Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/mLBfnpSF4hZeVnaibUX3Ih62ps0.roa
File: mLBfnpSF4hZeVnaibUX3Ih62ps0.roa (raw, json)
Hash identifier: aYVB8zts/xlQjwV+ITSigmTf5inN3UU9E3PTUpokilQ=
Subject key identifier: 98:B0:5F:9E:94:85:E2:16:5E:56:76:A2:6D:45:F7:22:1E:B6:A6:CD
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018A19749611D20C3F6E9D944AE5DC9C80FA
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/mLBfnpSF4hZeVnaibUX3Ih62ps0.roa
Signing time: Mon 21 Aug 2023 18:56:25 +0000
ROA not before: Mon 21 Aug 2023 18:56:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64470
IP address blocks: 45.140.32.0/22 maxlen: 22
193.46.204.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
193.46.214.0/24 maxlen: 24
193.46.220.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:19:74:96:11:d2:0c:3f:6e:9d:94:4a:e5:dc:9c:80:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Aug 21 18:56:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98b05f9e9485e2165e5676a26d45f7221eb6a6cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d8:85:b1:e2:c6:a8:cf:a7:fd:f1:48:7c:bd:
9c:d9:fc:50:c2:5d:c1:84:71:49:95:f4:2a:ac:99:
bc:a6:d4:e6:18:6a:ba:66:6a:98:53:ed:56:b8:d4:
ce:6a:16:89:49:e9:da:b2:25:25:ab:2b:e0:70:18:
2b:52:2b:0c:35:2e:29:e8:54:72:fd:e3:77:4f:1e:
c2:b2:b0:c4:f4:d3:5a:61:d7:a6:1c:26:98:7b:17:
01:24:fd:5a:f3:19:4e:a2:d3:dd:2c:d9:76:08:ee:
e8:f4:d3:fd:16:5c:08:5d:00:5a:5d:58:d5:87:60:
f6:3c:ec:58:6d:ac:b9:69:2b:e7:b8:db:46:2e:e6:
b4:5b:25:25:9b:65:05:d6:ce:fe:57:91:9d:f7:04:
51:9c:2a:5b:31:94:9c:fc:5f:24:98:92:48:5b:24:
b5:cc:cb:b8:3d:12:0f:d8:09:8a:38:3d:1c:1b:52:
c9:77:46:39:44:17:ae:83:00:70:e6:52:a9:4d:7c:
6d:a6:87:d5:1f:6b:c4:d3:c9:cb:d6:ac:fb:41:c5:
ae:21:4d:24:c8:f1:bf:67:6a:f1:da:fd:af:d7:d9:
d8:7c:21:d4:8e:65:85:6e:24:39:69:29:b1:e9:a5:
09:c3:58:e2:7f:45:e9:1b:22:48:ba:ab:08:5c:4a:
fb:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:B0:5F:9E:94:85:E2:16:5E:56:76:A2:6D:45:F7:22:1E:B6:A6:CD
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/mLBfnpSF4hZeVnaibUX3Ih62ps0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.32.0/22
193.46.204.0/24
193.46.211.0/24
193.46.214.0/24
193.46.220.0/24
Signature Algorithm: sha256WithRSAEncryption
52:25:93:d5:7d:3c:2c:ab:86:0d:6b:6e:84:80:f4:70:96:d2:
68:2e:d5:82:5c:29:93:50:69:55:a2:3a:9a:05:7e:5d:5c:66:
48:c3:8a:90:d0:51:9c:77:cc:63:5e:20:54:c4:43:15:58:06:
c4:c8:c6:bc:32:21:a1:cd:b1:4c:d0:b5:70:c9:a4:db:8f:55:
bb:55:65:9e:33:e5:95:71:1e:fb:4c:26:d2:8c:32:f5:a7:68:
44:01:f2:88:5e:2b:f3:d7:a0:ce:61:f6:19:2c:6d:f9:eb:70:
8c:40:94:f2:7f:a3:e9:64:11:5f:c1:87:9a:cf:8f:0f:9d:74:
12:c2:c2:47:ee:46:c8:f4:3f:fd:f6:8c:e6:eb:b7:5e:31:0e:
f6:de:61:c5:d9:4e:09:52:fc:81:7a:8f:27:63:a9:47:af:9c:
87:37:40:d3:f6:54:c2:8a:4a:aa:a5:5e:22:4b:cf:da:f2:0d:
e0:b5:49:9c:73:bc:23:1d:07:ad:3a:14:54:50:2c:d9:d8:b3:
f4:5b:65:40:f8:ab:55:91:4a:31:ce:86:a0:6f:f4:28:48:d7:
e4:aa:be:d4:7f:1d:8b:d0:db:c5:da:ef:fb:7e:f9:21:fc:f7:
e0:ba:da:f6:58:22:a2:13:f4:38:7b:b9:2e:f0:0f:0f:a5:35:
0d:09:69:47
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYoZdJYR0gw/bp2USuXcnID6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwODIxMTg1NjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGIwNWY5ZTk0ODVlMjE2NWU1Njc2YTI2ZDQ1ZjcyMjFlYjZhNmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9iFseLGqM+n/fFIfL2c2fxQwl3B
hHFJlfQqrJm8ptTmGGq6ZmqYU+1WuNTOahaJSenasiUlqyvgcBgrUisMNS4p6FRy
/eN3Tx7CsrDE9NNaYdemHCaYexcBJP1a8xlOotPdLNl2CO7o9NP9FlwIXQBaXVjV
h2D2POxYbay5aSvnuNtGLua0WyUlm2UF1s7+V5Gd9wRRnCpbMZSc/F8kmJJIWyS1
zMu4PRIP2AmKOD0cG1LJd0Y5RBeugwBw5lKpTXxtpofVH2vE08nL1qz7QcWuIU0k
yPG/Z2rx2v2v19nYfCHUjmWFbiQ5aSmx6aUJw1jif0XpGyJIuqsIXEr7twIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJiwX56UheIWXlZ2om1F9yIetqbNMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvbUxCZm5wU0Y0aFplVm5haWJVWDNJaDYycHMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLYwgAwQA
wS7MAwQAwS7TAwQAwS7WAwQAwS7cMA0GCSqGSIb3DQEBCwUAA4IBAQBSJZPVfTws
q4YNa26EgPRwltJoLtWCXCmTUGlVojqaBX5dXGZIw4qQ0FGcd8xjXiBUxEMVWAbE
yMa8MiGhzbFM0LVwyaTbj1W7VWWeM+WVcR77TCbSjDL1p2hEAfKIXivz16DOYfYZ
LG3563CMQJTyf6PpZBFfwYeaz48PnXQSwsJH7kbI9D/99ozm67deMQ723mHF2U4J
UvyBeo8nY6lHr5yHN0DT9lTCikqqpV4iS8/a8g3gtUmcc7wjHQetOhRUUCzZ2LP0
W2VA+KtVkUoxzoagb/QoSNfkqr7Ufx2L0NvF2u/7fvkh/Pfgutr2WCKiE/Q4e7ku
8A8PpTUNCWlH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org