Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/MYh2WUU2EBLIL47YwM6h_v60Iiw.roa
File: MYh2WUU2EBLIL47YwM6h_v60Iiw.roa (raw, json)
Hash identifier: +QrZjmBrR0MYUVjxx3y5dKQT/emfZIZEUYJLHrz5FLU=
Subject key identifier: 31:88:76:59:45:36:10:12:C8:2F:8E:D8:C0:CE:A1:FE:FE:B4:22:2C
Certificate issuer: /CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Certificate serial: 01856DAF66D08130C67F5A0704507FB8FE71
Authority key identifier: 8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/MYh2WUU2EBLIL47YwM6h_v60Iiw.roa
Signing time: Sun 01 Jan 2023 14:14:49 +0000
ROA not before: Sun 01 Jan 2023 14:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7922
IP address blocks: 45.90.20.0/22 maxlen: 22
194.99.112.0/24 maxlen: 24
194.102.239.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:66:d0:81:30:c6:7f:5a:07:04:50:7f:b8:fe:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Validity
Not Before: Jan 1 14:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3188765945361012c82f8ed8c0cea1fefeb4222c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6d:8d:0e:9a:03:0f:c1:d1:3f:e1:f8:71:77:
75:75:80:af:f9:92:6a:a7:38:8d:45:e6:4f:b6:d0:
e6:96:66:00:64:57:78:a0:8d:49:e8:99:01:23:20:
6a:08:28:3e:e2:3b:2e:10:eb:24:51:fd:7a:f9:aa:
b5:4b:28:23:64:d2:94:7a:95:75:c8:c6:e4:b9:e0:
6d:8e:a0:d9:e5:57:a3:a1:8d:52:8d:fb:b4:23:27:
1c:1c:2e:45:ec:bf:b4:a8:4d:2d:ba:40:5e:b7:16:
81:08:44:03:22:45:71:67:d6:30:b0:1a:c8:8c:aa:
f1:6a:bd:f7:02:7e:be:3c:cb:fb:0e:4a:49:8a:a9:
66:88:82:e5:e0:7b:af:1e:fd:a2:75:d4:06:08:78:
36:2c:13:3a:9f:52:26:b2:4c:b8:6c:08:cd:07:c4:
2b:c9:31:bd:25:e4:ae:d8:f5:16:7c:cc:ce:50:ec:
7c:88:2f:22:7f:5a:d4:50:59:f0:68:cf:6b:20:5b:
eb:fc:11:47:ed:99:8d:ae:d0:27:b6:b7:d9:0f:99:
78:b0:5b:a0:bd:31:08:f7:d3:32:27:f3:76:20:96:
21:f7:c8:a4:d3:83:cd:be:70:5c:80:76:22:0a:bf:
07:81:0f:9c:25:1d:b5:4f:b2:54:72:30:76:73:a2:
02:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:88:76:59:45:36:10:12:C8:2F:8E:D8:C0:CE:A1:FE:FE:B4:22:2C
X509v3 Authority Key Identifier:
keyid:8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/MYh2WUU2EBLIL47YwM6h_v60Iiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.20.0/22
194.99.112.0/24
194.102.239.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:42:15:23:82:3c:59:07:08:41:1b:29:f5:2a:c2:d6:12:62:
5d:48:02:9c:45:4f:32:85:3a:0a:60:12:39:53:07:f6:da:54:
25:3c:f1:5a:3d:4d:9c:eb:d0:b2:e6:98:4f:6c:7b:b3:1f:1a:
97:74:64:df:f0:16:9d:31:5c:92:43:e5:e6:cc:13:41:61:17:
33:ad:31:d0:40:c5:8b:28:de:60:6e:32:a9:27:1f:a1:d9:29:
71:e1:db:ee:87:c7:11:39:66:d3:6a:d2:43:09:74:e5:de:26:
82:2b:e1:e8:dc:4b:b3:9e:70:c5:72:da:7b:64:ce:cc:f7:b4:
48:1b:83:42:b2:3b:c2:02:19:09:64:cd:bc:15:f1:6b:5a:d3:
36:01:2a:85:19:45:fd:2b:de:c6:ab:14:bf:36:f6:e0:d9:0a:
20:07:89:ea:55:29:7c:82:3f:70:65:86:d2:66:c0:38:98:fc:
76:f4:8d:c0:9b:01:08:c3:96:cd:0a:41:72:87:1a:bf:45:9c:
52:19:62:a5:ae:0a:da:80:97:31:ee:6d:8d:c9:41:0e:ae:ae:
c9:71:1d:2c:39:36:c4:9a:8d:ed:bf:65:07:73:5e:0e:33:ad:
e2:8d:e5:67:c7:89:b5:91:f8:b4:30:a7:dd:60:c2:9b:56:71:
d7:40:cc:bf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtr2bQgTDGf1oHBFB/uP5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYzY5NjQ2NDU3YThiZjhlZjk1NjliOWI0MjdlOWYyYzQ2
MmU1NmUwHhcNMjMwMTAxMTQxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTg4NzY1OTQ1MzYxMDEyYzgyZjhlZDhjMGNlYTFmZWZlYjQyMjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxG2NDpoDD8HRP+H4cXd1dYCv+ZJq
pziNReZPttDmlmYAZFd4oI1J6JkBIyBqCCg+4jsuEOskUf16+aq1SygjZNKUepV1
yMbkueBtjqDZ5VejoY1Sjfu0IyccHC5F7L+0qE0tukBetxaBCEQDIkVxZ9YwsBrI
jKrxar33An6+PMv7DkpJiqlmiILl4HuvHv2iddQGCHg2LBM6n1Imsky4bAjNB8Qr
yTG9JeSu2PUWfMzOUOx8iC8if1rUUFnwaM9rIFvr/BFH7ZmNrtAntrfZD5l4sFug
vTEI99MyJ/N2IJYh98ik04PNvnBcgHYiCr8HgQ+cJR21T7JUcjB2c6ICfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDGIdllFNhASyC+O2MDOof7+tCIsMB8GA1UdIwQY
MBaAFI/GlkZFeov475VpubQn6fLEYuVuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTkt
YjBiMzVhMzRlMzg4LzEvTVloMldVVTJFQkxJTDQ3WXdNNmhfdjYwSWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTktYjBiMzVhMzRlMzg4
LzEvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLVoUAwQA
wmNwAwQAwmbvMA0GCSqGSIb3DQEBCwUAA4IBAQAtQhUjgjxZBwhBGyn1KsLWEmJd
SAKcRU8yhToKYBI5Uwf22lQlPPFaPU2c69Cy5phPbHuzHxqXdGTf8BadMVySQ+Xm
zBNBYRczrTHQQMWLKN5gbjKpJx+h2Slx4dvuh8cROWbTatJDCXTl3iaCK+Ho3Euz
nnDFctp7ZM7M97RIG4NCsjvCAhkJZM28FfFrWtM2ASqFGUX9K97GqxS/Nvbg2Qog
B4nqVSl8gj9wZYbSZsA4mPx29I3AmwEIw5bNCkFyhxq/RZxSGWKlrgragJcx7m2N
yUEOrq7JcR0sOTbEmo3tv2UHc14OM63ijeVnx4m1kfi0MKfdYMKbVnHXQMy/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:29 2024 by rpki-client on console-fra.rpki-client.org