Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Mj2K4ADlOFdcX4iTbkoQwURezRY.roa
File: Mj2K4ADlOFdcX4iTbkoQwURezRY.roa (raw, json)
Hash identifier: VGFbUNq4N/LsNfNKZ318KIsoV5d5wuyyYYOLUA0OHRY=
Subject key identifier: 32:3D:8A:E0:00:E5:38:57:5C:5F:88:93:6E:4A:10:C1:44:5E:CD:16
Certificate issuer: /CN=05e9fca0a8584feb1c12319071423061b08fe456
Certificate serial: 01837F41E64830E3277CE8ABF1F6FAE99597
Authority key identifier: 05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Mj2K4ADlOFdcX4iTbkoQwURezRY.roa
Signing time: Tue 27 Sep 2022 14:02:48 +0000
ROA not before: Tue 27 Sep 2022 14:02:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52104
IP address blocks: 88.218.60.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7f:41:e6:48:30:e3:27:7c:e8:ab:f1:f6:fa:e9:95:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05e9fca0a8584feb1c12319071423061b08fe456
Validity
Not Before: Sep 27 14:02:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=323d8ae000e538575c5f88936e4a10c1445ecd16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0a:b2:9a:f9:42:54:46:e6:02:23:12:57:53:
d5:cf:54:ef:a3:35:cb:bd:2d:bd:ab:93:6e:db:64:
3b:d4:d6:05:61:38:4f:38:e7:37:c1:73:22:19:de:
a0:70:f1:25:bc:0d:9e:e4:00:65:06:73:23:35:eb:
57:aa:20:00:1f:d2:56:ae:99:f9:fe:c9:a7:80:a4:
ea:89:0c:f9:ba:2b:29:e6:bb:a0:a8:64:65:e5:f4:
68:f1:d0:4f:96:f4:e9:01:f1:0b:d6:ca:9a:ae:23:
d6:f9:03:24:3e:38:ba:fb:9b:59:98:77:f9:d0:68:
03:db:dc:05:6d:9f:6a:83:f3:08:67:c6:20:ce:b5:
8e:29:87:09:fd:50:47:4a:6e:ed:66:d8:85:f7:56:
8f:ae:fa:8f:ae:8a:ce:cd:b2:d6:62:5c:7c:d4:1a:
ed:79:58:2b:05:95:54:f2:31:4b:9c:8f:41:a0:36:
d5:e5:6b:85:80:14:09:d2:d4:03:1a:65:b3:30:fa:
67:e0:87:61:15:31:d0:e7:12:48:58:63:e0:ce:a1:
65:07:30:ad:2c:54:e6:85:16:db:a0:7f:34:ab:21:
8d:f4:38:b2:87:2e:92:4c:b1:50:3c:8f:54:90:b5:
dc:ca:49:a4:73:26:19:16:a7:15:34:98:a5:15:48:
a4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:3D:8A:E0:00:E5:38:57:5C:5F:88:93:6E:4A:10:C1:44:5E:CD:16
X509v3 Authority Key Identifier:
keyid:05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Mj2K4ADlOFdcX4iTbkoQwURezRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.60.0/22
Signature Algorithm: sha256WithRSAEncryption
41:3e:d9:f7:b8:87:40:9a:1d:65:71:bd:78:ea:68:4d:48:4c:
87:69:ef:2e:e6:39:2d:13:cb:35:fa:8a:3f:65:f2:d9:c4:bb:
ad:fa:7a:31:f8:e8:af:38:9e:78:c2:b7:41:6d:75:19:4d:79:
0a:29:a7:c0:1c:0b:38:72:b5:ef:4a:28:79:88:37:63:d0:65:
d1:f8:98:3b:6d:50:78:53:9b:a9:de:41:ee:fd:ba:71:78:95:
82:b2:da:0a:c5:7f:95:06:b7:c6:9a:b9:d8:27:ce:e7:23:eb:
82:c5:8b:a1:61:d2:a5:e1:7c:4f:62:cb:52:8d:fe:77:ae:08:
9d:0c:6c:c3:f0:bf:3c:8a:0a:61:db:c2:af:27:2c:a7:0f:20:
72:09:57:2f:60:7f:94:b2:ad:e1:d1:f5:43:b4:74:dd:0f:9f:
2b:44:b6:f3:f3:3d:73:36:6f:42:03:86:83:5d:16:a9:be:d2:
20:24:d6:2b:b3:94:2e:ce:36:22:37:9b:53:4b:53:38:da:5a:
4c:5c:8d:ec:f9:d5:bc:9f:0b:fe:f3:3c:d1:c8:ae:f2:47:28:
c7:41:c6:8f:99:65:f4:cb:be:bc:da:dc:2c:97:85:70:1a:2a:
dc:19:e6:dc:ec:42:1e:2c:9c:06:9a:60:0d:0b:c7:aa:2c:1d:
5f:d2:63:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYN/QeZIMOMnfOir8fb66ZWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZTlmY2EwYTg1ODRmZWIxYzEyMzE5MDcxNDIzMDYxYjA4
ZmU0NTYwHhcNMjIwOTI3MTQwMjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjNkOGFlMDAwZTUzODU3NWM1Zjg4OTM2ZTRhMTBjMTQ0NWVjZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwqymvlCVEbmAiMSV1PVz1TvozXL
vS29q5Nu22Q71NYFYThPOOc3wXMiGd6gcPElvA2e5ABlBnMjNetXqiAAH9JWrpn5
/smngKTqiQz5uisp5rugqGRl5fRo8dBPlvTpAfEL1sqariPW+QMkPji6+5tZmHf5
0GgD29wFbZ9qg/MIZ8YgzrWOKYcJ/VBHSm7tZtiF91aPrvqProrOzbLWYlx81Brt
eVgrBZVU8jFLnI9BoDbV5WuFgBQJ0tQDGmWzMPpn4IdhFTHQ5xJIWGPgzqFlBzCt
LFTmhRbboH80qyGN9Diyhy6STLFQPI9UkLXcykmkcyYZFqcVNJilFUikOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDI9iuAA5ThXXF+Ik25KEMFEXs0WMB8GA1UdIwQY
MBaAFAXp/KCoWE/rHBIxkHFCMGGwj+RWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMt
ZGVlM2VkNDk3YWVlLzEvTWoySzRBRGxPRmRjWDRpVGJrb1F3VVJlelJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMtZGVlM2VkNDk3YWVl
LzEvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWNo8MA0G
CSqGSIb3DQEBCwUAA4IBAQBBPtn3uIdAmh1lcb146mhNSEyHae8u5jktE8s1+oo/
ZfLZxLut+nox+OivOJ54wrdBbXUZTXkKKafAHAs4crXvSih5iDdj0GXR+Jg7bVB4
U5up3kHu/bpxeJWCstoKxX+VBrfGmrnYJ87nI+uCxYuhYdKl4XxPYstSjf53rgid
DGzD8L88igph28KvJyynDyByCVcvYH+Usq3h0fVDtHTdD58rRLbz8z1zNm9CA4aD
XRapvtIgJNYrs5QuzjYiN5tTS1M42lpMXI3s+dW8nwv+8zzRyK7yRyjHQcaPmWX0
y7682twsl4VwGircGebc7EIeLJwGmmANC8eqLB1f0mP1
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:01 2023 by rpki-client on console-ams.rpki-client.org