Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MYh2-m4cr0IwQjPVjhBUhchbpek.roa
File: MYh2-m4cr0IwQjPVjhBUhchbpek.roa (raw, json)
Hash identifier: stvWrEJvZBDx0A9CYvgKN1LG7W334BurBewFC1zNrI4=
Subject key identifier: 31:88:76:FA:6E:1C:AF:42:30:42:33:D5:8E:10:54:85:C8:5B:A5:E9
Certificate issuer: /CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Certificate serial: 018D1827B4391522FBE70D3378C1ECFBC6A4
Authority key identifier: 31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MYh2-m4cr0IwQjPVjhBUhchbpek.roa
Signing time: Wed 17 Jan 2024 16:01:11 +0000
ROA not before: Wed 17 Jan 2024 16:01:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41957
IP address blocks: 46.253.128.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:18:27:b4:39:15:22:fb:e7:0d:33:78:c1:ec:fb:c6:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Validity
Not Before: Jan 17 16:01:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=318876fa6e1caf42304233d58e105485c85ba5e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:39:d9:c9:cf:fe:8b:a6:62:af:f5:3a:64:03:
b0:08:26:39:68:82:4e:71:17:79:8b:0a:c0:3f:31:
38:c1:a6:bd:01:da:96:5e:35:11:ac:e6:e2:8c:5a:
68:2f:49:91:87:ba:38:b3:f2:d7:ea:24:a7:f9:8d:
13:67:19:14:6b:aa:b3:f9:e5:58:ea:ac:90:22:61:
62:04:78:4c:c0:41:c1:0a:2a:87:07:9b:b6:bd:51:
33:0b:bd:06:65:8d:56:4a:7f:b6:9f:6e:d8:2f:ab:
87:3c:78:eb:e1:51:6a:79:23:6d:79:0c:68:6d:10:
65:04:9e:5b:e0:7c:d2:2d:59:9b:25:fd:ad:83:d8:
a2:ea:44:bd:a9:85:73:0a:ab:fd:1f:ee:2c:92:05:
9c:29:86:90:09:1d:33:44:fd:f5:44:d5:7e:50:b5:
2c:63:4b:71:59:e7:bf:a6:ae:b7:7d:b1:62:8b:7f:
12:3b:f1:08:24:6a:fa:00:10:e8:2a:43:b6:ca:b1:
01:03:e7:d2:02:37:bd:7e:fe:5e:c0:6e:8a:b7:ca:
55:cb:36:72:9e:03:1d:5c:23:95:d3:f6:85:85:47:
6a:67:17:a5:1c:40:2d:52:e7:37:e4:f2:d0:bc:1e:
35:41:5b:3d:72:ff:96:4d:c2:cf:ee:3d:8e:16:5f:
27:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:88:76:FA:6E:1C:AF:42:30:42:33:D5:8E:10:54:85:C8:5B:A5:E9
X509v3 Authority Key Identifier:
keyid:31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MYh2-m4cr0IwQjPVjhBUhchbpek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MQsFJRN4mUz6gIjSO27u1Onmqwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.128.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:a9:51:71:0f:9b:1a:73:0a:cb:e5:3e:a2:e9:32:50:cc:3e:
38:a1:76:78:6e:e9:57:08:ff:85:de:45:cc:9a:6c:45:7a:53:
29:ee:44:8f:db:2f:91:28:2d:13:9c:89:64:01:53:a2:91:5f:
06:c6:4e:33:63:58:02:88:d1:04:7f:da:35:5f:07:4f:29:32:
f5:ef:23:b7:85:b8:f6:f4:3c:95:9c:c3:6d:ee:9e:23:9d:10:
ed:39:07:fe:e1:ac:9f:fe:c7:f8:b7:a1:ab:4b:4e:e7:4c:5a:
c1:01:05:28:e7:e8:ad:62:1b:e9:e2:8d:48:47:57:9d:5a:78:
0b:77:ee:f7:9d:53:29:2b:30:a5:dd:ef:31:1e:e7:a2:45:77:
99:82:fa:d9:f3:a2:23:f5:be:28:aa:0a:0e:17:9f:35:d8:be:
a0:0c:9b:2e:48:76:d1:10:6e:10:94:d2:8f:35:4e:d1:ab:0e:
38:52:c9:b7:2e:55:3a:96:76:72:47:c2:09:13:52:f0:9c:26:
b4:87:e2:6b:f9:35:fa:52:8c:df:1a:60:92:5f:b6:85:58:d8:
f6:1e:1d:a7:ea:78:8e:88:82:07:82:9e:30:a0:ba:ba:59:ac:
37:3d:da:ac:57:64:dc:d6:17:31:72:ec:12:1d:b1:d7:72:d5:
86:43:90:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0YJ7Q5FSL75w0zeMHs+8akMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMGIwNTI1MTM3ODk5NGNmYTgwODhkMjNiNmVlZWQ0ZTll
NmFiMDgwHhcNMjQwMTE3MTYwMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTg4NzZmYTZlMWNhZjQyMzA0MjMzZDU4ZTEwNTQ4NWM4NWJhNWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojnZyc/+i6Zir/U6ZAOwCCY5aIJO
cRd5iwrAPzE4waa9AdqWXjURrObijFpoL0mRh7o4s/LX6iSn+Y0TZxkUa6qz+eVY
6qyQImFiBHhMwEHBCiqHB5u2vVEzC70GZY1WSn+2n27YL6uHPHjr4VFqeSNteQxo
bRBlBJ5b4HzSLVmbJf2tg9ii6kS9qYVzCqv9H+4skgWcKYaQCR0zRP31RNV+ULUs
Y0txWee/pq63fbFii38SO/EIJGr6ABDoKkO2yrEBA+fSAje9fv5ewG6Kt8pVyzZy
ngMdXCOV0/aFhUdqZxelHEAtUuc35PLQvB41QVs9cv+WTcLP7j2OFl8nqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDGIdvpuHK9CMEIz1Y4QVIXIW6XpMB8GA1UdIwQY
MBaAFDELBSUTeJlM+oCI0jtu7tTp5qsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEt
N2NmZGYyZGY2NjMyLzEvTVloMi1tNGNyMEl3UWpQVmpoQlVoY2hicGVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEtN2NmZGYyZGY2NjMy
LzEvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALv2AMA0G
CSqGSIb3DQEBCwUAA4IBAQAtqVFxD5sacwrL5T6i6TJQzD44oXZ4bulXCP+F3kXM
mmxFelMp7kSP2y+RKC0TnIlkAVOikV8Gxk4zY1gCiNEEf9o1XwdPKTL17yO3hbj2
9DyVnMNt7p4jnRDtOQf+4ayf/sf4t6GrS07nTFrBAQUo5+itYhvp4o1IR1edWngL
d+73nVMpKzCl3e8xHueiRXeZgvrZ86Ij9b4oqgoOF5812L6gDJsuSHbREG4QlNKP
NU7Rqw44Usm3LlU6lnZyR8IJE1LwnCa0h+Jr+TX6UozfGmCSX7aFWNj2Hh2n6niO
iIIHgp4woLq6Waw3PdqsV2Tc1hcxcuwSHbHXctWGQ5AF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:47 2024 by rpki-client on console-ams.rpki-client.org