Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/105981-5524-4745-a8fc-884c4d4db657/1/bMPJWTSgeqhs-MYAa3MRMhCT4cQ.roa
File: bMPJWTSgeqhs-MYAa3MRMhCT4cQ.roa (raw, json)
Hash identifier: PqVRFXSKtv51AJAmKk++TIwLJe6ErC9XFVf+QNOPpgk=
Subject key identifier: 6C:C3:C9:59:34:A0:7A:A8:6C:F8:C6:00:6B:73:11:32:10:93:E1:C4
Certificate issuer: /CN=3cac6a681f6d3289e1c4502a1f15c7bae31f92dc
Certificate serial: 0182B0724753F7F5405DF160033907C6702C
Authority key identifier: 3C:AC:6A:68:1F:6D:32:89:E1:C4:50:2A:1F:15:C7:BA:E3:1F:92:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PKxqaB9tMonhxFAqHxXHuuMfktw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/105981-5524-4745-a8fc-884c4d4db657/1/bMPJWTSgeqhs-MYAa3MRMhCT4cQ.roa
Signing time: Thu 18 Aug 2022 10:14:15 +0000
ROA not before: Thu 18 Aug 2022 10:14:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3214
IP address blocks: 185.166.180.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b0:72:47:53:f7:f5:40:5d:f1:60:03:39:07:c6:70:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cac6a681f6d3289e1c4502a1f15c7bae31f92dc
Validity
Not Before: Aug 18 10:14:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6cc3c95934a07aa86cf8c6006b7311321093e1c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a8:8f:e5:2a:36:ac:3d:e6:64:dc:79:12:9c:
f3:05:69:4d:9c:15:31:e3:98:38:9e:04:e9:e6:3f:
8e:aa:e9:91:d1:dd:29:50:ba:56:c5:30:e8:2b:ca:
96:ac:25:34:36:0b:d0:c1:d1:19:f1:a8:0c:f4:e0:
d6:b9:e4:14:c9:23:18:d4:e6:c0:30:ce:21:cd:ba:
e5:c0:47:55:6c:1a:66:dc:99:9e:a1:62:03:31:b9:
16:3f:57:7a:2f:09:59:ca:82:ca:a3:0e:3e:9e:d2:
1b:c4:ea:64:f9:77:61:b4:80:10:a2:b4:c2:fa:46:
05:56:74:f1:f1:23:22:7c:ac:40:6c:38:9b:24:67:
16:73:dc:fc:85:cb:ee:f6:6c:7a:69:b5:17:22:80:
78:54:21:74:1a:b6:65:a6:1a:9a:48:d4:88:47:03:
de:05:cc:c8:6e:e3:f3:70:0d:71:8d:64:2d:1a:44:
1d:24:a8:15:89:b1:af:09:95:0c:d4:7c:0d:5e:55:
2e:c4:b1:a5:83:f3:d0:a9:c4:fe:63:7d:2e:fe:e0:
6e:49:16:3b:93:55:b4:c7:0c:97:15:75:b5:81:3f:
f0:83:0d:5d:52:9a:4a:b5:47:28:e1:ca:05:77:aa:
41:40:17:5e:2e:29:29:da:35:17:4e:2a:c2:2f:2d:
61:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C3:C9:59:34:A0:7A:A8:6C:F8:C6:00:6B:73:11:32:10:93:E1:C4
X509v3 Authority Key Identifier:
keyid:3C:AC:6A:68:1F:6D:32:89:E1:C4:50:2A:1F:15:C7:BA:E3:1F:92:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PKxqaB9tMonhxFAqHxXHuuMfktw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/105981-5524-4745-a8fc-884c4d4db657/1/bMPJWTSgeqhs-MYAa3MRMhCT4cQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/105981-5524-4745-a8fc-884c4d4db657/1/PKxqaB9tMonhxFAqHxXHuuMfktw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.180.0/22
Signature Algorithm: sha256WithRSAEncryption
42:0b:78:5f:5c:33:a1:f1:17:b5:a3:31:84:a5:8e:cf:ff:68:
92:6f:30:2a:32:b2:fe:e7:01:af:a7:9b:c0:16:04:ab:9c:ae:
80:d7:82:fc:0b:39:24:38:f7:32:6e:33:93:bf:7b:54:dc:c1:
a3:e2:a4:64:32:54:6e:2e:28:68:f5:f7:89:79:79:be:59:c8:
de:10:c7:4a:89:93:df:55:61:01:d8:cb:84:61:c8:a6:91:26:
c6:fb:9b:24:32:77:8e:b6:7d:de:21:b6:95:92:20:2b:42:83:
a7:d6:78:5b:83:77:fd:35:ce:21:8b:91:ff:70:1c:fe:a8:51:
8d:9b:95:ac:ec:aa:70:fe:6e:98:9e:e3:51:8e:d4:13:40:47:
08:39:9e:64:4f:24:7d:63:82:29:dc:c3:56:f9:78:69:96:8e:
9a:e2:9c:6e:66:8d:77:30:f3:98:b5:54:2e:ae:f8:47:5a:97:
80:3e:76:c7:9a:84:ff:2b:ef:bc:86:e6:e9:1d:ab:f8:b9:c9:
44:25:3e:28:27:18:12:15:76:90:3a:a2:c1:03:cb:09:34:47:
29:13:27:4f:2f:fe:8e:ee:14:56:0f:95:85:a6:ed:af:c1:84:
79:bb:f9:53:b1:26:64:c3:5c:b4:dc:64:d0:7c:2a:f3:86:c7:
64:76:e0:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKwckdT9/VAXfFgAzkHxnAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjYWM2YTY4MWY2ZDMyODllMWM0NTAyYTFmMTVjN2JhZTMx
ZjkyZGMwHhcNMjIwODE4MTAxNDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2MzYzk1OTM0YTA3YWE4NmNmOGM2MDA2YjczMTEzMjEwOTNlMWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraiP5So2rD3mZNx5EpzzBWlNnBUx
45g4ngTp5j+OqumR0d0pULpWxTDoK8qWrCU0NgvQwdEZ8agM9ODWueQUySMY1ObA
MM4hzbrlwEdVbBpm3JmeoWIDMbkWP1d6LwlZyoLKow4+ntIbxOpk+XdhtIAQorTC
+kYFVnTx8SMifKxAbDibJGcWc9z8hcvu9mx6abUXIoB4VCF0GrZlphqaSNSIRwPe
BczIbuPzcA1xjWQtGkQdJKgVibGvCZUM1HwNXlUuxLGlg/PQqcT+Y30u/uBuSRY7
k1W0xwyXFXW1gT/wgw1dUppKtUco4coFd6pBQBdeLikp2jUXTirCLy1htQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGzDyVk0oHqobPjGAGtzETIQk+HEMB8GA1UdIwQY
MBaAFDysamgfbTKJ4cRQKh8Vx7rjH5LcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEt4cWFCOXRNb25oeEZBcUh4WEh1dU1ma3R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xMDU5ODEtNTUyNC00NzQ1LWE4ZmMt
ODg0YzRkNGRiNjU3LzEvYk1QSldUU2dlcWhzLU1ZQWEzTVJNaENUNGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xMDU5ODEtNTUyNC00NzQ1LWE4ZmMtODg0YzRkNGRiNjU3
LzEvUEt4cWFCOXRNb25oeEZBcUh4WEh1dU1ma3R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaa0MA0G
CSqGSIb3DQEBCwUAA4IBAQBCC3hfXDOh8Re1ozGEpY7P/2iSbzAqMrL+5wGvp5vA
FgSrnK6A14L8CzkkOPcybjOTv3tU3MGj4qRkMlRuLiho9feJeXm+WcjeEMdKiZPf
VWEB2MuEYcimkSbG+5skMneOtn3eIbaVkiArQoOn1nhbg3f9Nc4hi5H/cBz+qFGN
m5Ws7Kpw/m6YnuNRjtQTQEcIOZ5kTyR9Y4Ip3MNW+Xhplo6a4pxuZo13MPOYtVQu
rvhHWpeAPnbHmoT/K++8hubpHav4uclEJT4oJxgSFXaQOqLBA8sJNEcpEydPL/6O
7hRWD5WFpu2vwYR5u/lTsSZkw1y03GTQfCrzhsdkduAg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:41 2024 by rpki-client on console-ams.rpki-client.org