Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/mBNeQKJ6NIcA4kriu9XaOoKhZtQ.roa
File: mBNeQKJ6NIcA4kriu9XaOoKhZtQ.roa (raw, json)
Hash identifier: YScWy09cgmx4QZxQQ/MArUJaJjXjWVavGDNunywnZPc=
Subject key identifier: 98:13:5E:40:A2:7A:34:87:00:E2:4A:E2:BB:D5:DA:3A:82:A1:66:D4
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 0609333E
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/mBNeQKJ6NIcA4kriu9XaOoKhZtQ.roa
Signing time: Fri 18 Feb 2022 23:20:27 +0000
ROA not before: Fri 18 Feb 2022 23:20:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 2a0a:1f46::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101266238 (0x609333e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Feb 18 23:20:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98135e40a27a348700e24ae2bbd5da3a82a166d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8c:c7:68:52:19:7a:13:69:37:9f:71:a1:7c:
82:7a:e5:3a:50:d1:5f:fb:6d:98:9d:a1:06:b3:12:
4f:88:57:31:37:eb:1e:1b:eb:cf:6e:8f:00:c3:30:
cf:1f:a9:61:1f:5d:ca:0f:8b:1d:7a:f7:fb:1a:bc:
5a:60:4d:70:f8:75:8c:d3:30:03:33:c0:b0:62:bd:
03:9f:68:97:58:36:d1:59:9b:3a:8c:9a:5b:6e:25:
07:9c:c4:07:ee:c4:3c:39:30:3d:52:51:cf:42:4b:
57:9a:e7:63:1d:fd:67:73:66:20:b3:2e:af:e1:2b:
5b:57:2d:90:f8:b2:9e:51:3f:7a:dd:ed:fc:fe:93:
ab:c5:ba:83:56:5b:14:5e:bf:30:49:c3:9a:f4:59:
40:4c:20:bd:76:b2:3a:a6:86:62:c3:85:f0:bf:f2:
f7:0b:7b:b4:63:e5:f5:89:69:9c:18:ba:ba:52:59:
48:09:98:56:d4:2b:6e:d4:67:68:32:5e:b2:18:15:
9f:45:14:d3:4a:9e:1e:ab:1f:c8:1e:8c:34:4f:95:
21:ea:c6:0e:25:e3:b7:45:c7:67:67:f5:87:69:e9:
ab:1c:82:3f:ea:cb:2d:16:b2:29:9b:15:1b:d6:ac:
89:ad:45:7f:ac:da:89:c8:7a:fe:0b:a8:ff:ff:0a:
2a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:13:5E:40:A2:7A:34:87:00:E2:4A:E2:BB:D5:DA:3A:82:A1:66:D4
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/mBNeQKJ6NIcA4kriu9XaOoKhZtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:1f46::/32
Signature Algorithm: sha256WithRSAEncryption
5b:32:7c:7b:a4:51:ec:7e:4b:df:fd:93:e2:47:e2:b8:e0:f7:
b1:87:fc:15:fb:e6:58:10:f6:95:11:da:24:24:1c:8f:66:7e:
82:ca:92:55:df:2a:c8:42:8c:6c:a1:d7:40:a1:5c:16:82:b5:
8d:97:ba:74:43:b8:3b:5f:82:9d:b7:c9:65:6f:0e:f9:61:fa:
d7:fd:76:8e:f2:9d:cb:c4:91:60:81:5d:2a:cc:d0:9d:36:19:
76:ba:1e:a2:98:86:3b:6c:db:92:8c:d3:cb:bf:bf:8a:11:9f:
af:a1:f5:c5:d0:8f:2c:6f:52:99:11:22:64:1d:64:84:48:e2:
17:82:20:11:93:9d:19:84:02:b5:93:7b:d2:f8:b2:21:ac:0e:
9a:34:88:3d:1d:82:fb:b5:41:2f:98:f6:da:92:b3:aa:03:d3:
3e:95:02:ba:b5:17:0f:a5:57:a6:a8:91:41:a0:c7:da:da:08:
10:33:26:0f:47:98:e7:b6:07:41:71:35:92:82:84:34:37:21:
6b:29:6a:ec:50:ce:70:90:12:73:8c:29:1e:72:74:0f:37:b0:
f3:91:18:99:cf:a3:3f:f1:f7:6a:ae:5c:05:aa:0a:5c:eb:d6:
1e:fa:eb:7c:98:a3:a0:69:97:fb:e3:0d:0d:1d:2b:6a:65:6e:
f6:26:cb:7a
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEBgkzPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWM4YjczYWI3YmRlYjc2ZmY0OGIyY2EwOTk2MTZlZGJlNzFjNDI2MB4XDTIyMDIx
ODIzMjAyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTgxMzVlNDBhMjdh
MzQ4NzAwZTI0YWUyYmJkNWRhM2E4MmExNjZkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMOMx2hSGXoTaTefcaF8gnrlOlDRX/ttmJ2hBrMST4hXMTfr
Hhvrz26PAMMwzx+pYR9dyg+LHXr3+xq8WmBNcPh1jNMwAzPAsGK9A59ol1g20Vmb
OoyaW24lB5zEB+7EPDkwPVJRz0JLV5rnYx39Z3NmILMur+ErW1ctkPiynlE/et3t
/P6Tq8W6g1ZbFF6/MEnDmvRZQEwgvXayOqaGYsOF8L/y9wt7tGPl9YlpnBi6ulJZ
SAmYVtQrbtRnaDJeshgVn0UU00qeHqsfyB6MNE+VIerGDiXjt0XHZ2f1h2npqxyC
P+rLLRayKZsVG9asia1Ff6zaich6/guo//8KKksCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSYE15Aono0hwDiSuK71do6gqFm1DAfBgNVHSMEGDAWgBSByLc6t73rdv9I
ssoJlhbtvnHEJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djaTNPcmU5NjNiX1NMTEtDWllXN2I1eHhDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvMjA3OTM0LTllZGMtNGE4OS04MjBlLWQ4NDg4YjNhYjQyZi8x
L21CTmVRS0o2TkljQTRrcml1OVhhT29LaFp0US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
MjA3OTM0LTllZGMtNGE4OS04MjBlLWQ4NDg4YjNhYjQyZi8xL2djaTNPcmU5NjNi
X1NMTEtDWllXN2I1eHhDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoKH0YwDQYJKoZIhvcNAQELBQAD
ggEBAFsyfHukUex+S9/9k+JH4rjg97GH/BX75lgQ9pUR2iQkHI9mfoLKklXfKshC
jGyh10ChXBaCtY2XunRDuDtfgp23yWVvDvlh+tf9do7yncvEkWCBXSrM0J02GXa6
HqKYhjts25KM08u/v4oRn6+h9cXQjyxvUpkRImQdZIRI4heCIBGTnRmEArWTe9L4
siGsDpo0iD0dgvu1QS+Y9tqSs6oD0z6VArq1Fw+lV6aokUGgx9raCBAzJg9HmOe2
B0FxNZKChDQ3IWspauxQznCQEnOMKR5ydA83sPORGJnPoz/x92quXAWqClzr1h76
63yYo6Bpl/vjDQ0dK2plbvYmy3o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:02 2024 by rpki-client on console-ams.rpki-client.org