Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/mfgcha5Hb5i7iJ-vEUWNsTPraTU.roa
File: mfgcha5Hb5i7iJ-vEUWNsTPraTU.roa (raw, json)
Hash identifier: PozlY4ET/thUkuhNfCY9Zp/d2hW7Vxzy6T4HalmbdXA=
Subject key identifier: 99:F8:1C:85:AE:47:6F:98:BB:88:9F:AF:11:45:8D:B1:33:EB:69:35
Certificate issuer: /CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Certificate serial: 018E3243C2DF5D319E719A6FD7FBF1C512B2
Authority key identifier: CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/mfgcha5Hb5i7iJ-vEUWNsTPraTU.roa
Signing time: Tue 12 Mar 2024 10:44:45 +0000
ROA not before: Tue 12 Mar 2024 10:44:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48031
IP address blocks: 91.246.56.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:43:c2:df:5d:31:9e:71:9a:6f:d7:fb:f1:c5:12:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Validity
Not Before: Mar 12 10:44:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99f81c85ae476f98bb889faf11458db133eb6935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3b:4b:d0:0b:27:f3:9d:d4:cf:3d:de:3b:09:
b0:94:13:67:27:8f:81:64:1f:90:4a:3b:dd:9b:05:
d8:1e:56:c6:58:38:41:db:bb:6e:e6:50:27:01:ec:
3d:b9:51:40:1d:42:01:86:9d:78:34:40:f1:28:82:
91:86:6f:ac:5e:20:28:95:cd:b0:f9:af:54:28:fe:
fd:15:09:59:d2:31:af:95:2f:b2:18:ba:bc:ca:1a:
fd:fd:d3:10:19:a3:99:2f:1f:38:59:6c:6c:77:6c:
f6:ed:37:74:e3:4d:b1:c3:b8:e0:f8:2c:48:d4:66:
97:1f:a6:63:35:9f:2b:61:ff:7f:13:3d:6b:29:02:
b0:e4:93:05:74:82:91:ff:c3:57:95:5c:f7:90:ed:
e4:44:d5:94:d7:2a:19:d2:27:bd:c4:91:9f:36:34:
e8:ae:3b:8d:46:c2:0d:12:a4:10:8f:55:2a:b3:18:
bf:36:a9:0a:be:df:ec:44:36:f8:9b:9c:df:d5:37:
4f:d6:c1:9c:4b:e3:8c:e5:3f:b5:d2:20:d2:8b:77:
b0:08:c2:34:f3:0a:fb:86:78:ea:34:ef:c3:03:ed:
f2:50:f4:90:67:fd:8c:28:48:40:45:c3:9b:5d:58:
19:9f:29:6b:05:dc:5e:22:bc:46:30:74:5b:b4:93:
80:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F8:1C:85:AE:47:6F:98:BB:88:9F:AF:11:45:8D:B1:33:EB:69:35
X509v3 Authority Key Identifier:
keyid:CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/mfgcha5Hb5i7iJ-vEUWNsTPraTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.246.56.0/24
Signature Algorithm: sha256WithRSAEncryption
97:58:50:ae:25:92:f6:47:20:90:ef:40:bb:33:a0:56:44:1d:
fb:ff:87:22:7f:e9:96:5c:ad:61:95:db:85:f9:c5:96:48:68:
ff:69:0e:74:4a:32:50:bf:e1:2a:15:08:e0:22:73:84:a8:2c:
6d:d5:7b:8c:83:66:40:13:15:ac:11:a4:12:f3:7a:a1:6b:0a:
ba:32:ab:ea:46:54:89:86:17:84:10:e6:4c:99:4e:b2:b8:c9:
16:44:dc:43:b7:a8:38:99:d5:6d:29:24:35:fe:27:d9:ca:41:
29:3b:f7:77:77:50:2b:c3:2a:05:2f:ae:27:a0:3f:7b:54:88:
be:eb:4f:4a:48:20:e5:6b:d2:b1:a9:67:44:4e:70:0b:00:e9:
f5:65:b9:87:e2:b6:9a:95:23:ed:a6:3e:d4:39:29:54:60:59:
be:3a:03:18:be:36:22:2a:d4:56:f5:07:36:80:7f:85:1e:af:
15:10:53:59:50:a3:c6:32:01:e8:d6:59:94:2b:79:5f:c7:cc:
da:14:a3:31:4c:ee:27:73:bd:97:14:18:f8:a0:97:2e:6a:b9:
8b:9c:00:26:69:6f:de:b1:26:59:24:b8:59:c6:eb:b7:45:68:
26:62:8b:0b:10:83:d2:90:ed:23:23:cc:48:16:92:ee:13:96:
f5:36:71:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4yQ8LfXTGecZpv1/vxxRKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGJlZmJhOGZlM2MxZjY2OGM4NDQ0Mzg0ZmU0YTNhOWY0
ZDg3ZjEwHhcNMjQwMzEyMTA0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWY4MWM4NWFlNDc2Zjk4YmI4ODlmYWYxMTQ1OGRiMTMzZWI2OTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiztL0Asn853Uzz3eOwmwlBNnJ4+B
ZB+QSjvdmwXYHlbGWDhB27tu5lAnAew9uVFAHUIBhp14NEDxKIKRhm+sXiAolc2w
+a9UKP79FQlZ0jGvlS+yGLq8yhr9/dMQGaOZLx84WWxsd2z27Td0402xw7jg+CxI
1GaXH6ZjNZ8rYf9/Ez1rKQKw5JMFdIKR/8NXlVz3kO3kRNWU1yoZ0ie9xJGfNjTo
rjuNRsINEqQQj1Uqsxi/NqkKvt/sRDb4m5zf1TdP1sGcS+OM5T+10iDSi3ewCMI0
8wr7hnjqNO/DA+3yUPSQZ/2MKEhARcObXVgZnylrBdxeIrxGMHRbtJOALQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJn4HIWuR2+Yu4ifrxFFjbEz62k1MB8GA1UdIwQY
MBaAFM3b77qP48H2aMhEQ4T+SjqfTYfxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMt
MWEzOWU2YTZkZTkzLzEvbWZnY2hhNUhiNWk3aUotdkVVV05zVFByYVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMtMWEzOWU2YTZkZTkz
LzEvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/Y4MA0G
CSqGSIb3DQEBCwUAA4IBAQCXWFCuJZL2RyCQ70C7M6BWRB37/4cif+mWXK1hlduF
+cWWSGj/aQ50SjJQv+EqFQjgInOEqCxt1XuMg2ZAExWsEaQS83qhawq6MqvqRlSJ
hheEEOZMmU6yuMkWRNxDt6g4mdVtKSQ1/ifZykEpO/d3d1ArwyoFL64noD97VIi+
609KSCDla9KxqWdETnALAOn1ZbmH4raalSPtpj7UOSlUYFm+OgMYvjYiKtRW9Qc2
gH+FHq8VEFNZUKPGMgHo1lmUK3lfx8zaFKMxTO4nc72XFBj4oJcuarmLnAAmaW/e
sSZZJLhZxuu3RWgmYosLEIPSkO0jI8xIFpLuE5b1NnEL
-----END CERTIFICATE-----
Generated at Wed Apr 10 16:40:17 2024 by rpki-client on console-ams.rpki-client.org