Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/mBpDnUkBQlM101BT3QjmrWwkgwE.roa
File: mBpDnUkBQlM101BT3QjmrWwkgwE.roa (raw, json)
Hash identifier: sc1PoImnRiPZqhvXr5+f6NjMd5e0326Rq0x4cOPM1t8=
Subject key identifier: 98:1A:43:9D:49:01:42:53:35:D3:50:53:DD:08:E6:AD:6C:24:83:01
Certificate issuer: /CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Certificate serial: 050CD7CA
Authority key identifier: 6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/mBpDnUkBQlM101BT3QjmrWwkgwE.roa
Signing time: Thu 17 Mar 2022 18:08:01 +0000
ROA not before: Thu 17 Mar 2022 18:08:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210021
IP address blocks: 188.72.43.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84727754 (0x50cd7ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Validity
Not Before: Mar 17 18:08:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=981a439d4901425335d35053dd08e6ad6c248301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e3:6e:93:36:cd:32:bf:6a:02:64:15:59:22:
7d:53:54:98:0d:4f:cc:92:75:3e:96:6f:6d:1d:f3:
34:0a:2f:9b:5d:cc:57:a1:5e:e5:f8:d9:2d:51:20:
ea:27:96:4f:fb:ac:a8:c3:52:56:d6:cd:cf:e1:1e:
3c:7a:b7:4e:13:e9:52:8a:01:15:b9:30:de:a6:34:
72:09:ec:51:34:7b:68:47:08:66:cf:12:45:f5:67:
57:e1:80:36:8b:a6:85:2b:0b:4b:42:da:fd:72:9a:
84:98:d2:10:9f:57:98:23:69:69:70:3d:90:86:95:
b8:18:b0:5a:74:40:ea:50:9f:0d:7f:36:98:0e:c2:
54:6b:6e:9a:c7:d6:3a:0c:e2:d1:3f:ee:1b:f1:91:
b7:e4:de:15:8b:be:96:d5:90:ec:9b:4d:df:85:87:
12:71:b7:43:c4:b1:5b:d4:da:2f:58:c5:92:0d:a7:
61:2a:5d:16:13:df:be:e2:9e:04:c2:3c:84:e3:05:
61:68:75:f0:6d:ae:9d:a8:bf:97:6f:7b:9b:29:bb:
7b:5f:ec:f4:c9:85:1e:9a:d0:cc:3f:ce:4e:b5:d8:
52:77:6d:06:dd:3f:e2:61:fa:c7:5c:5e:38:d5:ab:
a1:32:6e:fd:52:60:7b:66:c4:67:e6:60:d0:ee:2e:
ce:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:1A:43:9D:49:01:42:53:35:D3:50:53:DD:08:E6:AD:6C:24:83:01
X509v3 Authority Key Identifier:
keyid:6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/mBpDnUkBQlM101BT3QjmrWwkgwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.43.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:02:7d:33:27:37:89:57:8f:d3:37:ec:c4:35:1e:9a:0d:78:
52:3a:00:7b:14:68:1a:9d:4d:32:a8:86:4b:59:26:1d:8a:eb:
a4:66:92:c5:9f:36:d1:88:82:d1:47:e9:b4:3d:40:f0:d9:43:
8c:55:aa:f8:0f:d5:31:d1:45:bc:2d:d4:2c:0a:6f:a0:e3:9b:
b1:ae:9a:fa:02:80:a0:98:7e:a5:fd:65:26:38:7d:57:ca:b8:
d5:37:c6:f5:76:4d:db:f4:9c:34:91:02:3e:88:fd:c7:30:21:
60:f7:15:7f:40:d3:d9:5e:61:9d:28:1c:fe:40:a7:96:0b:39:
3b:b9:e3:df:c3:03:38:61:b4:7d:f7:32:45:ea:5f:be:94:35:
1e:c6:54:86:2f:46:bc:ff:be:3c:02:b9:c5:64:18:b9:fd:14:
bd:cf:6a:ba:9c:86:91:d7:87:bb:36:08:49:50:4e:23:e1:52:
ab:c0:f3:7f:f5:08:4b:c9:11:62:ac:99:34:dc:8e:94:eb:4d:
cb:85:f6:e5:04:2b:15:bd:7b:79:66:18:b2:d8:7c:ca:67:db:
f0:ed:ef:73:59:51:46:01:28:fc:41:f7:57:67:1f:cf:68:89:
e6:ee:5e:0c:e8:27:21:dc:06:6a:5d:73:4f:19:0d:e1:2f:48:
d7:06:09:bd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBQzXyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Y2IwZGVjMTNkZjIwNWE2NmVjNTIyNzkyNWI4ZjU2YmRiMDlmNDk5MB4XDTIyMDMx
NzE4MDgwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTgxYTQzOWQ0OTAx
NDI1MzM1ZDM1MDUzZGQwOGU2YWQ2YzI0ODMwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfjbpM2zTK/agJkFVkifVNUmA1PzJJ1PpZvbR3zNAovm13M
V6Fe5fjZLVEg6ieWT/usqMNSVtbNz+EePHq3ThPpUooBFbkw3qY0cgnsUTR7aEcI
Zs8SRfVnV+GANoumhSsLS0La/XKahJjSEJ9XmCNpaXA9kIaVuBiwWnRA6lCfDX82
mA7CVGtumsfWOgzi0T/uG/GRt+TeFYu+ltWQ7JtN34WHEnG3Q8SxW9TaL1jFkg2n
YSpdFhPfvuKeBMI8hOMFYWh18G2unai/l297mym7e1/s9MmFHprQzD/OTrXYUndt
Bt0/4mH6x1xeONWroTJu/VJge2bEZ+Zg0O4uzjUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSYGkOdSQFCUzXTUFPdCOatbCSDATAfBgNVHSMEGDAWgBRssN7BPfIFpm7F
InkluPVr2wn0mTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JMRGV3VDN5QmFadXhTSjVKYmoxYTlzSjlKay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvY2E0NmZjLTM4NDctNGYxZC05Y2U0LTUyYjllNmExNjM1MC8x
L21CcERuVWtCUWxNMTAxQlQzUWptcld3a2d3RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
Y2E0NmZjLTM4NDctNGYxZC05Y2U0LTUyYjllNmExNjM1MC8xL2JMRGV3VDN5QmFa
dXhTSjVKYmoxYTlzSjlKay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALxIKzANBgkqhkiG9w0BAQsFAAOC
AQEAfAJ9Myc3iVeP0zfsxDUemg14UjoAexRoGp1NMqiGS1kmHYrrpGaSxZ820YiC
0UfptD1A8NlDjFWq+A/VMdFFvC3ULApvoOObsa6a+gKAoJh+pf1lJjh9V8q41TfG
9XZN2/ScNJECPoj9xzAhYPcVf0DT2V5hnSgc/kCnlgs5O7nj38MDOGG0ffcyRepf
vpQ1HsZUhi9GvP++PAK5xWQYuf0Uvc9qupyGkdeHuzYISVBOI+FSq8Dzf/UIS8kR
YqyZNNyOlOtNy4X25QQrFb17eWYYsth8ymfb8O3vc1lRRgEo/EH3V2cfz2iJ5u5e
DOgnIdwGal1zTxkN4S9I1wYJvQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:45 2023 by rpki-client on console-fra.rpki-client.org