Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/MZZ01r6Ox_WE5w5v6tbcRXMEhGM.roa
File: MZZ01r6Ox_WE5w5v6tbcRXMEhGM.roa (raw, json)
Hash identifier: zdUkT8K8Yp/F3MpMjBrqXL4tU4uGAFi6E28uZJkY3B8=
Subject key identifier: 31:96:74:D6:BE:8E:C7:F5:84:E7:0E:6F:EA:D6:DC:45:73:04:84:63
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0185E75A4F5B64AB5F415767A683C433766D
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/MZZ01r6Ox_WE5w5v6tbcRXMEhGM.roa
Signing time: Wed 25 Jan 2023 05:15:33 +0000
ROA not before: Wed 25 Jan 2023 05:15:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 95.82.48.0/21 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e7:5a:4f:5b:64:ab:5f:41:57:67:a6:83:c4:33:76:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jan 25 05:15:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=319674d6be8ec7f584e70e6fead6dc4573048463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8c:1f:a2:e2:8e:a7:fb:e8:01:ab:72:3a:d9:
61:af:b8:35:7d:85:43:95:3b:8b:57:1c:74:7e:03:
34:7e:4b:41:18:ee:6c:be:f2:ac:b4:01:5d:5b:57:
22:c2:93:77:f1:36:e1:98:85:19:1c:06:bb:61:27:
28:9b:2f:3c:25:8e:1f:29:b2:40:e3:45:00:f7:93:
41:d7:89:da:26:b1:e2:5e:5b:2a:ec:58:7b:3e:14:
91:04:cd:76:25:9d:34:f4:1c:be:c7:79:64:e3:2e:
8e:3a:26:19:2e:4a:82:6e:a7:4d:54:87:4a:99:b2:
20:3c:44:a9:2a:81:00:10:7d:fd:5e:2d:be:96:28:
05:63:76:f5:23:3c:63:ba:41:7e:33:cb:92:cc:65:
35:3f:c9:f7:fa:4f:16:6e:fd:1c:48:95:75:46:64:
93:be:22:91:22:5e:19:95:08:d6:6f:48:c7:e3:c4:
02:01:1f:b6:dc:64:f1:db:e8:41:52:ae:55:82:99:
43:24:0c:da:55:c5:2b:ad:e3:2e:60:cb:fb:32:ef:
67:17:61:51:9c:ed:69:5b:3e:cb:3c:5f:f9:66:2c:
31:af:33:89:43:ce:18:ab:94:fc:bd:5a:00:30:eb:
18:5e:58:57:9a:af:47:96:12:cf:44:39:82:eb:27:
4a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:96:74:D6:BE:8E:C7:F5:84:E7:0E:6F:EA:D6:DC:45:73:04:84:63
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/MZZ01r6Ox_WE5w5v6tbcRXMEhGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.82.48.0/21
Signature Algorithm: sha256WithRSAEncryption
b6:cc:c1:ca:e3:c5:ef:ea:a5:cb:d0:e8:27:3c:6b:3b:69:53:
b6:c9:5c:ac:8a:87:3a:e6:ad:81:95:8e:98:12:c9:d2:d3:6d:
48:3c:67:38:af:d6:0c:38:aa:9a:76:69:3e:74:76:d3:65:49:
24:b4:46:9b:1e:22:c6:81:e0:c2:62:11:2e:d3:40:a8:cf:3b:
64:d2:2e:30:63:de:f5:99:64:64:f5:8e:5d:39:a0:2c:ed:63:
20:23:16:7f:c9:2e:04:93:a8:aa:dd:ea:44:1f:e1:50:c6:0f:
a1:fc:f2:4d:9e:a5:c2:4a:40:72:04:58:06:e2:1a:39:5f:7b:
ae:2f:dc:b6:61:61:d5:49:50:1a:97:1b:a7:d7:10:73:0d:89:
3d:aa:e2:71:29:dd:6e:f3:79:22:37:b1:e3:d9:62:6f:4a:34:
fe:02:d7:5c:f4:b0:44:2d:ea:47:2a:b1:3e:a5:2d:00:d8:1c:
b9:f7:00:52:31:d9:e3:56:8a:c9:50:26:f4:35:0e:8c:ed:94:
65:f3:f1:59:53:e5:84:f1:bb:d9:f2:3a:12:01:9a:28:f1:74:
ed:56:6e:41:c4:01:a2:78:74:b3:6f:7a:14:86:08:7a:00:17:
2d:0e:36:63:61:a2:03:b3:58:31:fe:96:24:55:42:f1:88:e9:
b6:78:fd:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXnWk9bZKtfQVdnpoPEM3ZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMwMTI1MDUxNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTk2NzRkNmJlOGVjN2Y1ODRlNzBlNmZlYWQ2ZGM0NTczMDQ4NDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhowfouKOp/voAatyOtlhr7g1fYVD
lTuLVxx0fgM0fktBGO5svvKstAFdW1ciwpN38TbhmIUZHAa7YScomy88JY4fKbJA
40UA95NB14naJrHiXlsq7Fh7PhSRBM12JZ009By+x3lk4y6OOiYZLkqCbqdNVIdK
mbIgPESpKoEAEH39Xi2+ligFY3b1IzxjukF+M8uSzGU1P8n3+k8Wbv0cSJV1RmST
viKRIl4ZlQjWb0jH48QCAR+23GTx2+hBUq5VgplDJAzaVcUrreMuYMv7Mu9nF2FR
nO1pWz7LPF/5ZiwxrzOJQ84Yq5T8vVoAMOsYXlhXmq9HlhLPRDmC6ydK9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDGWdNa+jsf1hOcOb+rW3EVzBIRjMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvTVpaMDFyNk94X1dFNXc1djZ0YmNSWE1FaEdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDX1IwMA0G
CSqGSIb3DQEBCwUAA4IBAQC2zMHK48Xv6qXL0OgnPGs7aVO2yVysioc65q2BlY6Y
EsnS021IPGc4r9YMOKqadmk+dHbTZUkktEabHiLGgeDCYhEu00Cozztk0i4wY971
mWRk9Y5dOaAs7WMgIxZ/yS4Ek6iq3epEH+FQxg+h/PJNnqXCSkByBFgG4ho5X3uu
L9y2YWHVSVAalxun1xBzDYk9quJxKd1u83kiN7Hj2WJvSjT+Atdc9LBELepHKrE+
pS0A2By59wBSMdnjVorJUCb0NQ6M7ZRl8/FZU+WE8bvZ8joSAZoo8XTtVm5BxAGi
eHSzb3oUhgh6ABctDjZjYaIDs1gx/pYkVULxiOm2eP3E
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:21:34 2025 by rpki-client