Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/mXzpWvH4iItKkcjUqV5hXtMdjqo.roa
File: mXzpWvH4iItKkcjUqV5hXtMdjqo.roa (raw, json)
Hash identifier: Dos44jFYI9EGgOBPrKo5bm9I04DoduyEqCwnACj+Tb8=
Subject key identifier: 99:7C:E9:5A:F1:F8:88:8B:4A:91:C8:D4:A9:5E:61:5E:D3:1D:8E:AA
Certificate issuer: /CN=a3717ea54b95942fad81a943edb1c10f9df94afb
Certificate serial: 018571B0BDD8B651C642DDC3F7D2BD00A487
Authority key identifier: A3:71:7E:A5:4B:95:94:2F:AD:81:A9:43:ED:B1:C1:0F:9D:F9:4A:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3F-pUuVlC-tgalD7bHBD535Svs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/mXzpWvH4iItKkcjUqV5hXtMdjqo.roa
Signing time: Mon 02 Jan 2023 08:54:46 +0000
ROA not before: Mon 02 Jan 2023 08:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56911
IP address blocks: 185.139.180.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:bd:d8:b6:51:c6:42:dd:c3:f7:d2:bd:00:a4:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3717ea54b95942fad81a943edb1c10f9df94afb
Validity
Not Before: Jan 2 08:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=997ce95af1f8888b4a91c8d4a95e615ed31d8eaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6c:67:63:15:5a:94:1c:ef:9a:3a:cf:70:4e:
e2:40:60:aa:8e:71:94:46:1a:1d:b9:bf:90:e1:0a:
26:a8:55:0b:a7:67:f1:97:bd:20:1d:c8:68:6d:29:
34:e0:85:b9:4c:58:30:1e:3d:ad:3b:d5:4d:61:a5:
b0:18:bf:84:1b:09:20:d2:0f:a7:de:d9:e2:27:2e:
90:b7:90:4d:92:38:0e:59:57:f4:49:4a:64:c7:ec:
1f:db:91:87:f6:b0:c1:1c:87:86:c9:b4:04:6c:3f:
7e:46:03:a8:6f:36:ae:3a:33:6b:ff:eb:aa:5d:66:
d9:e2:2a:f3:07:a9:1b:bb:b8:40:e1:e6:07:90:c2:
15:e9:af:c7:be:9c:48:8e:fb:85:bc:6e:77:5f:54:
56:b0:b5:0c:1e:4f:0b:98:7f:8b:d6:63:9b:36:2c:
16:23:7b:c6:d3:86:01:6a:12:0a:24:61:ce:b4:55:
0e:ee:4b:b4:cc:45:d0:1b:ec:4e:0d:45:66:b9:f1:
a3:66:3d:12:67:13:3a:d3:20:a3:43:1a:af:f4:d0:
fa:c2:2d:9d:9a:76:37:43:39:ec:d8:96:06:77:4d:
cf:67:3d:78:b7:04:75:42:49:89:66:eb:ff:cf:c3:
76:c1:37:f8:92:59:74:1c:64:21:79:f9:7b:f3:44:
d6:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:7C:E9:5A:F1:F8:88:8B:4A:91:C8:D4:A9:5E:61:5E:D3:1D:8E:AA
X509v3 Authority Key Identifier:
keyid:A3:71:7E:A5:4B:95:94:2F:AD:81:A9:43:ED:B1:C1:0F:9D:F9:4A:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3F-pUuVlC-tgalD7bHBD535Svs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/mXzpWvH4iItKkcjUqV5hXtMdjqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/b548d5-82fe-46c2-b997-157ad0ac520a/1/o3F-pUuVlC-tgalD7bHBD535Svs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.180.0/22
Signature Algorithm: sha256WithRSAEncryption
47:45:8c:b4:81:1d:19:b7:b3:eb:10:17:fa:6c:bd:29:ab:db:
6a:b7:22:7f:6c:03:8d:d3:86:e7:d7:c7:a3:76:1b:7d:18:7a:
0e:5b:9d:f0:a5:9f:14:b5:eb:2a:36:6e:27:ce:2a:2c:58:fc:
f4:5b:28:9a:ff:c5:7f:89:b1:70:62:81:96:c2:c5:11:1e:81:
09:1b:1a:31:63:20:27:93:94:11:86:c3:75:f0:8a:63:9a:26:
a3:e6:3c:85:9b:8a:50:0f:9f:30:dd:92:18:6f:c0:51:3b:33:
69:1c:8f:7c:84:90:5e:84:db:a1:59:47:78:b2:69:c5:9c:3b:
d1:94:92:a2:02:50:f6:81:34:65:38:a4:54:b8:6d:38:e4:b3:
b9:5d:d8:c4:dd:e3:07:ad:66:bf:01:38:16:da:2b:63:0c:b3:
19:55:03:eb:49:4a:ee:2a:c3:52:ac:42:a3:ff:3a:e2:db:77:
31:e7:33:2b:f8:0f:83:98:95:31:52:ad:db:0e:6c:5d:37:46:
fc:d0:91:cc:0e:97:71:19:20:a1:82:8a:36:0d:5a:1e:ae:54:
6e:fd:e3:b1:53:e2:7e:9d:4e:9c:40:24:cc:2a:a5:6d:ee:0f:
12:80:04:6b:05:23:9d:62:e2:3b:ea:0a:01:81:33:17:1c:4d:
64:09:e8:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsL3YtlHGQt3D99K9AKSHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzE3ZWE1NGI5NTk0MmZhZDgxYTk0M2VkYjFjMTBmOWRm
OTRhZmIwHhcNMjMwMTAyMDg1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTdjZTk1YWYxZjg4ODhiNGE5MWM4ZDRhOTVlNjE1ZWQzMWQ4ZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGxnYxValBzvmjrPcE7iQGCqjnGU
Rhodub+Q4QomqFULp2fxl70gHchobSk04IW5TFgwHj2tO9VNYaWwGL+EGwkg0g+n
3tniJy6Qt5BNkjgOWVf0SUpkx+wf25GH9rDBHIeGybQEbD9+RgOobzauOjNr/+uq
XWbZ4irzB6kbu7hA4eYHkMIV6a/HvpxIjvuFvG53X1RWsLUMHk8LmH+L1mObNiwW
I3vG04YBahIKJGHOtFUO7ku0zEXQG+xODUVmufGjZj0SZxM60yCjQxqv9ND6wi2d
mnY3Qzns2JYGd03PZz14twR1QkmJZuv/z8N2wTf4kll0HGQhefl780TWQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJl86Vrx+IiLSpHI1KleYV7THY6qMB8GA1UdIwQY
MBaAFKNxfqVLlZQvrYGpQ+2xwQ+d+Ur7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNGLXBVdVZsQy10Z2FsRDdiSEJENTM1U3ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9iNTQ4ZDUtODJmZS00NmMyLWI5OTct
MTU3YWQwYWM1MjBhLzEvbVh6cFd2SDRpSXRLa2NqVXFWNWhYdE1kanFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9iNTQ4ZDUtODJmZS00NmMyLWI5OTctMTU3YWQwYWM1MjBh
LzEvbzNGLXBVdVZsQy10Z2FsRDdiSEJENTM1U3ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYu0MA0G
CSqGSIb3DQEBCwUAA4IBAQBHRYy0gR0Zt7PrEBf6bL0pq9tqtyJ/bAON04bn18ej
dht9GHoOW53wpZ8UtesqNm4nziosWPz0Wyia/8V/ibFwYoGWwsURHoEJGxoxYyAn
k5QRhsN18Ipjmiaj5jyFm4pQD58w3ZIYb8BROzNpHI98hJBehNuhWUd4smnFnDvR
lJKiAlD2gTRlOKRUuG045LO5XdjE3eMHrWa/ATgW2itjDLMZVQPrSUruKsNSrEKj
/zri23cx5zMr+A+DmJUxUq3bDmxdN0b80JHMDpdxGSChgoo2DVoerlRu/eOxU+J+
nU6cQCTMKqVt7g8SgARrBSOdYuI76goBgTMXHE1kCejO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:48 2024 by rpki-client on console-fra.rpki-client.org