Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/MGSbck2iPdW5_Nt_4jXHM8XlpQI.roa
File: MGSbck2iPdW5_Nt_4jXHM8XlpQI.roa (raw, json)
Hash identifier: lq9YvpRQuhnnLwmpc95vkCm9l9KKkDEcmFVfKN/w470=
Subject key identifier: 30:64:9B:72:4D:A2:3D:D5:B9:FC:DB:7F:E2:35:C7:33:C5:E5:A5:02
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 01896478EE9CE20967C43CD9CF9D5F5E64E5
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/MGSbck2iPdW5_Nt_4jXHM8XlpQI.roa
Signing time: Mon 17 Jul 2023 15:29:54 +0000
ROA not before: Mon 17 Jul 2023 15:29:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48031
IP address blocks: 46.149.173.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:78:ee:9c:e2:09:67:c4:3c:d9:cf:9d:5f:5e:64:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Jul 17 15:29:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30649b724da23dd5b9fcdb7fe235c733c5e5a502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:74:53:ec:57:2f:1f:70:7b:4e:a6:04:ab:ab:
6b:c8:c4:d8:b0:3a:c2:1c:7c:21:f3:72:ff:69:df:
c0:b4:8e:cb:43:c2:10:95:21:4f:a9:6c:f7:e2:ce:
68:fe:e1:34:f1:20:37:24:07:32:76:d5:0a:c3:f3:
7f:8d:f1:0e:90:14:a6:14:8e:09:c7:37:a1:d4:2b:
b7:10:00:0c:1c:90:c7:5c:bc:25:bc:b4:bf:bf:f9:
db:04:c0:6f:c5:50:60:c1:f9:14:ea:48:70:fc:19:
dc:18:1e:b1:44:2d:8e:5d:a3:70:9f:a5:a6:dc:49:
38:46:b1:82:03:5c:0f:89:91:49:76:0d:78:89:1c:
63:d6:00:71:cb:6a:56:aa:23:65:68:6d:81:44:58:
d2:77:fa:68:9a:26:f1:bf:ed:d8:20:ba:cc:d5:63:
08:d4:a4:9e:1d:03:1e:7e:01:55:00:f9:68:81:c2:
05:3b:a4:78:40:cd:49:32:75:e3:12:58:5a:63:1b:
a2:4c:5c:fd:2d:a8:71:16:a8:90:fe:15:9f:ad:f7:
00:aa:82:b9:91:6e:8c:10:28:db:05:49:23:b6:17:
91:18:f8:7d:88:aa:05:09:1b:e5:a5:90:62:49:7b:
a0:0d:26:31:66:3d:63:07:34:8e:51:20:42:cb:e3:
2f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:64:9B:72:4D:A2:3D:D5:B9:FC:DB:7F:E2:35:C7:33:C5:E5:A5:02
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/MGSbck2iPdW5_Nt_4jXHM8XlpQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.173.0/24
Signature Algorithm: sha256WithRSAEncryption
12:e0:86:f0:d8:cd:df:47:c2:14:ef:91:52:0b:cf:68:49:f6:
d2:08:f6:3d:9a:23:3e:31:e1:72:6a:29:ed:c2:3c:8b:a7:b7:
20:ca:da:e9:6a:b2:f9:ae:db:c8:7c:28:ed:4f:3f:f7:ff:f8:
97:d3:83:02:69:10:36:39:bf:b6:01:81:e6:15:c3:b2:4f:40:
f1:49:56:8b:8e:43:a7:34:48:15:f0:b7:25:3c:b3:54:81:1a:
65:71:fc:fa:9c:e3:d5:87:fa:47:63:23:19:ea:c2:75:8f:f8:
4b:8f:a8:f6:6d:9a:56:8e:28:5c:33:09:f8:98:bb:2f:64:2f:
e4:ab:56:61:94:59:75:5c:73:0d:89:1b:83:35:b4:1b:c9:17:
18:ce:77:8c:38:c1:b1:d5:5e:7f:3c:c5:ca:69:b0:96:30:10:
16:08:cc:14:e0:17:4b:70:91:ae:bc:30:ac:f3:91:1a:3a:c9:
3f:f2:7a:a5:fb:80:9c:ca:6f:d2:45:80:5d:44:5a:15:ca:af:
1f:f8:2e:49:bb:a3:02:33:53:f6:c0:1d:14:2a:ec:4d:4d:9f:
df:f1:1a:6b:17:04:a6:d8:37:54:70:87:06:48:a3:fa:84:3c:
32:e9:5d:0b:15:38:27:89:3b:e4:12:a9:71:69:ad:ec:c0:ac:
1b:77:c8:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlkeO6c4glnxDzZz51fXmTlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjMwNzE3MTUyOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDY0OWI3MjRkYTIzZGQ1YjlmY2RiN2ZlMjM1YzczM2M1ZTVhNTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHRT7FcvH3B7TqYEq6tryMTYsDrC
HHwh83L/ad/AtI7LQ8IQlSFPqWz34s5o/uE08SA3JAcydtUKw/N/jfEOkBSmFI4J
xzeh1Cu3EAAMHJDHXLwlvLS/v/nbBMBvxVBgwfkU6khw/BncGB6xRC2OXaNwn6Wm
3Ek4RrGCA1wPiZFJdg14iRxj1gBxy2pWqiNlaG2BRFjSd/pomibxv+3YILrM1WMI
1KSeHQMefgFVAPlogcIFO6R4QM1JMnXjElhaYxuiTFz9LahxFqiQ/hWfrfcAqoK5
kW6MECjbBUkjtheRGPh9iKoFCRvlpZBiSXugDSYxZj1jBzSOUSBCy+Mv3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDBkm3JNoj3Vufzbf+I1xzPF5aUCMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvTUdTYmNrMmlQZFc1X050XzRqWEhNOFhscFFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALpWtMA0G
CSqGSIb3DQEBCwUAA4IBAQAS4Ibw2M3fR8IU75FSC89oSfbSCPY9miM+MeFyaint
wjyLp7cgytrparL5rtvIfCjtTz/3//iX04MCaRA2Ob+2AYHmFcOyT0DxSVaLjkOn
NEgV8LclPLNUgRplcfz6nOPVh/pHYyMZ6sJ1j/hLj6j2bZpWjihcMwn4mLsvZC/k
q1ZhlFl1XHMNiRuDNbQbyRcYzneMOMGx1V5/PMXKabCWMBAWCMwU4BdLcJGuvDCs
85EaOsk/8nql+4Ccym/SRYBdRFoVyq8f+C5Ju6MCM1P2wB0UKuxNTZ/f8RprFwSm
2DdUcIcGSKP6hDwy6V0LFTgniTvkEqlxaa3swKwbd8im
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:55 2024 by rpki-client on console-ams.rpki-client.org