Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/031100-458a-474e-927c-df027916ce50/1/MJbT__XWCelqdjrmNsjrEh7WeoI.roa
File: MJbT__XWCelqdjrmNsjrEh7WeoI.roa (raw, json)
Hash identifier: +Z1VMYd5v8fPZv7TiHoBQPQIaAWupB/KW+6F599Uczk=
Subject key identifier: 30:96:D3:FF:F5:D6:09:E9:6A:76:3A:E6:36:C8:EB:12:1E:D6:7A:82
Certificate issuer: /CN=7cd162dec78209bc03add081527d54b27e84d26e
Certificate serial: 018571554F09295E84287307229928121846
Authority key identifier: 7C:D1:62:DE:C7:82:09:BC:03:AD:D0:81:52:7D:54:B2:7E:84:D2:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fNFi3seCCbwDrdCBUn1Usn6E0m4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/031100-458a-474e-927c-df027916ce50/1/MJbT__XWCelqdjrmNsjrEh7WeoI.roa
Signing time: Mon 02 Jan 2023 07:14:54 +0000
ROA not before: Mon 02 Jan 2023 07:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43073
IP address blocks: 91.240.106.0/23 maxlen: 23
193.32.36.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:4f:09:29:5e:84:28:73:07:22:99:28:12:18:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7cd162dec78209bc03add081527d54b27e84d26e
Validity
Not Before: Jan 2 07:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3096d3fff5d609e96a763ae636c8eb121ed67a82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:43:e5:0a:48:b0:09:c3:7a:86:e8:3e:7e:11:
24:4f:40:ef:0f:d5:f8:23:4a:62:c8:dd:c4:7b:6f:
1c:13:7d:b3:91:54:da:37:ec:3d:25:36:09:40:0f:
95:f6:1a:08:38:4c:0a:a6:0c:68:99:5c:b4:db:8d:
66:7d:f5:de:d8:54:12:ad:fb:0f:4d:3c:33:f2:86:
98:6f:ca:fe:df:5b:e2:81:c9:93:d1:73:dd:e3:34:
5f:58:4b:9e:4d:c3:1b:a8:aa:02:ee:f5:2f:80:42:
3e:2e:08:7c:4f:fa:7e:81:fc:9d:c8:9e:db:71:bd:
e4:77:84:05:8e:d6:3d:1a:bf:a5:20:cc:78:1c:98:
a6:ad:eb:12:d9:11:70:02:81:0b:44:d8:b8:ed:bd:
39:29:50:4e:6e:a0:7c:a5:b7:a9:e7:4c:b8:7b:d8:
5e:68:fb:ec:50:83:1c:4d:42:8d:a6:75:b7:0b:ad:
91:47:bb:dd:50:8b:25:05:d5:a0:8b:42:a5:46:fc:
ad:14:ff:37:43:75:ce:1e:d4:b6:69:93:6b:38:a0:
eb:1a:16:d6:71:e1:a8:66:57:86:4d:97:2b:2d:84:
83:e5:28:77:63:47:5d:5b:dd:98:fc:43:2c:82:b1:
23:46:b5:b5:23:dc:7b:5f:1a:43:bf:fa:2c:6e:22:
43:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:96:D3:FF:F5:D6:09:E9:6A:76:3A:E6:36:C8:EB:12:1E:D6:7A:82
X509v3 Authority Key Identifier:
keyid:7C:D1:62:DE:C7:82:09:BC:03:AD:D0:81:52:7D:54:B2:7E:84:D2:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fNFi3seCCbwDrdCBUn1Usn6E0m4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/031100-458a-474e-927c-df027916ce50/1/MJbT__XWCelqdjrmNsjrEh7WeoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/031100-458a-474e-927c-df027916ce50/1/fNFi3seCCbwDrdCBUn1Usn6E0m4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.106.0/23
193.32.36.0/24
Signature Algorithm: sha256WithRSAEncryption
49:02:78:4a:9f:28:39:43:45:22:38:57:cd:5d:47:49:e7:ab:
55:33:82:5c:12:ab:df:af:1d:1f:ee:cb:60:81:ba:69:97:ed:
24:2c:92:ce:a1:50:81:3b:d9:04:8b:17:f1:28:a6:40:51:6a:
9b:63:b5:5d:a2:70:31:b0:a3:10:57:f1:6c:a5:6a:c5:c2:ba:
45:cc:20:af:e5:e9:0c:05:b0:5a:40:dc:84:fb:e3:57:2d:69:
d1:12:f5:2e:18:a7:9d:3f:54:98:7e:13:0f:88:39:c0:c4:bd:
2f:82:e0:d1:74:24:43:0e:f8:24:80:a7:11:37:b0:8a:ec:4b:
5a:78:41:06:6f:56:3e:a7:10:fd:42:0a:50:13:ad:f5:e2:9a:
b3:86:34:d9:24:09:ac:a0:39:b3:a7:c4:f7:df:12:43:92:6b:
79:80:7d:12:ec:98:de:67:7c:9d:50:6f:4f:63:6f:df:19:01:
96:1f:1b:64:a0:28:7e:12:3e:65:59:90:0e:1b:f3:af:f7:1a:
59:5e:2c:4f:c5:03:a2:3a:cb:49:76:46:08:55:ca:33:51:e5:
ae:03:0e:88:a5:0c:4c:0f:3a:69:de:51:72:9b:68:e3:77:f0:
c4:1d:b5:f6:71:27:62:cd:ee:14:27:9c:76:f5:23:7e:2b:f5:
e3:3e:38:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxVU8JKV6EKHMHIpkoEhhGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZDE2MmRlYzc4MjA5YmMwM2FkZDA4MTUyN2Q1NGIyN2U4
NGQyNmUwHhcNMjMwMTAyMDcxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDk2ZDNmZmY1ZDYwOWU5NmE3NjNhZTYzNmM4ZWIxMjFlZDY3YTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEPlCkiwCcN6hug+fhEkT0DvD9X4
I0piyN3Ee28cE32zkVTaN+w9JTYJQA+V9hoIOEwKpgxomVy0241mffXe2FQSrfsP
TTwz8oaYb8r+31vigcmT0XPd4zRfWEueTcMbqKoC7vUvgEI+Lgh8T/p+gfydyJ7b
cb3kd4QFjtY9Gr+lIMx4HJimresS2RFwAoELRNi47b05KVBObqB8pbep50y4e9he
aPvsUIMcTUKNpnW3C62RR7vdUIslBdWgi0KlRvytFP83Q3XOHtS2aZNrOKDrGhbW
ceGoZleGTZcrLYSD5Sh3Y0ddW92Y/EMsgrEjRrW1I9x7XxpDv/osbiJDmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDCW0//11gnpanY65jbI6xIe1nqCMB8GA1UdIwQY
MBaAFHzRYt7Hggm8A63QgVJ9VLJ+hNJuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk5GaTNzZUNDYndEcmRDQlVuMVVzbjZFMG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8wMzExMDAtNDU4YS00NzRlLTkyN2Mt
ZGYwMjc5MTZjZTUwLzEvTUpiVF9fWFdDZWxxZGpybU5zanJFaDdXZW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8wMzExMDAtNDU4YS00NzRlLTkyN2MtZGYwMjc5MTZjZTUw
LzEvZk5GaTNzZUNDYndEcmRDQlVuMVVzbjZFMG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW/BqAwQA
wSAkMA0GCSqGSIb3DQEBCwUAA4IBAQBJAnhKnyg5Q0UiOFfNXUdJ56tVM4JcEqvf
rx0f7stggbppl+0kLJLOoVCBO9kEixfxKKZAUWqbY7VdonAxsKMQV/FspWrFwrpF
zCCv5ekMBbBaQNyE++NXLWnREvUuGKedP1SYfhMPiDnAxL0vguDRdCRDDvgkgKcR
N7CK7EtaeEEGb1Y+pxD9QgpQE6314pqzhjTZJAmsoDmzp8T33xJDkmt5gH0S7Jje
Z3ydUG9PY2/fGQGWHxtkoCh+Ej5lWZAOG/Ov9xpZXixPxQOiOstJdkYIVcozUeWu
Aw6IpQxMDzpp3lFym2jjd/DEHbX2cSdize4UJ5x29SN+K/XjPjiS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:18 2024 by rpki-client on console-fra.rpki-client.org