Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/MWAxMvzh265DQ9EmHoCrJodMkFs.roa
File: MWAxMvzh265DQ9EmHoCrJodMkFs.roa (raw, json)
Hash identifier: 4Ln4cNHO7QvUIjVtPRMAWZrZ07mwHkt9lrEXPsNPbvo=
Subject key identifier: 31:60:31:32:FC:E1:DB:AE:43:43:D1:26:1E:80:AB:26:87:4C:90:5B
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 018335708A976E2B1505FC89F314D301D61A
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/MWAxMvzh265DQ9EmHoCrJodMkFs.roa
Signing time: Tue 13 Sep 2022 06:01:51 +0000
ROA not before: Tue 13 Sep 2022 06:01:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138687
IP address blocks: 185.149.13.0/24 maxlen: 24
185.149.15.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:35:70:8a:97:6e:2b:15:05:fc:89:f3:14:d3:01:d6:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Sep 13 06:01:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31603132fce1dbae4343d1261e80ab26874c905b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a7:ee:8e:7b:55:55:e2:c5:2a:75:58:98:37:
00:15:38:68:bf:9c:7c:b0:09:68:a4:e4:4c:22:fe:
0f:92:8b:1b:b8:2c:9b:3e:1a:b4:f4:b5:fd:fe:0e:
3a:d2:3d:92:c3:2f:f5:55:4c:b8:84:ed:f8:dd:7e:
23:22:11:25:a3:7b:a0:67:a1:4c:4f:98:f6:94:3e:
c8:bf:fc:e0:8f:e4:07:72:6b:27:1e:ab:07:3c:e0:
a3:7e:59:4f:0c:85:7e:ce:b0:60:49:c2:73:4e:88:
f4:b6:a5:04:f9:9d:8a:7b:7d:48:ae:5b:2f:7f:75:
fa:e7:18:1c:2f:ae:d4:ad:d3:06:8f:59:a0:c6:43:
7e:83:41:b7:d0:0e:8a:45:0d:ce:c0:d8:72:6c:f8:
15:08:c7:2a:bb:c0:69:c6:d4:96:37:cb:24:93:23:
c5:10:84:29:0c:b2:2e:29:6d:2d:a8:46:72:49:fe:
8d:1a:ed:19:e5:6a:06:0d:65:20:02:0c:c6:ec:56:
52:03:f6:db:5b:e4:4f:77:31:82:01:49:23:ee:c3:
4b:8e:71:36:63:ac:37:cc:78:f4:41:68:be:b3:54:
04:06:21:8a:c4:dd:6d:51:05:0c:e3:e4:fe:bb:0f:
12:d2:f4:34:15:62:80:8a:b1:62:bb:60:41:43:7c:
7b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:60:31:32:FC:E1:DB:AE:43:43:D1:26:1E:80:AB:26:87:4C:90:5B
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/MWAxMvzh265DQ9EmHoCrJodMkFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.13.0/24
185.149.15.0/24
Signature Algorithm: sha256WithRSAEncryption
88:dc:f5:6d:59:90:47:79:83:f3:9d:68:07:60:7d:aa:d6:76:
9c:56:f6:c3:a3:2c:c0:46:72:a2:68:12:e6:38:e6:f2:b7:13:
fc:aa:86:83:63:21:7e:00:20:35:df:9b:5d:1e:6c:53:04:31:
77:c9:4a:82:02:d8:e0:c4:32:13:b5:20:e6:5a:b6:6a:80:aa:
2e:95:fa:17:82:01:7a:de:cf:96:ab:88:4b:6e:04:e8:35:dd:
27:0f:ab:c4:6b:75:a9:8f:25:f2:bd:61:12:fe:3b:a7:ab:7f:
9c:10:5b:f7:bc:a1:92:44:7b:3e:f7:cf:25:76:58:fc:05:ef:
e2:e6:e2:e2:f2:16:3e:3a:db:af:9e:02:39:6c:ad:bd:26:01:
4c:02:1a:d3:14:44:fe:60:44:81:3a:0b:84:76:2b:49:da:63:
4c:68:fc:2a:fb:97:eb:1b:07:04:5f:7e:3e:de:96:4c:85:7f:
cf:23:18:a9:d3:16:46:0e:5f:2a:44:ba:6d:ee:8b:3d:45:0d:
83:fa:5b:97:b8:85:62:92:64:b4:15:69:64:9d:89:71:3e:bc:
6d:40:bb:1c:d3:85:44:a6:1c:33:8c:79:ba:f5:95:ea:c0:e7:
ea:6f:cb:b8:54:8d:3b:0f:c0:2b:84:56:a8:ae:d4:69:28:1f:
f1:e0:78:5a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYM1cIqXbisVBfyJ8xTTAdYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjIwOTEzMDYwMTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTYwMzEzMmZjZTFkYmFlNDM0M2QxMjYxZTgwYWIyNjg3NGM5MDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKfujntVVeLFKnVYmDcAFThov5x8
sAlopORMIv4PkosbuCybPhq09LX9/g460j2Swy/1VUy4hO343X4jIhElo3ugZ6FM
T5j2lD7Iv/zgj+QHcmsnHqsHPOCjfllPDIV+zrBgScJzToj0tqUE+Z2Ke31Irlsv
f3X65xgcL67UrdMGj1mgxkN+g0G30A6KRQ3OwNhybPgVCMcqu8BpxtSWN8skkyPF
EIQpDLIuKW0tqEZySf6NGu0Z5WoGDWUgAgzG7FZSA/bbW+RPdzGCAUkj7sNLjnE2
Y6w3zHj0QWi+s1QEBiGKxN1tUQUM4+T+uw8S0vQ0FWKAirFiu2BBQ3x7uwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDFgMTL84duuQ0PRJh6AqyaHTJBbMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvTVdBeE12emgyNjVEUTlFbUhvQ3JKb2RNa0ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuZUNAwQA
uZUPMA0GCSqGSIb3DQEBCwUAA4IBAQCI3PVtWZBHeYPznWgHYH2q1nacVvbDoyzA
RnKiaBLmOObytxP8qoaDYyF+ACA135tdHmxTBDF3yUqCAtjgxDITtSDmWrZqgKou
lfoXggF63s+Wq4hLbgToNd0nD6vEa3WpjyXyvWES/junq3+cEFv3vKGSRHs+988l
dlj8Be/i5uLi8hY+OtuvngI5bK29JgFMAhrTFET+YESBOguEditJ2mNMaPwq+5fr
GwcEX34+3pZMhX/PIxip0xZGDl8qRLpt7os9RQ2D+luXuIVikmS0FWlknYlxPrxt
QLsc04VEphwzjHm69ZXqwOfqb8u4VI07D8ArhFaortRpKB/x4Hha
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org