Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/Mdus2XCO6ddevC_XapLOSGqD25U.roa
File: Mdus2XCO6ddevC_XapLOSGqD25U.roa (raw, json)
Hash identifier: Q8yxvjy7G03MF1jLQpHBZgkOcLq7KO5AzsOWOhRQsxA=
Subject key identifier: 31:DB:AC:D9:70:8E:E9:D7:5E:BC:2F:D7:6A:92:CE:48:6A:83:DB:95
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018CC56E2090F806C5B899B3FFD3B90B986A
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/Mdus2XCO6ddevC_XapLOSGqD25U.roa
Signing time: Mon 01 Jan 2024 14:29:37 +0000
ROA not before: Mon 01 Jan 2024 14:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200636
IP address blocks: 185.81.180.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:20:90:f8:06:c5:b8:99:b3:ff:d3:b9:0b:98:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Jan 1 14:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31dbacd9708ee9d75ebc2fd76a92ce486a83db95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:71:0b:26:08:c1:ae:b2:c9:cd:15:8a:43:81:
f8:13:e7:14:0a:a4:50:72:2a:9a:aa:84:40:31:88:
d7:51:ac:7e:9f:db:b2:fa:cf:89:7e:8f:53:d9:15:
71:0a:cd:e9:9c:22:49:20:7d:b0:1a:8f:9f:91:52:
e2:9f:76:e3:c7:a0:16:8d:61:87:be:58:a2:82:62:
90:a9:66:ef:f6:15:79:a8:8f:10:ad:e3:61:68:98:
76:dc:bd:07:6a:2c:2f:16:64:f5:89:95:46:7a:aa:
4b:ab:d8:8d:16:d7:f1:b6:eb:18:8e:b1:f0:94:e9:
fa:d7:8d:7f:59:a6:9b:f8:d9:04:37:36:7d:c1:e7:
28:2f:f7:be:9b:a1:04:3b:e4:70:0f:91:0d:58:11:
5d:a5:46:2a:8c:ff:4a:54:32:69:d5:e2:b3:50:dd:
1c:d6:02:51:90:59:b2:bc:61:71:9d:7d:ce:eb:4d:
fd:3d:34:1a:8a:2d:22:c8:d9:76:6e:d6:08:2c:02:
47:71:be:8c:4b:7e:01:4f:a1:f8:f9:a0:e8:ea:56:
1b:b8:8c:88:48:7e:22:53:17:e7:4c:32:c9:32:89:
db:ec:2e:1b:61:f1:c7:07:bb:f7:14:8e:36:50:38:
71:b9:38:fd:ae:70:16:30:a3:84:fa:06:6b:a3:ba:
9d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:DB:AC:D9:70:8E:E9:D7:5E:BC:2F:D7:6A:92:CE:48:6A:83:DB:95
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/Mdus2XCO6ddevC_XapLOSGqD25U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.180.0/24
Signature Algorithm: sha256WithRSAEncryption
89:44:38:83:1e:35:ad:ba:bb:bc:a0:ad:01:cb:e9:df:fc:d7:
d6:f6:b0:1b:14:ee:c9:dd:d1:20:60:c5:7c:4b:27:b1:e5:d9:
a9:8a:27:fe:d8:a4:df:0c:4a:a8:62:b7:74:e8:8b:f5:6b:41:
b4:52:1b:68:21:19:61:6f:6c:e8:1a:4e:c7:27:4f:a4:98:98:
f0:9d:5a:95:81:88:9d:9a:d1:63:f3:fb:19:12:5e:cd:d0:85:
8d:d2:d4:af:38:3c:b4:ba:ab:48:6e:fe:e9:a6:72:a0:23:27:
7d:db:91:ce:0f:6e:5a:e8:5e:a0:c3:44:42:75:bc:7d:90:70:
75:15:d5:12:e7:89:4a:f6:c4:5b:40:18:cd:53:a5:42:83:e0:
31:7f:1b:56:18:45:5b:13:f5:76:8c:19:8f:46:6c:4b:9c:e6:
a7:b4:e7:03:b9:9a:6d:4b:77:19:84:fc:6a:e5:39:2f:bf:40:
f1:b8:ca:ce:9a:41:e4:c2:73:67:69:33:e0:a3:e7:f1:5e:e1:
06:35:53:f2:56:0e:bb:a4:22:c1:e0:20:13:d4:3a:57:b2:14:
52:0c:51:09:31:84:24:f1:6c:be:f1:d0:3a:96:26:20:17:bd:
c3:c6:cb:a1:42:4f:30:ac:00:d2:61:1b:17:ff:72:0c:88:ff:
99:8d:4d:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbiCQ+AbFuJmz/9O5C5hqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjQwMTAxMTQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWRiYWNkOTcwOGVlOWQ3NWViYzJmZDc2YTkyY2U0ODZhODNkYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnELJgjBrrLJzRWKQ4H4E+cUCqRQ
ciqaqoRAMYjXUax+n9uy+s+Jfo9T2RVxCs3pnCJJIH2wGo+fkVLin3bjx6AWjWGH
vliigmKQqWbv9hV5qI8QreNhaJh23L0HaiwvFmT1iZVGeqpLq9iNFtfxtusYjrHw
lOn6141/Waab+NkENzZ9wecoL/e+m6EEO+RwD5ENWBFdpUYqjP9KVDJp1eKzUN0c
1gJRkFmyvGFxnX3O6039PTQaii0iyNl2btYILAJHcb6MS34BT6H4+aDo6lYbuIyI
SH4iUxfnTDLJMonb7C4bYfHHB7v3FI42UDhxuTj9rnAWMKOE+gZro7qdnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDHbrNlwjunXXrwv12qSzkhqg9uVMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvTWR1czJYQ082ZGRldkNfWGFwTE9TR3FEMjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVG0MA0G
CSqGSIb3DQEBCwUAA4IBAQCJRDiDHjWturu8oK0By+nf/NfW9rAbFO7J3dEgYMV8
Syex5dmpiif+2KTfDEqoYrd06Iv1a0G0UhtoIRlhb2zoGk7HJ0+kmJjwnVqVgYid
mtFj8/sZEl7N0IWN0tSvODy0uqtIbv7ppnKgIyd925HOD25a6F6gw0RCdbx9kHB1
FdUS54lK9sRbQBjNU6VCg+AxfxtWGEVbE/V2jBmPRmxLnOantOcDuZptS3cZhPxq
5Tkvv0DxuMrOmkHkwnNnaTPgo+fxXuEGNVPyVg67pCLB4CAT1DpXshRSDFEJMYQk
8Wy+8dA6liYgF73DxsuhQk8wrADSYRsX/3IMiP+ZjU2M
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:34 2025 by rpki-client