Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/MXxSNPhqGKrVYJqf6o7XsFI67fc.roa
File: MXxSNPhqGKrVYJqf6o7XsFI67fc.roa (raw, json)
Hash identifier: nbPTi5DsM16Odd8RU+cZtxZIq1QIq633ShLoOk5YN6M=
Subject key identifier: 31:7C:52:34:F8:6A:18:AA:D5:60:9A:9F:EA:8E:D7:B0:52:3A:ED:F7
Certificate issuer: /CN=94846741139263388d984db1e97e031669c6486e
Certificate serial: 0185703991F80E015094675ED483DE83FA07
Authority key identifier: 94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/MXxSNPhqGKrVYJqf6o7XsFI67fc.roa
Signing time: Mon 02 Jan 2023 02:04:58 +0000
ROA not before: Mon 02 Jan 2023 02:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210818
IP address blocks: 195.190.144.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:91:f8:0e:01:50:94:67:5e:d4:83:de:83:fa:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94846741139263388d984db1e97e031669c6486e
Validity
Not Before: Jan 2 02:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=317c5234f86a18aad5609a9fea8ed7b0523aedf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a0:4c:38:7c:65:b8:a4:48:08:14:e4:79:c1:
bf:c8:3d:8f:e6:8a:5c:23:bc:7d:03:a8:7a:a9:c1:
9a:5c:1b:c9:d8:1c:17:f9:e5:fc:cb:c3:d8:c8:7f:
44:5f:88:ce:eb:2d:0c:6d:ac:d0:56:ca:7b:6a:a5:
83:14:d3:5c:e3:e2:33:13:3d:aa:de:e5:3d:06:94:
39:61:28:a3:fa:91:02:19:35:4c:df:3c:a0:30:b0:
74:a3:15:2d:02:7a:25:1c:ff:de:d0:1d:60:03:71:
22:b7:0e:05:09:5a:e6:67:2a:33:a6:c6:e4:00:2d:
36:43:82:b8:f1:d4:f9:df:5e:12:53:8d:11:6b:d4:
91:51:bb:c9:d7:85:88:92:39:28:82:1d:65:28:fb:
9c:4e:e0:85:7b:73:86:57:26:19:ae:33:4c:48:ce:
82:87:db:3a:dc:ef:f7:4c:42:e9:ba:a3:81:e6:c7:
e4:67:3e:74:f2:1d:ad:19:de:54:f2:39:e4:e8:d1:
b6:53:f6:a3:0d:ba:5f:25:4e:cc:9e:e0:6a:d0:fe:
6f:a8:73:12:8c:7d:8c:f7:f9:df:e8:4c:75:ee:77:
06:da:8d:54:4b:50:a3:87:57:68:f6:fd:54:7b:8f:
60:8a:c3:63:94:ac:54:c9:8f:88:0f:21:93:e5:09:
71:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:7C:52:34:F8:6A:18:AA:D5:60:9A:9F:EA:8E:D7:B0:52:3A:ED:F7
X509v3 Authority Key Identifier:
keyid:94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/MXxSNPhqGKrVYJqf6o7XsFI67fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/lIRnQROSYziNmE2x6X4DFmnGSG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.190.144.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:d9:5b:f4:48:c5:5f:60:e6:74:9b:66:5f:f9:69:d8:98:9c:
af:b0:d5:df:2e:14:9d:62:ce:01:5e:eb:42:58:3f:07:2b:33:
89:db:19:7c:67:9c:40:d6:f4:35:5d:68:3a:ab:5d:3b:b9:c4:
6e:76:46:24:44:0f:4b:24:94:f3:48:58:f7:4b:35:17:55:3a:
63:dc:41:e7:ec:fe:dd:9b:f2:97:80:5f:63:98:55:4d:60:fe:
54:67:2c:ac:98:39:b6:92:c6:36:5e:e1:a5:4b:74:27:cd:dc:
c7:89:93:e9:df:8a:2f:40:e5:87:2f:d1:9f:97:1e:9d:2d:e9:
2d:a7:e9:34:56:a3:10:3d:9b:7c:18:67:a9:e3:fa:69:6c:dc:
47:46:b5:3e:28:54:a7:7c:48:dd:58:54:f8:f9:1e:04:dd:de:
a7:a0:ea:1d:8c:95:17:c4:ac:cb:e3:f7:d6:ff:24:2c:10:f0:
b2:bf:c5:0a:69:6f:58:35:ee:af:4f:7f:3d:e7:59:dd:ba:74:
68:16:33:ef:e8:ee:84:dc:ae:72:ee:fb:6c:c2:7c:13:79:d0:
60:11:d1:94:df:6d:a6:73:0c:c6:03:1b:1d:49:9e:29:a9:a0:
ab:a3:bf:d8:26:b4:3b:f8:14:69:0e:ee:ef:0e:9f:ea:4e:f2:
d0:6c:4f:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOZH4DgFQlGde1IPeg/oHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ODQ2NzQxMTM5MjYzMzg4ZDk4NGRiMWU5N2UwMzE2Njlj
NjQ4NmUwHhcNMjMwMTAyMDIwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTdjNTIzNGY4NmExOGFhZDU2MDlhOWZlYThlZDdiMDUyM2FlZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaBMOHxluKRICBTkecG/yD2P5opc
I7x9A6h6qcGaXBvJ2BwX+eX8y8PYyH9EX4jO6y0MbazQVsp7aqWDFNNc4+IzEz2q
3uU9BpQ5YSij+pECGTVM3zygMLB0oxUtAnolHP/e0B1gA3Eitw4FCVrmZyozpsbk
AC02Q4K48dT5314SU40Ra9SRUbvJ14WIkjkogh1lKPucTuCFe3OGVyYZrjNMSM6C
h9s63O/3TELpuqOB5sfkZz508h2tGd5U8jnk6NG2U/ajDbpfJU7MnuBq0P5vqHMS
jH2M9/nf6Ex17ncG2o1US1Cjh1do9v1Ue49gisNjlKxUyY+IDyGT5QlxHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDF8UjT4ahiq1WCan+qO17BSOu33MB8GA1UdIwQY
MBaAFJSEZ0ETkmM4jZhNsel+AxZpxkhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTct
Y2IxMTI1MDA3ZGZiLzEvTVh4U05QaHFHS3JWWUpxZjZvN1hzRkk2N2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9hNDkxMDItMDYxMi00N2EwLTgxMTctY2IxMTI1MDA3ZGZi
LzEvbElSblFST1NZemlObUUyeDZYNERGbW5HU0c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw76QMA0G
CSqGSIb3DQEBCwUAA4IBAQDA2Vv0SMVfYOZ0m2Zf+WnYmJyvsNXfLhSdYs4BXutC
WD8HKzOJ2xl8Z5xA1vQ1XWg6q107ucRudkYkRA9LJJTzSFj3SzUXVTpj3EHn7P7d
m/KXgF9jmFVNYP5UZyysmDm2ksY2XuGlS3QnzdzHiZPp34ovQOWHL9Gflx6dLekt
p+k0VqMQPZt8GGep4/ppbNxHRrU+KFSnfEjdWFT4+R4E3d6noOodjJUXxKzL4/fW
/yQsEPCyv8UKaW9YNe6vT38951ndunRoFjPv6O6E3K5y7vtswnwTedBgEdGU322m
cwzGAxsdSZ4pqaCro7/YJrQ7+BRpDu7vDp/qTvLQbE+i
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:05 2024 by rpki-client on console-ams.rpki-client.org