Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/MIz03fPqswV7Tzn-OA6i2cqrX_4.roa
File: MIz03fPqswV7Tzn-OA6i2cqrX_4.roa (raw, json)
Hash identifier: 7f6S2n10bVA2kAmAW1N/m8+7o8Jotn1X9Xzgf9yynyw=
Subject key identifier: 30:8C:F4:DD:F3:EA:B3:05:7B:4F:39:FE:38:0E:A2:D9:CA:AB:5F:FE
Certificate issuer: /CN=a3717ea54b95942fad81a943edb1c10f9df94afb
Certificate serial: 056E2462
Authority key identifier: A3:71:7E:A5:4B:95:94:2F:AD:81:A9:43:ED:B1:C1:0F:9D:F9:4A:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3F-pUuVlC-tgalD7bHBD535Svs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/MIz03fPqswV7Tzn-OA6i2cqrX_4.roa
Signing time: Sat 01 Jan 2022 06:02:17 +0000
ROA not before: Sat 01 Jan 2022 06:02:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56911
IP address blocks: 185.139.180.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91104354 (0x56e2462)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3717ea54b95942fad81a943edb1c10f9df94afb
Validity
Not Before: Jan 1 06:02:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=308cf4ddf3eab3057b4f39fe380ea2d9caab5ffe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e0:9a:c7:d8:5e:39:c1:1e:9f:e9:f1:c2:59:
7b:a4:85:6c:3c:d6:67:06:cc:1b:56:1d:8c:2d:b1:
d8:a5:c1:01:99:41:1c:97:0c:48:9f:af:a0:03:ed:
a8:4b:d9:ff:7e:25:91:b4:60:b2:e7:71:5d:ef:d1:
96:f7:24:34:bc:22:45:77:69:37:05:6d:37:b1:99:
8d:06:a4:e7:62:c3:de:00:99:ab:14:4c:30:0c:07:
79:7f:a5:4e:65:1d:7c:e7:94:f5:47:d3:86:ad:43:
65:a4:a0:39:46:21:5b:af:34:98:09:d3:4d:11:53:
f3:c3:dd:db:91:94:14:ea:7f:c9:ae:e7:f8:95:15:
2b:d5:7c:0f:0f:32:7d:e0:90:7b:d5:b7:56:3c:8f:
1f:57:b9:68:f6:3c:4e:07:98:b7:39:ce:59:70:66:
c8:c6:32:60:a4:a4:94:b7:33:b0:f7:5b:e3:d4:f3:
00:0f:e5:8f:6e:2d:c7:39:58:f3:2f:e3:96:19:00:
02:de:6b:c3:44:4b:1b:d7:96:88:34:02:6e:60:ed:
d8:c2:49:d6:75:85:ee:c7:49:5a:01:30:7c:cb:e6:
bd:45:d7:9d:24:47:a3:ef:22:51:ce:9c:81:9a:f4:
25:7a:81:be:9d:81:4e:a4:44:80:4c:ae:9a:ce:ad:
01:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:8C:F4:DD:F3:EA:B3:05:7B:4F:39:FE:38:0E:A2:D9:CA:AB:5F:FE
X509v3 Authority Key Identifier:
keyid:A3:71:7E:A5:4B:95:94:2F:AD:81:A9:43:ED:B1:C1:0F:9D:F9:4A:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3F-pUuVlC-tgalD7bHBD535Svs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/MIz03fPqswV7Tzn-OA6i2cqrX_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/o3F-pUuVlC-tgalD7bHBD535Svs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.180.0/22
Signature Algorithm: sha256WithRSAEncryption
47:49:d3:00:1d:ea:52:13:8d:d0:b0:54:24:c0:2f:f0:4b:e3:
55:55:07:67:27:3a:ef:1c:f5:96:77:dd:81:e3:a4:4d:a5:ab:
b3:bb:aa:34:2f:32:e7:73:f3:d1:fb:5a:b9:02:fd:ef:48:27:
e3:e9:35:78:7d:a6:d7:55:be:c1:73:e6:97:3e:af:44:ad:7b:
8d:66:63:26:1b:44:7f:69:1a:95:93:d9:5d:15:e4:3f:f9:ce:
f8:02:89:df:c0:ae:ef:10:8d:89:74:a4:a7:ae:be:f5:19:a3:
cc:f5:81:fc:16:9a:08:7f:38:cf:fc:62:48:76:49:dc:9d:9f:
c7:80:b1:4e:46:49:94:0b:e1:41:23:e7:bc:48:81:e6:72:57:
16:c1:1c:6f:a0:d3:75:fb:9d:ed:6f:17:bb:fc:1b:70:9e:92:
f1:7d:99:af:4f:4b:e9:39:9c:cd:ef:3e:76:90:94:bc:0b:42:
c3:67:8f:31:ad:00:06:21:35:c2:eb:9d:b2:03:ef:57:3a:7e:
f6:02:27:22:3c:d8:e5:ea:11:e1:98:0a:b4:2a:62:00:0e:67:
0a:08:d8:6d:6f:9a:05:21:45:9b:28:46:9e:39:1b:12:e9:44:
82:6e:c0:f7:ca:ba:1c:8f:86:d1:86:91:4a:91:97:7c:e0:44:
e8:47:ac:90
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBW4kYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzcxN2VhNTRiOTU5NDJmYWQ4MWE5NDNlZGIxYzEwZjlkZjk0YWZiMB4XDTIyMDEw
MTA2MDIxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzA4Y2Y0ZGRmM2Vh
YjMwNTdiNGYzOWZlMzgwZWEyZDljYWFiNWZmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANzgmsfYXjnBHp/p8cJZe6SFbDzWZwbMG1YdjC2x2KXBAZlB
HJcMSJ+voAPtqEvZ/34lkbRgsudxXe/RlvckNLwiRXdpNwVtN7GZjQak52LD3gCZ
qxRMMAwHeX+lTmUdfOeU9UfThq1DZaSgOUYhW680mAnTTRFT88Pd25GUFOp/ya7n
+JUVK9V8Dw8yfeCQe9W3VjyPH1e5aPY8TgeYtznOWXBmyMYyYKSklLczsPdb49Tz
AA/lj24txzlY8y/jlhkAAt5rw0RLG9eWiDQCbmDt2MJJ1nWF7sdJWgEwfMvmvUXX
nSRHo+8iUc6cgZr0JXqBvp2BTqREgEyums6tAf8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQwjPTd8+qzBXtPOf44DqLZyqtf/jAfBgNVHSMEGDAWgBSjcX6lS5WUL62B
qUPtscEPnflK+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L28zRi1wVXVWbEMtdGdhbEQ3YkhCRDUzNVN2cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvYjU0OGQ1LTgyZmUtNDZjMi1iOTk3LTE1N2FkMGFjNTIwYS8x
L01JejAzZlBxc3dWN1R6bi1PQTZpMmNxclhfNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
YjU0OGQ1LTgyZmUtNDZjMi1iOTk3LTE1N2FkMGFjNTIwYS8xL28zRi1wVXVWbEMt
dGdhbEQ3YkhCRDUzNVN2cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmLtDANBgkqhkiG9w0BAQsFAAOC
AQEAR0nTAB3qUhON0LBUJMAv8EvjVVUHZyc67xz1lnfdgeOkTaWrs7uqNC8y53Pz
0ftauQL970gn4+k1eH2m11W+wXPmlz6vRK17jWZjJhtEf2kalZPZXRXkP/nO+AKJ
38Cu7xCNiXSkp66+9RmjzPWB/BaaCH84z/xiSHZJ3J2fx4CxTkZJlAvhQSPnvEiB
5nJXFsEcb6DTdfud7W8Xu/wbcJ6S8X2Zr09L6Tmcze8+dpCUvAtCw2ePMa0ABiE1
wuudsgPvVzp+9gInIjzY5eoR4ZgKtCpiAA5nCgjYbW+aBSFFmyhGnjkbEulEgm7A
98q6HI+G0YaRSpGXfOBE6EeskA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:26 2025 by rpki-client