Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/8MT1HlgN0jchqbgSuyZX8lzLiuM.roa
File: 8MT1HlgN0jchqbgSuyZX8lzLiuM.roa (raw, json)
Hash identifier: S1pjRZOlL/mETk8E4keHFNljIXm9yf4bdew6+CbiKHE=
Subject key identifier: F0:C4:F5:1E:58:0D:D2:37:21:A9:B8:12:BB:26:57:F2:5C:CB:8A:E3
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 0187948476864887FA77EB94DFD150974844
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/8MT1HlgN0jchqbgSuyZX8lzLiuM.roa
Signing time: Tue 18 Apr 2023 13:18:41 +0000
ROA not before: Tue 18 Apr 2023 13:18:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 79.132.137.0/24 maxlen: 24
79.132.139.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:94:84:76:86:48:87:fa:77:eb:94:df:d1:50:97:48:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Apr 18 13:18:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f0c4f51e580dd23721a9b812bb2657f25ccb8ae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:36:98:cd:9a:c4:c4:30:23:78:11:05:4d:3b:
c4:81:11:01:97:17:6d:dc:89:73:d9:a7:b1:d2:fa:
92:14:db:26:c4:a2:a8:75:d2:1f:8a:d4:b7:6b:48:
c9:ca:c1:05:50:e3:21:66:a1:92:d1:65:bf:d2:1d:
0c:db:10:a2:a3:c1:6d:cd:ae:40:3e:59:59:33:0f:
8e:f0:d1:34:a2:b2:70:e5:30:34:cd:75:78:15:d0:
1a:3f:9d:9f:c0:64:37:ee:fd:fd:32:c7:b2:7b:c7:
93:2d:b5:19:11:87:5b:45:e7:e1:cd:f0:79:4a:1d:
6e:99:70:56:72:1f:c5:1c:95:26:7b:e8:46:10:14:
d5:b0:c9:bc:7f:78:0d:db:67:a3:fd:68:92:cd:94:
97:19:ea:e0:5d:9d:15:2c:98:31:d8:d0:0d:64:39:
4d:d9:c0:9a:43:5c:a9:38:5f:01:ed:bd:b0:0b:52:
8d:3c:44:23:89:76:88:c6:2e:aa:ac:79:94:15:52:
7d:2b:5b:2b:0b:71:89:36:dd:b0:33:6f:09:ce:3d:
27:84:bf:22:52:80:e8:e1:32:aa:21:6c:30:69:17:
58:62:35:09:88:df:d5:79:81:47:b2:e5:ec:c9:52:
b9:f9:cd:8d:bb:c4:ce:04:d7:b4:8a:3b:e4:ce:23:
33:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C4:F5:1E:58:0D:D2:37:21:A9:B8:12:BB:26:57:F2:5C:CB:8A:E3
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/8MT1HlgN0jchqbgSuyZX8lzLiuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.137.0/24
79.132.139.0/24
Signature Algorithm: sha256WithRSAEncryption
79:4d:16:b5:cb:27:eb:95:d5:63:57:9a:e9:a6:52:f8:db:17:
57:56:27:42:17:13:08:b6:1b:95:15:8b:01:aa:66:d2:61:54:
4c:fd:ea:e6:31:a2:14:82:f6:d6:ca:dd:cc:4e:78:f1:08:cf:
b2:ff:a3:0c:ff:db:61:c4:85:55:c6:46:55:95:eb:13:c7:4b:
5e:aa:0c:97:9e:2f:14:ab:dc:fc:68:1d:79:cf:4b:f8:22:74:
f9:5f:82:62:93:55:11:57:47:66:19:90:d7:3e:aa:ba:17:9c:
81:e1:ed:9e:37:97:cc:46:41:98:39:b5:f5:54:6f:4d:df:21:
2d:3a:a2:6c:c3:05:de:94:50:8f:7b:53:42:73:49:ee:28:74:
99:7c:b1:84:d5:34:97:f5:01:64:18:40:70:a0:9e:20:49:cc:
29:9b:e7:10:78:7c:92:b3:91:44:cf:89:a7:2c:3f:5d:a9:09:
62:43:83:02:cf:73:6d:bc:3f:aa:e6:2b:25:bc:82:d8:9c:ef:
7f:b5:bc:60:35:23:71:36:c5:b3:05:be:f8:ec:ba:04:ef:33:
b9:ba:75:e2:51:47:d3:12:6c:bd:6a:7b:2f:10:8a:a4:dc:a4:
d1:f6:03:d4:81:c7:31:b8:12:75:08:18:bf:9d:66:96:d7:bf:
ec:19:0c:8c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeUhHaGSIf6d+uU39FQl0hEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjMwNDE4MTMxODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGM0ZjUxZTU4MGRkMjM3MjFhOWI4MTJiYjI2NTdmMjVjY2I4YWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzaYzZrExDAjeBEFTTvEgREBlxdt
3Ilz2aex0vqSFNsmxKKoddIfitS3a0jJysEFUOMhZqGS0WW/0h0M2xCio8Ftza5A
PllZMw+O8NE0orJw5TA0zXV4FdAaP52fwGQ37v39Mseye8eTLbUZEYdbRefhzfB5
Sh1umXBWch/FHJUme+hGEBTVsMm8f3gN22ej/WiSzZSXGergXZ0VLJgx2NANZDlN
2cCaQ1ypOF8B7b2wC1KNPEQjiXaIxi6qrHmUFVJ9K1srC3GJNt2wM28Jzj0nhL8i
UoDo4TKqIWwwaRdYYjUJiN/VeYFHsuXsyVK5+c2Nu8TOBNe0ijvkziMzAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPDE9R5YDdI3Iam4ErsmV/Jcy4rjMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvOE1UMUhsZ04wamNocWJnU3V5Wlg4bHpMaXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAT4SJAwQA
T4SLMA0GCSqGSIb3DQEBCwUAA4IBAQB5TRa1yyfrldVjV5rpplL42xdXVidCFxMI
thuVFYsBqmbSYVRM/ermMaIUgvbWyt3MTnjxCM+y/6MM/9thxIVVxkZVlesTx0te
qgyXni8Uq9z8aB15z0v4InT5X4Jik1URV0dmGZDXPqq6F5yB4e2eN5fMRkGYObX1
VG9N3yEtOqJswwXelFCPe1NCc0nuKHSZfLGE1TSX9QFkGEBwoJ4gScwpm+cQeHyS
s5FEz4mnLD9dqQliQ4MCz3NtvD+q5islvILYnO9/tbxgNSNxNsWzBb747LoE7zO5
unXiUUfTEmy9ansvEIqk3KTR9gPUgccxuBJ1CBi/nWaW17/sGQyM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:02 2024 by rpki-client on console-fra.rpki-client.org