Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/mvRMjtSscD_3s7BiJlB6iQqmXpE.roa
File: mvRMjtSscD_3s7BiJlB6iQqmXpE.roa (raw, json)
Hash identifier: MNUi5cnljGyjFHES/VekJSSSgV6y//bV+aOieQtuG4U=
Subject key identifier: 9A:F4:4C:8E:D4:AC:70:3F:F7:B3:B0:62:26:50:7A:89:0A:A6:5E:91
Certificate issuer: /CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Certificate serial: 03E0AEA9
Authority key identifier: 20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/mvRMjtSscD_3s7BiJlB6iQqmXpE.roa
Signing time: Sat 01 Jan 2022 13:04:35 +0000
ROA not before: Sat 01 Jan 2022 13:04:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201601
IP address blocks: 85.92.119.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65056425 (0x3e0aea9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Validity
Not Before: Jan 1 13:04:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9af44c8ed4ac703ff7b3b06226507a890aa65e91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:02:86:d1:06:b1:1a:7a:25:5f:d2:8e:99:97:
e2:5b:68:d7:f9:22:a8:46:34:a5:af:1c:ab:d6:8b:
fe:ed:cc:86:90:3f:ba:e3:b3:51:53:ef:b2:1e:05:
50:97:9a:eb:f2:8f:2d:86:df:d8:9b:77:f5:84:4e:
67:51:80:b5:9d:52:7c:24:e8:78:fa:26:fb:35:da:
d6:a0:8e:10:7d:07:39:2e:58:89:73:b1:a9:d1:16:
75:49:59:37:4c:81:b0:d4:38:33:1e:c8:a9:7b:0f:
e4:0a:d4:1d:60:70:5b:84:78:b5:23:60:37:8d:b5:
4a:18:c2:10:df:7b:9c:a9:0e:64:0a:ae:2a:10:a0:
08:25:1f:99:97:0d:19:7e:84:9e:10:39:c7:13:6e:
00:ad:b9:8b:e7:7f:32:f3:e3:17:e7:04:1e:fe:b8:
d3:00:5d:dc:8a:e6:0c:e4:8e:f2:00:cd:de:d8:ee:
76:ef:2c:2b:ba:e8:96:cd:c7:1f:6a:f4:83:35:51:
b9:d0:c9:2a:23:54:97:80:69:47:4e:47:f5:d6:90:
df:e9:65:5b:8f:f8:bb:9b:26:62:dd:34:41:42:e3:
13:b4:16:2a:1f:13:6c:6a:90:65:29:43:d6:ae:e7:
b9:0d:f9:51:1e:cc:51:6d:54:71:5d:64:7c:6d:0c:
55:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F4:4C:8E:D4:AC:70:3F:F7:B3:B0:62:26:50:7A:89:0A:A6:5E:91
X509v3 Authority Key Identifier:
keyid:20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/mvRMjtSscD_3s7BiJlB6iQqmXpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.92.119.0/24
Signature Algorithm: sha256WithRSAEncryption
82:db:b0:ca:b7:9a:70:ba:05:77:64:b1:df:cf:d1:b9:08:5c:
2a:ed:5b:a5:a0:cf:53:d8:23:a5:81:38:9c:ad:cd:1d:5f:57:
c9:9f:d9:a9:38:46:69:92:de:72:95:a6:02:f2:bd:85:a3:31:
ce:9b:66:2f:d9:7f:d2:bf:10:df:72:c9:b9:97:71:32:38:64:
55:72:9b:14:46:89:5c:a9:ca:26:1e:b7:c2:e9:df:dd:bc:1a:
70:d0:10:34:de:c4:d3:f4:9f:a4:d3:49:98:36:d0:76:67:16:
c3:f2:e3:bf:70:75:90:ba:d5:74:ef:56:97:08:4d:7b:be:80:
9c:d8:87:0e:32:77:66:7e:cc:52:05:a1:c4:07:e2:06:f2:86:
b4:1d:81:ab:05:f1:b8:4c:44:69:30:31:cb:8f:9e:e7:c6:a4:
6d:b7:5e:fa:90:7c:c4:31:f1:43:1a:ab:d9:00:e4:f8:2c:83:
92:4b:ec:56:f3:af:bb:3a:67:ad:d6:7d:10:25:93:b3:26:06:
a6:0b:71:07:96:e6:96:6f:1b:37:46:60:9a:39:75:31:3b:65:
0a:f2:16:e4:22:20:91:97:c6:0c:8f:1a:fb:c6:71:c2:12:6d:
06:3a:4d:93:ef:d0:59:e9:aa:b9:63:76:b9:de:b5:41:f3:d7:
8a:b4:0d:85
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+CuqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MGNhMmQ0Y2IzZTU2YjVkMjk5NzBhOTdmYzY0NWViMmZkNjg3NmExMB4XDTIyMDEw
MTEzMDQzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWFmNDRjOGVkNGFj
NzAzZmY3YjNiMDYyMjY1MDdhODkwYWE2NWU5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0ChtEGsRp6JV/SjpmX4lto1/kiqEY0pa8cq9aL/u3MhpA/
uuOzUVPvsh4FUJea6/KPLYbf2Jt39YROZ1GAtZ1SfCToePom+zXa1qCOEH0HOS5Y
iXOxqdEWdUlZN0yBsNQ4Mx7IqXsP5ArUHWBwW4R4tSNgN421ShjCEN97nKkOZAqu
KhCgCCUfmZcNGX6EnhA5xxNuAK25i+d/MvPjF+cEHv640wBd3IrmDOSO8gDN3tju
du8sK7rols3HH2r0gzVRudDJKiNUl4BpR05H9daQ3+llW4/4u5smYt00QULjE7QW
Kh8TbGqQZSlD1q7nuQ35UR7MUW1UcV1kfG0MVXMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSa9EyO1KxwP/ezsGImUHqJCqZekTAfBgNVHSMEGDAWgBQgyi1Ms+VrXSmX
Cpf8ZF6y/Wh2oTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lNb3RUTFBsYTEwcGx3cVhfR1Jlc3Yxb2RxRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvMmMyODE3LTM3MDEtNDc4My04ZmJkLWVlYzQ4ODVjNGY4ZC8x
L212Uk1qdFNzY0RfM3M3QmlKbEI2aVFxbVhwRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
MmMyODE3LTM3MDEtNDc4My04ZmJkLWVlYzQ4ODVjNGY4ZC8xL0lNb3RUTFBsYTEw
cGx3cVhfR1Jlc3Yxb2RxRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFVcdzANBgkqhkiG9w0BAQsFAAOC
AQEAgtuwyreacLoFd2Sx38/RuQhcKu1bpaDPU9gjpYE4nK3NHV9XyZ/ZqThGaZLe
cpWmAvK9haMxzptmL9l/0r8Q33LJuZdxMjhkVXKbFEaJXKnKJh63wunf3bwacNAQ
NN7E0/SfpNNJmDbQdmcWw/Ljv3B1kLrVdO9WlwhNe76AnNiHDjJ3Zn7MUgWhxAfi
BvKGtB2BqwXxuExEaTAxy4+e58akbbde+pB8xDHxQxqr2QDk+CyDkkvsVvOvuzpn
rdZ9ECWTsyYGpgtxB5bmlm8bN0Zgmjl1MTtlCvIW5CIgkZfGDI8a+8ZxwhJtBjpN
k+/QWemquWN2ud61QfPXirQNhQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:24 2023 by rpki-client on console-ams.rpki-client.org