Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/MvX6Q_lC4JP3Tlok8yBh383e4Qw.roa
File: MvX6Q_lC4JP3Tlok8yBh383e4Qw.roa (raw, json)
Hash identifier: Qkg7EDPsjqJ9TJgLxQkUUrQj1c1cexX1sP1m8M0761c=
Subject key identifier: 32:F5:FA:43:F9:42:E0:93:F7:4E:5A:24:F3:20:61:DF:CD:DE:E1:0C
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0193260AECE3CAF64A0621EB7304607FC624
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/MvX6Q_lC4JP3Tlok8yBh383e4Qw.roa
Signing time: Wed 13 Nov 2024 15:01:10 +0000
ROA not before: Wed 13 Nov 2024 15:01:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 83.147.217.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:26:0a:ec:e3:ca:f6:4a:06:21:eb:73:04:60:7f:c6:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Nov 13 15:01:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32f5fa43f942e093f74e5a24f32061dfcddee10c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:09:e2:a8:f9:f2:95:74:f0:de:c6:11:50:93:
73:fb:43:6a:86:31:79:dd:a5:c4:3d:31:14:40:f4:
cf:7e:ec:b1:13:35:89:01:f0:94:bc:89:88:73:f9:
62:55:a4:7b:94:18:e7:35:01:04:ac:69:6b:45:02:
b2:ec:f9:91:e1:bd:8c:3f:53:e4:73:40:5a:6d:e5:
85:27:4f:22:66:d1:26:17:61:0e:36:b2:a0:17:ba:
55:23:66:1d:8c:20:e3:0c:b3:6a:71:05:68:ef:e9:
af:66:95:12:6d:cd:d6:bf:cd:d6:36:e1:87:bd:bd:
d7:c8:fb:e8:26:82:30:85:d6:56:e9:84:ea:47:6c:
42:e7:a4:6a:49:9c:83:b1:ed:4e:67:85:74:c4:f2:
e1:2f:09:8a:43:c4:c9:02:1b:ad:a4:a4:6a:11:51:
d6:e1:cd:23:eb:50:76:02:e7:29:29:c2:b3:42:2e:
9c:c8:07:29:e4:74:34:92:d3:4b:fa:87:1b:22:6a:
e4:d7:55:72:92:40:f4:69:aa:5b:07:f6:42:e3:28:
7c:ec:da:9b:7e:29:ce:72:07:3e:a6:ef:88:cc:ff:
1d:5d:68:f0:89:fc:2d:ef:4e:b8:32:cd:fb:65:b1:
79:2b:9e:d9:4c:a6:0c:f8:de:92:b2:c9:08:87:aa:
8a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F5:FA:43:F9:42:E0:93:F7:4E:5A:24:F3:20:61:DF:CD:DE:E1:0C
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/MvX6Q_lC4JP3Tlok8yBh383e4Qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.217.0/24
Signature Algorithm: sha256WithRSAEncryption
44:e5:77:eb:70:43:3b:18:39:be:df:59:45:fc:c5:66:d3:f3:
2a:06:8c:30:49:0d:ab:2b:00:c2:db:30:ff:33:8c:a9:cc:f7:
bb:e3:65:9f:a1:ef:31:6c:40:b0:43:12:30:b9:70:f8:03:e4:
b3:9a:e5:47:16:31:31:eb:0d:55:d2:b8:fa:68:27:2a:51:3d:
f2:9d:e4:94:c8:28:d2:ae:b0:b1:c9:c3:23:12:d5:f6:19:8a:
80:f0:32:08:ba:85:2c:75:30:5c:60:7d:05:2c:61:68:21:a7:
40:31:72:6f:a1:3f:d6:72:3c:e7:5b:0c:b8:85:fc:04:cc:28:
ea:52:b3:48:ee:3f:68:f2:15:8b:a1:f7:e1:7a:ff:64:e1:a5:
6a:c2:76:81:da:d8:20:7c:8e:f5:9e:66:d2:e1:d1:92:28:8c:
6d:62:74:53:5e:63:5a:b6:f8:9c:c3:78:51:8b:ff:6a:73:6e:
f3:81:9f:5e:bd:bd:b4:c8:53:85:25:2d:6c:80:27:16:e0:a4:
fe:d8:80:83:98:f3:d2:bc:f7:ea:27:46:43:b5:1a:d9:f0:89:
06:79:24:7c:53:c8:66:8a:bc:15:71:7f:be:00:72:92:56:18:
12:99:99:80:41:59:fe:91:17:9d:77:d2:1e:53:16:2a:02:b3:
72:28:96:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMmCuzjyvZKBiHrcwRgf8YkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQxMTEzMTUwMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmY1ZmE0M2Y5NDJlMDkzZjc0ZTVhMjRmMzIwNjFkZmNkZGVlMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwniqPnylXTw3sYRUJNz+0NqhjF5
3aXEPTEUQPTPfuyxEzWJAfCUvImIc/liVaR7lBjnNQEErGlrRQKy7PmR4b2MP1Pk
c0BabeWFJ08iZtEmF2EONrKgF7pVI2YdjCDjDLNqcQVo7+mvZpUSbc3Wv83WNuGH
vb3XyPvoJoIwhdZW6YTqR2xC56RqSZyDse1OZ4V0xPLhLwmKQ8TJAhutpKRqEVHW
4c0j61B2AucpKcKzQi6cyAcp5HQ0ktNL+ocbImrk11VykkD0aapbB/ZC4yh87Nqb
finOcgc+pu+IzP8dXWjwifwt7064Ms37ZbF5K57ZTKYM+N6SsskIh6qKlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDL1+kP5QuCT905aJPMgYd/N3uEMMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvTXZYNlFfbEM0SlAzVGxvazh5QmgzODNlNFF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU5PZMA0G
CSqGSIb3DQEBCwUAA4IBAQBE5XfrcEM7GDm+31lF/MVm0/MqBowwSQ2rKwDC2zD/
M4ypzPe742Wfoe8xbECwQxIwuXD4A+SzmuVHFjEx6w1V0rj6aCcqUT3yneSUyCjS
rrCxycMjEtX2GYqA8DIIuoUsdTBcYH0FLGFoIadAMXJvoT/WcjznWwy4hfwEzCjq
UrNI7j9o8hWLoffhev9k4aVqwnaB2tggfI71nmbS4dGSKIxtYnRTXmNatvicw3hR
i/9qc27zgZ9evb20yFOFJS1sgCcW4KT+2ICDmPPSvPfqJ0ZDtRrZ8IkGeSR8U8hm
irwVcX++AHKSVhgSmZmAQVn+kRedd9IeUxYqArNyKJZ7
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:31:40 2025 by rpki-client