VJNGFVN0hyRWRnaHZwWnQta3J4ZjNETUNMMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjMvNzQxNjY4LWQyZTUtNGVhMi1hNTVhLWE3NTE0ZmM0ZWI0OC8x
L19NWWdIM0RYOEktYk8ycUF0UWlwdk5BeWQtQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMv
NzQxNjY4LWQyZTUtNGVhMi1hNTVhLWE3NTE0ZmM0ZWI0OC8xL0VJNGFVN0hyRWRn
aHZwWnQta3J4ZjNETUNMMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEALnuogMEALnw4AMEAbnw4jANBgkq
hkiG9w0BAQsFAAOCAQEADXdji6mM0mPh0ffLgqKq9wD2D6rVveBRY8tLEc2+P7To
yqMtxFbLk3WVQyWIFTI3YzfKaXpIkxLX7NLNfqYdHzCCrme64cMyrJTzqV5RmYoM
mlpsB7dTx3/L2ygRy4uTt7v3wLZuHqWwRTU2fQszsH5E3UCjKm3rLv8735G/REom
d9/bULzjJFRRD7+7bwAqfblwew/mgiZmfpOHNRsnp6BDEPBBKYR8C2rJuOj96jkT
uw38xmVqmfMZJxRhLNcEx76tuE2/SwA5bAbzpVeMiv1OQElGjF+32hlYa8t9G4tx
GMWvgXKb8eUon+nfzIGeGYjx+nJ27Ukx6E6ln8VI7w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:04 2023 by rpki-client on console-ams.rpki-client.org