Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/MQ5BY97WYFpQDeyy_0N6l-jzuLs.roa
File: MQ5BY97WYFpQDeyy_0N6l-jzuLs.roa (raw, json)
Hash identifier: s03nenIybxruSr9R/CTvhgpHluR3HLew0GDI6fc6C34=
Subject key identifier: 31:0E:41:63:DE:D6:60:5A:50:0D:EC:B2:FF:43:7A:97:E8:F3:B8:BB
Certificate issuer: /CN=a4f8436003d37602026b65531755ca8fcd31bed2
Certificate serial: 01906A2132162BA4912267A80E090A7A9A06
Authority key identifier: A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/MQ5BY97WYFpQDeyy_0N6l-jzuLs.roa
Signing time: Sun 30 Jun 2024 17:11:18 +0000
ROA not before: Sun 30 Jun 2024 17:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61397
IP address blocks: 78.109.208.0/20 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6a:21:32:16:2b:a4:91:22:67:a8:0e:09:0a:7a:9a:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f8436003d37602026b65531755ca8fcd31bed2
Validity
Not Before: Jun 30 17:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=310e4163ded6605a500decb2ff437a97e8f3b8bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d2:70:a0:2a:90:e2:ea:4d:4a:7b:15:4a:ac:
e4:7e:53:46:6e:e6:4b:b9:02:2e:bc:fb:2e:70:f8:
f6:4d:8e:89:b2:57:bb:11:32:7e:66:1e:9d:95:46:
68:9a:c5:10:5b:f3:4b:e6:61:89:c1:92:1f:2f:af:
e2:50:4b:3e:9c:51:af:f0:ba:b4:bd:9c:cf:85:53:
98:a9:0a:cc:25:dc:46:37:9d:97:5e:4f:6c:2b:98:
62:9c:94:59:0a:fe:f5:44:6a:16:27:3a:be:22:f3:
d7:7d:dc:ab:a0:43:82:18:92:26:d9:fb:b4:2b:14:
33:57:b6:e3:98:14:fc:d3:26:97:56:8c:de:d4:52:
80:45:3b:c9:32:3e:40:d0:57:e9:3f:3d:46:c6:b1:
44:66:8e:29:58:b1:3e:61:07:8e:d0:f6:84:d6:86:
cd:26:de:5f:03:6f:18:e8:6a:49:af:38:ab:5f:39:
ca:fd:6f:04:fb:98:62:df:1e:55:27:e7:b9:94:e5:
28:2a:55:4f:75:01:d4:8f:90:3e:26:88:03:17:4e:
f1:98:df:74:ad:5b:4d:33:94:f3:d7:0d:39:02:d7:
75:25:fa:53:7c:93:c0:bb:be:6b:42:99:55:d7:47:
47:56:9e:4c:6f:50:39:5d:48:09:1c:67:63:81:88:
74:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:0E:41:63:DE:D6:60:5A:50:0D:EC:B2:FF:43:7A:97:E8:F3:B8:BB
X509v3 Authority Key Identifier:
keyid:A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/MQ5BY97WYFpQDeyy_0N6l-jzuLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/pPhDYAPTdgICa2VTF1XKj80xvtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.208.0/20
Signature Algorithm: sha256WithRSAEncryption
98:c1:02:cd:46:64:3f:56:70:7b:06:55:48:fa:a8:2d:1a:5d:
83:ef:b6:f7:c3:dd:ed:8f:88:ab:24:44:9b:5c:6e:9a:93:de:
02:ef:51:a0:0b:95:da:5a:ab:47:32:c5:0a:8a:41:46:3a:bb:
c5:6d:e9:34:89:c0:df:c7:b7:70:43:59:de:28:f0:36:4f:5c:
e4:55:a4:93:ed:6c:53:6c:83:8e:5b:dd:f3:95:e5:98:8d:b9:
88:cb:e5:f1:66:03:03:d0:70:49:2e:4a:0f:44:f9:ad:fc:02:
8f:72:60:07:53:12:ac:4d:c7:9d:b7:e8:15:c7:6c:b9:fd:a3:
4f:95:2a:f0:e4:00:22:37:ee:1d:e8:53:6d:82:b4:b8:9c:0a:
3d:5c:66:8d:07:ca:b4:3c:e1:56:8c:c4:d1:a1:87:8c:e5:00:
d1:5f:1a:6a:78:70:2c:fc:0f:df:31:63:c4:d5:6a:d6:f8:1a:
4b:3e:48:f7:52:5c:4c:73:28:b2:09:23:25:62:12:38:4f:03:
7c:e5:21:3c:2f:39:f8:9b:b8:31:9b:a0:4a:fc:af:91:23:19:
e6:84:1d:e2:95:76:8d:ad:e6:36:d1:eb:8d:af:d7:3e:b9:5b:
90:84:e6:65:0c:ea:15:1c:d7:25:cb:db:b4:1f:d4:c4:b3:ac:
a6:13:95:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBqITIWK6SRImeoDgkKepoGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Zjg0MzYwMDNkMzc2MDIwMjZiNjU1MzE3NTVjYThmY2Qz
MWJlZDIwHhcNMjQwNjMwMTcxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTBlNDE2M2RlZDY2MDVhNTAwZGVjYjJmZjQzN2E5N2U4ZjNiOGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tJwoCqQ4upNSnsVSqzkflNGbuZL
uQIuvPsucPj2TY6Jsle7ETJ+Zh6dlUZomsUQW/NL5mGJwZIfL6/iUEs+nFGv8Lq0
vZzPhVOYqQrMJdxGN52XXk9sK5hinJRZCv71RGoWJzq+IvPXfdyroEOCGJIm2fu0
KxQzV7bjmBT80yaXVoze1FKARTvJMj5A0FfpPz1GxrFEZo4pWLE+YQeO0PaE1obN
Jt5fA28Y6GpJrzirXznK/W8E+5hi3x5VJ+e5lOUoKlVPdQHUj5A+JogDF07xmN90
rVtNM5Tz1w05Atd1JfpTfJPAu75rQplV10dHVp5Mb1A5XUgJHGdjgYh03wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDEOQWPe1mBaUA3ssv9Depfo87i7MB8GA1UdIwQY
MBaAFKT4Q2AD03YCAmtlUxdVyo/NMb7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQt
MjdiZjgzY2RlZDZiLzEvTVE1Qlk5N1dZRnBRRGV5eV8wTjZsLWp6dUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQtMjdiZjgzY2RlZDZi
LzEvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQETm3QMA0G
CSqGSIb3DQEBCwUAA4IBAQCYwQLNRmQ/VnB7BlVI+qgtGl2D77b3w93tj4irJESb
XG6ak94C71GgC5XaWqtHMsUKikFGOrvFbek0icDfx7dwQ1neKPA2T1zkVaST7WxT
bIOOW93zleWYjbmIy+XxZgMD0HBJLkoPRPmt/AKPcmAHUxKsTcedt+gVx2y5/aNP
lSrw5AAiN+4d6FNtgrS4nAo9XGaNB8q0POFWjMTRoYeM5QDRXxpqeHAs/A/fMWPE
1WrW+BpLPkj3UlxMcyiyCSMlYhI4TwN85SE8Lzn4m7gxm6BK/K+RIxnmhB3ilXaN
reY20euNr9c+uVuQhOZlDOoVHNcly9u0H9TEs6ymE5WY
-----END CERTIFICATE-----
Generated at Tue Aug 20 13:32:11 2024 by rpki-client on console-ams.rpki-client.org