Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/mFkoFNt_hJAszOTgsv8DVZbrsms.roa
File: mFkoFNt_hJAszOTgsv8DVZbrsms.roa (raw, json)
Hash identifier: esn1o8uFSlucNrh8utg8VnYi3FMEc6zDPB7eLinWu8A=
Subject key identifier: 98:59:28:14:DB:7F:84:90:2C:CC:E4:E0:B2:FF:03:55:96:EB:B2:6B
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018775914853A6BACB1557F28D132181FB98
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/mFkoFNt_hJAszOTgsv8DVZbrsms.roa
Signing time: Wed 12 Apr 2023 13:04:28 +0000
ROA not before: Wed 12 Apr 2023 13:04:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 26548
IP address blocks: 91.222.236.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:75:91:48:53:a6:ba:cb:15:57:f2:8d:13:21:81:fb:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Apr 12 13:04:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98592814db7f84902ccce4e0b2ff035596ebb26b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:cb:3b:92:43:e2:54:85:6c:95:f7:14:9b:f8:
85:74:0b:a7:0b:1d:53:ff:50:c5:3b:a2:76:82:1b:
25:d5:ba:32:e5:b1:90:fe:4f:cf:b4:d0:7c:ac:b1:
3a:69:a3:bf:74:60:8e:11:54:60:2c:16:51:4e:bf:
62:19:3e:8d:5a:a4:b0:cd:49:a0:cb:57:f6:69:34:
8d:cc:ce:20:8b:3b:c1:ff:35:e7:8f:ad:a7:39:9e:
1f:2d:a6:20:c4:cb:ff:06:36:7f:30:65:7b:37:32:
e5:58:64:a9:fe:60:7e:8b:f8:58:13:39:36:f6:fa:
69:3f:1d:f1:d9:21:c6:89:83:c6:86:c1:35:af:19:
cb:8e:99:e0:fd:7c:51:88:d7:0f:b4:20:7c:dd:2a:
81:1d:e7:51:c8:e1:9e:b7:96:e5:c2:51:9a:f6:1d:
ad:98:ef:e1:45:30:53:14:58:6a:9c:e7:3b:d6:5b:
d2:24:34:13:95:6e:07:44:15:69:f7:fc:12:13:31:
4f:4d:d6:35:4b:d4:f7:e5:9e:61:73:f8:3e:2d:99:
ff:c0:6a:d4:b0:42:f0:9b:f4:8e:71:1e:5f:ab:02:
70:9e:8d:93:3d:d8:6f:60:61:e9:34:ff:f7:99:5b:
2d:4d:e7:d4:86:5a:b9:b0:3b:18:bf:e8:30:a7:df:
e6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:59:28:14:DB:7F:84:90:2C:CC:E4:E0:B2:FF:03:55:96:EB:B2:6B
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/mFkoFNt_hJAszOTgsv8DVZbrsms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.236.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:c1:bf:99:1e:6a:cb:43:1a:b7:8d:1b:25:58:94:d5:b7:1e:
93:98:35:ae:50:9e:3f:d8:ed:9e:76:de:9f:4a:c6:b3:38:fe:
ea:4a:df:85:cd:3f:fc:a1:a1:31:88:b3:97:69:40:6e:83:e5:
c7:c0:2c:4e:21:e2:b2:43:2b:ec:51:e4:ce:e3:99:39:d9:0f:
79:25:82:64:6f:05:da:3e:8d:7d:7e:30:e6:27:6c:1d:95:12:
6c:ff:8c:3f:92:82:5e:cd:95:1d:df:62:c9:fe:05:bf:49:e4:
f2:4a:21:8b:46:4f:f9:21:48:c9:d7:16:b4:db:e6:91:c3:b0:
dd:a3:ca:18:f1:72:7d:50:61:25:ff:3a:37:31:0c:d7:29:74:
6b:fa:b3:15:52:01:65:6d:c6:98:67:91:87:8b:7a:3f:83:0e:
87:d1:0f:a1:e3:e9:70:6d:64:f3:72:b1:c3:22:2f:bf:a0:05:
0b:ad:26:71:52:55:9d:22:94:29:7a:94:98:68:06:01:22:5e:
61:0c:14:e9:2f:a9:b2:f6:a4:03:49:80:f7:83:62:3e:f2:26:
26:5a:76:ec:ba:7a:5e:42:df:70:6f:f6:ac:da:64:9a:4f:2d:
ce:e7:a9:86:75:31:31:e7:a5:63:6d:97:07:d3:07:32:2f:f6:
18:ce:1b:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd1kUhTprrLFVfyjRMhgfuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwNDEyMTMwNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODU5MjgxNGRiN2Y4NDkwMmNjY2U0ZTBiMmZmMDM1NTk2ZWJiMjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cs7kkPiVIVslfcUm/iFdAunCx1T
/1DFO6J2ghsl1boy5bGQ/k/PtNB8rLE6aaO/dGCOEVRgLBZRTr9iGT6NWqSwzUmg
y1f2aTSNzM4gizvB/zXnj62nOZ4fLaYgxMv/BjZ/MGV7NzLlWGSp/mB+i/hYEzk2
9vppPx3x2SHGiYPGhsE1rxnLjpng/XxRiNcPtCB83SqBHedRyOGet5blwlGa9h2t
mO/hRTBTFFhqnOc71lvSJDQTlW4HRBVp9/wSEzFPTdY1S9T35Z5hc/g+LZn/wGrU
sELwm/SOcR5fqwJwno2TPdhvYGHpNP/3mVstTefUhlq5sDsYv+gwp9/mNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJhZKBTbf4SQLMzk4LL/A1WW67JrMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvbUZrb0ZOdF9oSkFzek9UZ3N2OERWWmJyc21zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW97sMA0G
CSqGSIb3DQEBCwUAA4IBAQAswb+ZHmrLQxq3jRslWJTVtx6TmDWuUJ4/2O2edt6f
SsazOP7qSt+FzT/8oaExiLOXaUBug+XHwCxOIeKyQyvsUeTO45k52Q95JYJkbwXa
Po19fjDmJ2wdlRJs/4w/koJezZUd32LJ/gW/SeTySiGLRk/5IUjJ1xa02+aRw7Dd
o8oY8XJ9UGEl/zo3MQzXKXRr+rMVUgFlbcaYZ5GHi3o/gw6H0Q+h4+lwbWTzcrHD
Ii+/oAULrSZxUlWdIpQpepSYaAYBIl5hDBTpL6my9qQDSYD3g2I+8iYmWnbsunpe
Qt9wb/as2mSaTy3O56mGdTEx56VjbZcH0wcyL/YYzhtF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:55 2024 by rpki-client on console-fra.rpki-client.org