Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/mafTKI-CkfYwOCnqFZ4quPZJnuA.roa
File: mafTKI-CkfYwOCnqFZ4quPZJnuA.roa (raw, json)
Hash identifier: E3LcCT5PMmEjwcfWAhsuw80w/yIAbgRiem6BO6XxXog=
Subject key identifier: 99:A7:D3:28:8F:82:91:F6:30:38:29:EA:15:9E:2A:B8:F6:49:9E:E0
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 0183EC3BE71D8D481796C9CDF5E597537BE2
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/mafTKI-CkfYwOCnqFZ4quPZJnuA.roa
Signing time: Tue 18 Oct 2022 17:54:52 +0000
ROA not before: Tue 18 Oct 2022 17:54:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41957
IP address blocks: 185.21.141.0/24 maxlen: 24
194.93.59.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ec:3b:e7:1d:8d:48:17:96:c9:cd:f5:e5:97:53:7b:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Oct 18 17:54:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=99a7d3288f8291f6303829ea159e2ab8f6499ee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b4:9d:e9:fe:1b:10:cb:b9:c9:71:3e:3e:fe:
af:e1:2c:5d:7b:1a:e9:f1:ef:d6:0e:ca:37:cc:a9:
f7:43:b1:ca:b7:f9:9d:e3:28:ea:06:6c:6b:70:bf:
1c:2e:d2:c5:ab:f2:ca:d4:c5:9d:a9:24:b0:8e:34:
13:76:96:a7:91:ad:49:7f:45:ce:9f:cf:4a:be:0c:
32:56:ee:34:47:c2:96:88:61:4b:4f:d6:92:88:6d:
43:af:ed:43:32:69:e3:52:e1:75:e4:e6:ac:e9:90:
44:af:77:37:01:51:57:aa:20:5d:65:41:5c:80:f8:
bc:6a:54:c3:f4:fe:fe:02:c7:36:e1:08:77:6e:1d:
a9:09:6d:58:44:28:f3:04:28:00:7f:16:a4:a6:9c:
fd:81:39:73:48:70:64:70:3e:14:46:8c:fa:77:a9:
3e:f6:a6:f2:b4:56:03:b7:60:ce:38:91:1c:17:b1:
a4:c8:ad:f2:dd:64:96:e3:08:65:67:f7:d6:39:99:
b4:ea:98:19:d4:3f:a2:52:95:c5:b4:22:18:2a:67:
88:28:88:0c:5c:eb:e6:36:0e:60:75:6d:f8:f4:a7:
c6:8e:ac:53:80:b5:46:65:c6:35:27:36:8d:4c:99:
20:f5:ae:4e:50:49:bb:65:f1:ca:ff:d0:fd:0f:03:
98:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A7:D3:28:8F:82:91:F6:30:38:29:EA:15:9E:2A:B8:F6:49:9E:E0
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/mafTKI-CkfYwOCnqFZ4quPZJnuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.141.0/24
194.93.59.0/24
Signature Algorithm: sha256WithRSAEncryption
17:56:67:ba:ee:4c:74:d8:02:8b:a3:74:77:b4:a7:46:c2:4c:
3d:76:ae:75:14:fa:1d:ca:9a:fd:2b:43:a8:32:35:81:16:d4:
80:0e:75:79:e5:6c:f0:98:1f:bc:0a:11:82:f9:f8:88:ce:fe:
a6:90:3d:99:cd:fa:4c:cb:38:10:60:ec:d6:e2:91:b3:db:94:
49:65:7c:36:5c:06:f0:cf:58:9e:d5:95:fb:00:e3:09:03:94:
98:c5:c6:7d:89:90:3e:2f:32:73:e8:16:7d:3c:55:2b:b6:9f:
97:6b:9f:7c:15:05:d2:18:81:c9:5b:47:70:f6:b7:1c:2a:fc:
a5:8e:f2:97:46:48:a2:7c:28:5b:01:4a:26:3a:9b:7a:9c:31:
c5:55:74:6f:46:04:fa:2d:f3:bc:f3:c8:d7:58:89:49:44:c4:
3d:75:94:83:9c:11:da:cf:ae:d6:75:67:43:04:83:76:13:6b:
20:a8:78:5e:ce:cb:03:48:b7:6d:15:d3:52:08:76:fb:92:81:
bb:83:54:b4:84:cc:12:0d:11:07:d0:77:10:6d:58:0b:5a:fa:
33:e0:88:55:23:e2:69:48:67:a8:fc:d9:95:ef:d3:9e:84:76:
bb:1c:17:2d:aa:c2:3a:0e:49:30:87:8f:63:af:f8:38:8c:21:
49:62:c0:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPsO+cdjUgXlsnN9eWXU3viMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjIxMDE4MTc1NDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWE3ZDMyODhmODI5MWY2MzAzODI5ZWExNTllMmFiOGY2NDk5ZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLSd6f4bEMu5yXE+Pv6v4Sxdexrp
8e/WDso3zKn3Q7HKt/md4yjqBmxrcL8cLtLFq/LK1MWdqSSwjjQTdpanka1Jf0XO
n89KvgwyVu40R8KWiGFLT9aSiG1Dr+1DMmnjUuF15Oas6ZBEr3c3AVFXqiBdZUFc
gPi8alTD9P7+Asc24Qh3bh2pCW1YRCjzBCgAfxakppz9gTlzSHBkcD4URoz6d6k+
9qbytFYDt2DOOJEcF7GkyK3y3WSW4whlZ/fWOZm06pgZ1D+iUpXFtCIYKmeIKIgM
XOvmNg5gdW349KfGjqxTgLVGZcY1JzaNTJkg9a5OUEm7ZfHK/9D9DwOYzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJmn0yiPgpH2MDgp6hWeKrj2SZ7gMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvbWFmVEtJLUNrZll3T0NucUZaNHF1UFpKbnVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuRWNAwQA
wl07MA0GCSqGSIb3DQEBCwUAA4IBAQAXVme67kx02AKLo3R3tKdGwkw9dq51FPod
ypr9K0OoMjWBFtSADnV55WzwmB+8ChGC+fiIzv6mkD2ZzfpMyzgQYOzW4pGz25RJ
ZXw2XAbwz1ie1ZX7AOMJA5SYxcZ9iZA+LzJz6BZ9PFUrtp+Xa598FQXSGIHJW0dw
9rccKvyljvKXRkiifChbAUomOpt6nDHFVXRvRgT6LfO888jXWIlJRMQ9dZSDnBHa
z67WdWdDBIN2E2sgqHhezssDSLdtFdNSCHb7koG7g1S0hMwSDREH0HcQbVgLWvoz
4IhVI+JpSGeo/NmV79OehHa7HBctqsI6Dkkwh49jr/g4jCFJYsCY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org