Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/MGuIGeo0w6IVND86I-pHKxcQXyQ.roa
File: MGuIGeo0w6IVND86I-pHKxcQXyQ.roa (raw, json)
Hash identifier: aCyuBYVmn60Pbjh4UbgqXt9dxaU4I/i5TRyhDRthzh0=
Subject key identifier: 30:6B:88:19:EA:34:C3:A2:15:34:3F:3A:23:EA:47:2B:17:10:5F:24
Certificate issuer: /CN=39019f9c0ab29b42e0db12e9ac87b327bfc55af9
Certificate serial: 01856C138C68A63B27A06344F31898D45A9B
Authority key identifier: 39:01:9F:9C:0A:B2:9B:42:E0:DB:12:E9:AC:87:B3:27:BF:C5:5A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/MGuIGeo0w6IVND86I-pHKxcQXyQ.roa
Signing time: Sun 01 Jan 2023 06:44:58 +0000
ROA not before: Sun 01 Jan 2023 06:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208722
IP address blocks: 45.87.132.0/22 maxlen: 24
2a0e:fd80::/29 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:8c:68:a6:3b:27:a0:63:44:f3:18:98:d4:5a:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39019f9c0ab29b42e0db12e9ac87b327bfc55af9
Validity
Not Before: Jan 1 06:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=306b8819ea34c3a215343f3a23ea472b17105f24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9c:a5:08:4e:a2:a1:59:43:ef:82:47:33:b6:
46:69:45:f2:96:a5:4b:b2:05:10:08:f1:35:6c:1b:
73:c2:e1:c9:0f:f8:46:01:22:e8:21:25:d7:02:7c:
13:00:74:df:f4:f6:58:68:27:25:e7:78:70:35:fc:
c8:08:76:2a:4d:17:cb:7e:49:17:a5:03:19:d2:54:
ed:8f:3c:d3:0b:c4:f3:1d:a1:98:7e:59:86:e3:fc:
2e:df:c4:a1:8c:33:f3:92:d4:6f:fa:6d:a2:d7:0f:
e2:7b:0f:4e:e9:19:6e:39:29:56:7e:bc:a6:ab:09:
15:41:6b:7d:f2:b0:7d:e6:7d:1d:cb:aa:33:b7:90:
dc:db:18:7d:7d:20:7d:97:1d:2e:8c:91:1f:bd:b3:
fd:a0:15:ee:63:46:70:b9:41:21:bc:01:79:b0:9b:
37:91:94:d3:69:56:5d:b5:fb:eb:1d:30:6e:ff:a9:
4c:9a:d0:96:e7:09:42:66:ba:92:c8:84:9c:fd:6a:
c7:b7:db:5a:62:fe:c0:4e:69:9d:04:57:06:96:e2:
9a:ac:4f:21:e0:ca:57:97:1a:e4:4b:f9:f9:5f:b1:
ef:86:d8:0a:bb:07:61:72:c1:98:0a:2e:65:af:7b:
87:02:c8:58:e7:4f:bd:b6:51:ff:70:1a:ee:89:f6:
40:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:6B:88:19:EA:34:C3:A2:15:34:3F:3A:23:EA:47:2B:17:10:5F:24
X509v3 Authority Key Identifier:
keyid:39:01:9F:9C:0A:B2:9B:42:E0:DB:12:E9:AC:87:B3:27:BF:C5:5A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQGfnAqym0Lg2xLprIezJ7_FWvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/MGuIGeo0w6IVND86I-pHKxcQXyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/430c81-ee4b-4e88-a36f-788f5a58044f/1/OQGfnAqym0Lg2xLprIezJ7_FWvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.132.0/22
IPv6:
2a0e:fd80::/29
Signature Algorithm: sha256WithRSAEncryption
7a:e2:2d:4f:f3:a0:fc:01:d1:b0:48:77:9a:fa:0d:c1:71:86:
82:a2:d4:fe:e7:1e:58:1d:c9:50:15:d6:1d:1c:b2:c7:2e:97:
5d:71:ee:c2:ea:32:58:db:55:5b:c7:49:af:56:ae:fe:64:6c:
2c:dd:f8:ee:cf:68:fa:7a:5a:38:9f:4f:79:36:87:b1:d9:5a:
63:33:44:e1:80:ae:bf:96:61:1f:b4:11:5c:67:fd:74:96:4f:
e9:56:25:5e:01:77:ed:97:d3:31:0b:5e:42:8c:b2:df:aa:65:
39:3d:56:f5:f9:7c:92:ad:a7:b1:3b:8e:e4:05:f1:b8:a9:20:
f0:69:9e:a0:9b:be:00:9e:03:5a:a8:be:f9:53:d8:9d:37:6a:
19:6f:4c:32:84:e8:37:10:ed:c3:09:f9:89:a7:23:31:94:3e:
50:d4:7c:d6:38:77:8b:88:aa:a6:4e:ac:70:51:d9:7f:20:c9:
98:d7:a0:cf:37:25:ef:d8:06:21:11:cf:d5:a2:8d:ba:ce:8b:
af:ec:5d:41:98:14:66:65:5d:5a:08:14:be:35:6d:eb:6f:57:
e1:3a:fa:c4:4c:79:9a:0d:97:41:a0:3f:2b:56:3e:bf:2c:58:
cc:f6:ed:92:38:06:0f:6b:a0:81:64:98:33:3c:dd:54:2b:1a:
ce:e5:7d:a2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsE4xopjsnoGNE8xiY1FqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDE5ZjljMGFiMjliNDJlMGRiMTJlOWFjODdiMzI3YmZj
NTVhZjkwHhcNMjMwMTAxMDY0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDZiODgxOWVhMzRjM2EyMTUzNDNmM2EyM2VhNDcyYjE3MTA1ZjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZylCE6ioVlD74JHM7ZGaUXylqVL
sgUQCPE1bBtzwuHJD/hGASLoISXXAnwTAHTf9PZYaCcl53hwNfzICHYqTRfLfkkX
pQMZ0lTtjzzTC8TzHaGYflmG4/wu38ShjDPzktRv+m2i1w/iew9O6RluOSlWfrym
qwkVQWt98rB95n0dy6ozt5Dc2xh9fSB9lx0ujJEfvbP9oBXuY0ZwuUEhvAF5sJs3
kZTTaVZdtfvrHTBu/6lMmtCW5wlCZrqSyISc/WrHt9taYv7ATmmdBFcGluKarE8h
4MpXlxrkS/n5X7HvhtgKuwdhcsGYCi5lr3uHAshY50+9tlH/cBruifZAMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDBriBnqNMOiFTQ/OiPqRysXEF8kMB8GA1UdIwQY
MBaAFDkBn5wKsptC4NsS6ayHsye/xVr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FHZm5BcXltMExnMnhMcHJJZXpKN19GV3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80MzBjODEtZWU0Yi00ZTg4LWEzNmYt
Nzg4ZjVhNTgwNDRmLzEvTUd1SUdlbzB3NklWTkQ4NkktcEhLeGNRWHlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80MzBjODEtZWU0Yi00ZTg4LWEzNmYtNzg4ZjVhNTgwNDRm
LzEvT1FHZm5BcXltMExnMnhMcHJJZXpKN19GV3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVeEMA0E
AgACMAcDBQMqDv2AMA0GCSqGSIb3DQEBCwUAA4IBAQB64i1P86D8AdGwSHea+g3B
cYaCotT+5x5YHclQFdYdHLLHLpddce7C6jJY21Vbx0mvVq7+ZGws3fjuz2j6elo4
n095Noex2VpjM0ThgK6/lmEftBFcZ/10lk/pViVeAXftl9MxC15CjLLfqmU5PVb1
+XySraexO47kBfG4qSDwaZ6gm74AngNaqL75U9idN2oZb0wyhOg3EO3DCfmJpyMx
lD5Q1HzWOHeLiKqmTqxwUdl/IMmY16DPNyXv2AYhEc/Voo26zouv7F1BmBRmZV1a
CBS+NW3rb1fhOvrETHmaDZdBoD8rVj6/LFjM9u2SOAYPa6CBZJgzPN1UKxrO5X2i
-----END CERTIFICATE-----
Generated at Tue Aug 22 10:18:05 2023 by rpki-client on console-ams.rpki-client.org