Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/mJVqQZEpxx5XXUtziCrTgIvUU5Y.roa
File: mJVqQZEpxx5XXUtziCrTgIvUU5Y.roa (raw, json)
Hash identifier: 0rsVohmv2vx6syx6AQ2gZCzYHysOBdB7IAfdLMi/tK4=
Subject key identifier: 98:95:6A:41:91:29:C7:1E:57:5D:4B:73:88:2A:D3:80:8B:D4:53:96
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 018CC64AAFF720B013144E08389534F2E2D2
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/mJVqQZEpxx5XXUtziCrTgIvUU5Y.roa
Signing time: Mon 01 Jan 2024 18:30:32 +0000
ROA not before: Mon 01 Jan 2024 18:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200509
IP address blocks: 212.237.228.0/24 maxlen: 24
185.177.74.0/23 maxlen: 23
185.177.73.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:af:f7:20:b0:13:14:4e:08:38:95:34:f2:e2:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Jan 1 18:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98956a419129c71e575d4b73882ad3808bd45396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1e:b6:60:19:b6:62:a4:85:0d:9d:61:72:f3:
20:49:89:60:38:c6:cd:cb:a4:e9:a9:1f:ed:6c:c2:
6a:84:ad:6a:cc:74:fb:1d:24:04:6d:6a:95:7e:53:
8e:a3:a4:52:b1:5d:2e:13:6e:0b:0a:7a:23:d6:06:
68:fb:86:be:3e:f0:7c:1c:80:31:b3:bd:c1:09:b8:
66:88:04:0b:a8:83:73:12:16:82:02:9f:e3:12:28:
39:0b:57:2e:34:2b:a0:3d:0f:04:fc:11:f9:f7:f1:
a6:1a:0c:bc:49:fa:53:72:f8:6d:e2:1d:02:e1:e7:
e7:32:14:ea:72:a8:04:77:d3:de:cc:51:99:8a:e3:
45:e2:cc:8b:21:1e:75:0f:3e:00:45:e0:60:1e:5c:
23:4d:76:40:0f:2b:26:d7:f5:e2:1e:67:49:27:7c:
84:f5:0a:a3:06:3b:c7:5b:c7:36:32:b1:f5:fd:60:
b0:26:2d:b2:fa:64:28:15:7a:8d:03:ef:0f:8f:28:
2a:c4:4b:f9:4a:ac:d4:6b:e7:3e:4a:de:38:62:19:
2a:f4:3a:5a:3d:34:57:c9:c7:90:cb:0c:b8:99:05:
0f:cb:42:1d:fe:14:bb:4b:7b:19:38:3e:63:5d:c2:
51:77:51:70:3c:a3:43:9d:bb:58:c7:99:7b:84:da:
c2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:95:6A:41:91:29:C7:1E:57:5D:4B:73:88:2A:D3:80:8B:D4:53:96
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/mJVqQZEpxx5XXUtziCrTgIvUU5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.73.0-185.177.75.255
212.237.228.0/24
Signature Algorithm: sha256WithRSAEncryption
63:bd:6d:ef:b0:aa:82:8a:89:72:19:67:c5:37:97:c1:ed:15:
b6:61:2a:28:5d:06:6b:53:58:aa:0d:0e:c3:cd:f7:4d:e7:4a:
71:8e:e3:1f:ea:61:52:e8:2f:31:bb:93:cc:9b:f9:9a:88:1c:
d7:2e:21:4b:b0:fd:d6:26:43:d7:b3:cd:84:19:e2:33:53:12:
71:85:dd:19:a5:e8:6f:72:42:db:e5:cb:a8:73:3c:42:04:5d:
85:24:9f:27:8d:cb:d6:b0:69:ba:44:02:94:4d:95:4e:c0:05:
cf:50:69:3e:c8:6d:14:bf:56:08:b9:ce:cd:14:8e:f8:7c:2f:
e0:cb:ad:14:f6:51:f1:84:ac:cb:57:25:8b:5f:c4:5d:17:1d:
f7:9c:bd:06:2e:35:b4:ad:17:33:58:e6:63:f0:25:b0:e1:55:
28:0c:65:69:4b:c6:5b:34:72:27:c9:63:bd:14:f4:03:62:33:
1a:cf:f3:b8:d0:01:fb:6d:d8:c6:e8:28:ae:83:ad:a7:78:1b:
84:9c:54:21:a7:1c:87:5f:40:31:d4:ca:cd:07:0d:07:78:2f:
2d:fc:ef:51:21:53:d4:54:d3:50:21:a2:2b:11:90:3f:ac:a4:
2f:60:ea:dd:4b:ad:b4:d5:13:b7:f0:9d:0c:cb:05:f5:24:da:
18:1f:00:26
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzGSq/3ILATFE4IOJU08uLSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjQwMTAxMTgzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODk1NmE0MTkxMjljNzFlNTc1ZDRiNzM4ODJhZDM4MDhiZDQ1Mzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx62YBm2YqSFDZ1hcvMgSYlgOMbN
y6TpqR/tbMJqhK1qzHT7HSQEbWqVflOOo6RSsV0uE24LCnoj1gZo+4a+PvB8HIAx
s73BCbhmiAQLqINzEhaCAp/jEig5C1cuNCugPQ8E/BH59/GmGgy8SfpTcvht4h0C
4efnMhTqcqgEd9PezFGZiuNF4syLIR51Dz4AReBgHlwjTXZADysm1/XiHmdJJ3yE
9QqjBjvHW8c2MrH1/WCwJi2y+mQoFXqNA+8PjygqxEv5SqzUa+c+St44Yhkq9Dpa
PTRXyceQywy4mQUPy0Id/hS7S3sZOD5jXcJRd1FwPKNDnbtYx5l7hNrCLwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJiVakGRKcceV11Lc4gq04CL1FOWMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvbUpWcVFaRXB4eDVYWFV0emlDclRnSXZVVTVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAC5sUkD
BAK5sUgDBADU7eQwDQYJKoZIhvcNAQELBQADggEBAGO9be+wqoKKiXIZZ8U3l8Ht
FbZhKihdBmtTWKoNDsPN903nSnGO4x/qYVLoLzG7k8yb+ZqIHNcuIUuw/dYmQ9ez
zYQZ4jNTEnGF3Rml6G9yQtvly6hzPEIEXYUknyeNy9awabpEApRNlU7ABc9QaT7I
bRS/Vgi5zs0Ujvh8L+DLrRT2UfGErMtXJYtfxF0XHfecvQYuNbStFzNY5mPwJbDh
VSgMZWlLxls0cifJY70U9ANiMxrP87jQAftt2MboKK6Drad4G4ScVCGnHIdfQDHU
ys0HDQd4Ly3871EhU9RU01AhoisRkD+spC9g6t1LrbTVE7fwnQzLBfUk2hgfACY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:54 2024 by rpki-client on console-ams.rpki-client.org