Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/dMVKc1KoTlS7cXWbEKZW2z4yghI.roa
File: dMVKc1KoTlS7cXWbEKZW2z4yghI.roa (raw, json)
Hash identifier: ta/ma7e+eH/YgPqtcLCYykJAr1UpAwXTvixg3UQF654=
Subject key identifier: 74:C5:4A:73:52:A8:4E:54:BB:71:75:9B:10:A6:56:DB:3E:32:82:12
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 01857170A2B0BD3FB88CD4A41950C7198C6D
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/dMVKc1KoTlS7cXWbEKZW2z4yghI.roa
Signing time: Mon 02 Jan 2023 07:44:45 +0000
ROA not before: Mon 02 Jan 2023 07:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201076
IP address blocks: 141.226.248.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:70:a2:b0:bd:3f:b8:8c:d4:a4:19:50:c7:19:8c:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Jan 2 07:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74c54a7352a84e54bb71759b10a656db3e328212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:08:1d:bc:25:f0:f9:d6:38:9a:e7:1d:8a:eb:
88:fd:b1:8a:96:e7:33:b6:c3:a0:6d:2f:7d:0c:71:
8b:53:23:5b:77:46:96:39:99:b5:ac:6c:55:d8:20:
e6:c4:c1:ab:2c:18:79:fb:19:d5:44:c0:19:fa:fe:
54:eb:c8:c9:14:c4:e2:6f:4e:01:fd:3f:31:8b:14:
ee:39:e1:25:7a:58:57:56:aa:32:e9:ef:38:b3:48:
42:b5:73:f8:73:7a:2e:d3:05:de:fb:fa:4b:66:cb:
ec:27:be:33:68:e4:f3:09:74:e9:05:24:2f:a0:a9:
13:ec:31:0f:1e:20:3e:4b:1f:46:ae:3f:a8:58:31:
45:5d:10:f1:cc:a8:eb:76:86:3c:46:7a:c6:59:3e:
e1:17:56:8e:73:c8:9b:c0:1c:55:9d:a0:d2:93:88:
5b:e9:35:d1:c3:e9:be:47:c3:4d:7e:7a:6c:a0:97:
a1:37:82:bb:11:25:d4:b5:c8:7b:df:d7:eb:18:24:
9c:20:0f:58:21:15:0a:da:ab:7d:6e:84:0c:b8:62:
96:30:af:ea:d0:cf:0e:05:f0:97:85:39:c0:a2:ca:
99:e7:87:12:4e:38:3e:b1:b1:57:2f:b6:ee:43:de:
ed:ae:40:1a:c7:e2:3f:bc:53:f4:29:e5:92:19:f9:
0c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:C5:4A:73:52:A8:4E:54:BB:71:75:9B:10:A6:56:DB:3E:32:82:12
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/dMVKc1KoTlS7cXWbEKZW2z4yghI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.248.0/24
Signature Algorithm: sha256WithRSAEncryption
15:2d:8e:c8:6b:15:2c:2b:db:d8:39:88:f7:8f:60:f3:2b:f6:
91:c1:72:8c:21:2c:31:d5:51:ec:3c:bf:0d:d5:43:d0:a8:ae:
44:bc:ce:9a:da:73:6b:19:fc:10:ed:d9:21:6b:ba:00:4f:50:
36:26:a2:08:c1:1c:1b:21:b0:00:d1:fa:e6:10:a8:bd:4e:4c:
2c:b9:24:f5:59:5f:3d:2f:1f:80:9c:05:35:ee:d4:e6:72:ed:
32:84:72:95:47:fe:cf:d9:cd:ec:48:a9:24:a1:6c:ca:cc:4f:
15:c7:10:6a:0e:c7:8e:f7:ca:69:23:96:7b:ce:fc:a2:11:b2:
9d:6d:6c:35:c6:3d:cf:48:50:b7:e9:a7:1e:ac:ff:13:59:03:
8a:50:7e:13:76:db:33:3d:d3:6d:e6:70:74:c2:ad:2a:7a:e0:
c2:8f:68:5f:ac:dc:79:ad:30:e7:1d:a3:a6:b1:15:cb:ef:a3:
1f:01:45:40:02:17:be:f4:49:1b:6e:91:c0:cf:30:97:96:01:
f4:71:06:51:e6:18:3a:75:e1:df:8a:4a:14:6f:0e:be:42:e3:
4e:cd:e1:f4:28:1d:12:b4:29:33:af:df:a6:e2:d5:fe:e0:f1:
7b:6e:bd:ec:f6:91:1b:16:09:36:ba:80:69:ad:6d:c0:ba:5d:
6f:56:af:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxcKKwvT+4jNSkGVDHGYxtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjMwMTAyMDc0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGM1NGE3MzUyYTg0ZTU0YmI3MTc1OWIxMGE2NTZkYjNlMzI4MjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAgdvCXw+dY4mucdiuuI/bGKlucz
tsOgbS99DHGLUyNbd0aWOZm1rGxV2CDmxMGrLBh5+xnVRMAZ+v5U68jJFMTib04B
/T8xixTuOeElelhXVqoy6e84s0hCtXP4c3ou0wXe+/pLZsvsJ74zaOTzCXTpBSQv
oKkT7DEPHiA+Sx9Grj+oWDFFXRDxzKjrdoY8RnrGWT7hF1aOc8ibwBxVnaDSk4hb
6TXRw+m+R8NNfnpsoJehN4K7ESXUtch739frGCScIA9YIRUK2qt9boQMuGKWMK/q
0M8OBfCXhTnAosqZ54cSTjg+sbFXL7buQ97trkAax+I/vFP0KeWSGfkMpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHTFSnNSqE5Uu3F1mxCmVts+MoISMB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvZE1WS2MxS29UbFM3Y1hXYkVLWlcyejR5Z2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjeL4MA0G
CSqGSIb3DQEBCwUAA4IBAQAVLY7IaxUsK9vYOYj3j2DzK/aRwXKMISwx1VHsPL8N
1UPQqK5EvM6a2nNrGfwQ7dkha7oAT1A2JqIIwRwbIbAA0frmEKi9TkwsuST1WV89
Lx+AnAU17tTmcu0yhHKVR/7P2c3sSKkkoWzKzE8VxxBqDseO98ppI5Z7zvyiEbKd
bWw1xj3PSFC36acerP8TWQOKUH4TdtszPdNt5nB0wq0qeuDCj2hfrNx5rTDnHaOm
sRXL76MfAUVAAhe+9EkbbpHAzzCXlgH0cQZR5hg6deHfikoUbw6+QuNOzeH0KB0S
tCkzr9+m4tX+4PF7br3s9pEbFgk2uoBprW3Aul1vVq/+
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:34 2023 by rpki-client on console-ams.rpki-client.org