Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/mUhSMSbMrXyQzGGhKJ57oaodfoE.roa
File: mUhSMSbMrXyQzGGhKJ57oaodfoE.roa (raw, json)
Hash identifier: q0A7lFU2p5qC7Cj5LfOWlhAWUCxt8T47lKPA4BrHC78=
Subject key identifier: 99:48:52:31:26:CC:AD:7C:90:CC:61:A1:28:9E:7B:A1:AA:1D:7E:81
Certificate issuer: /CN=62bd6c2bdf61e23eafe23dde016db8b3e1595f76
Certificate serial: 018CC424751D620EFC0BD7AA199901B274D2
Authority key identifier: 62:BD:6C:2B:DF:61:E2:3E:AF:E2:3D:DE:01:6D:B8:B3:E1:59:5F:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr1sK99h4j6v4j3eAW24s-FZX3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/mUhSMSbMrXyQzGGhKJ57oaodfoE.roa
Signing time: Mon 01 Jan 2024 08:29:32 +0000
ROA not before: Mon 01 Jan 2024 08:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42074
IP address blocks: 91.218.195.0/24 maxlen: 24
91.218.194.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:75:1d:62:0e:fc:0b:d7:aa:19:99:01:b2:74:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62bd6c2bdf61e23eafe23dde016db8b3e1595f76
Validity
Not Before: Jan 1 08:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9948523126ccad7c90cc61a1289e7ba1aa1d7e81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b5:55:34:e5:eb:4a:f7:ba:81:85:9d:d5:30:
f0:b0:0c:1f:7d:b8:ed:77:a9:bd:41:94:33:51:43:
f9:e6:70:84:71:54:93:0e:f2:d3:f5:7d:4a:81:92:
95:d7:da:64:1a:1e:ec:96:c4:1c:e9:db:a5:67:a0:
dc:89:ca:67:e3:e9:c5:14:59:fc:cf:f8:72:ea:6e:
af:0b:0f:da:c4:e5:d2:2d:16:72:1d:70:1a:71:de:
d4:2d:7c:1d:0f:a8:ea:7a:74:3d:62:95:a9:63:f8:
8d:a6:34:7d:dd:f6:67:f8:35:50:cd:93:ab:9e:b0:
47:b4:2a:37:b8:cd:d4:e1:92:e2:42:d7:ea:5c:b0:
35:4e:94:f4:63:64:25:77:5d:10:0a:ca:b3:43:ef:
39:10:3c:e5:ba:b0:d4:f0:90:7b:34:cc:cd:bb:54:
e7:4a:a8:84:a4:72:75:1e:a8:af:77:2b:d1:cb:9f:
4c:77:61:c3:54:2c:f3:dc:2b:6f:39:c5:af:64:14:
b7:c5:e1:01:48:3d:a0:8f:b8:79:c7:d4:d0:c1:f5:
c9:ab:b1:22:b0:1c:03:86:35:6c:0c:31:9f:a4:5b:
24:16:9d:60:1e:21:05:cf:46:a7:b3:10:64:ca:e7:
39:f6:46:81:80:8d:e1:94:73:c2:93:d7:cb:34:2c:
c6:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:48:52:31:26:CC:AD:7C:90:CC:61:A1:28:9E:7B:A1:AA:1D:7E:81
X509v3 Authority Key Identifier:
keyid:62:BD:6C:2B:DF:61:E2:3E:AF:E2:3D:DE:01:6D:B8:B3:E1:59:5F:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr1sK99h4j6v4j3eAW24s-FZX3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/mUhSMSbMrXyQzGGhKJ57oaodfoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4c9d73-f805-4d72-8a37-b82b0ed2d323/1/Yr1sK99h4j6v4j3eAW24s-FZX3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.194.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:6d:64:92:39:ed:cb:67:10:53:d3:ec:a2:a8:82:11:8e:89:
0c:5a:7b:35:c3:a9:f0:f5:9b:14:d9:1e:d7:59:02:ec:b5:dd:
89:f8:4a:e9:91:5a:1b:d2:8f:c4:f7:db:e8:45:96:63:73:7d:
2d:5b:a7:f6:14:2a:50:6e:e4:d7:b4:1c:93:26:43:11:07:e7:
ed:43:5a:96:10:b6:12:51:f4:ae:d6:d4:4d:87:d9:ec:c8:5f:
7e:83:6e:f6:27:6c:ff:cc:51:a1:d1:89:11:08:ab:61:05:a2:
3d:1b:2a:27:16:2c:be:84:8a:67:f3:a3:dd:ad:e6:1c:54:61:
68:30:70:da:79:3d:7d:cc:20:b7:99:55:df:2d:d7:5f:a0:6d:
63:7d:aa:1e:8e:9e:71:fc:0e:55:70:52:81:4e:e1:dc:bf:05:
f0:b4:62:fe:4f:eb:3e:4e:3b:02:51:68:a7:af:03:86:26:e1:
8a:34:97:c4:7e:af:1f:b9:a9:f6:83:d6:4e:e0:42:49:f7:ee:
5f:fd:12:dc:c6:10:10:9f:48:e6:c5:fb:a9:95:cb:d2:bb:de:
75:6c:f9:35:15:d7:7b:95:d4:de:43:f0:0a:73:94:44:72:23:
1c:99:b1:56:1b:e4:f6:cb:52:2d:ae:99:00:b2:8e:c7:f0:03:
7b:db:b6:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJHUdYg78C9eqGZkBsnTSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYmQ2YzJiZGY2MWUyM2VhZmUyM2RkZTAxNmRiOGIzZTE1
OTVmNzYwHhcNMjQwMTAxMDgyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTQ4NTIzMTI2Y2NhZDdjOTBjYzYxYTEyODllN2JhMWFhMWQ3ZTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrVVNOXrSve6gYWd1TDwsAwffbjt
d6m9QZQzUUP55nCEcVSTDvLT9X1KgZKV19pkGh7slsQc6dulZ6Dcicpn4+nFFFn8
z/hy6m6vCw/axOXSLRZyHXAacd7ULXwdD6jqenQ9YpWpY/iNpjR93fZn+DVQzZOr
nrBHtCo3uM3U4ZLiQtfqXLA1TpT0Y2Qld10QCsqzQ+85EDzlurDU8JB7NMzNu1Tn
SqiEpHJ1HqivdyvRy59Md2HDVCzz3CtvOcWvZBS3xeEBSD2gj7h5x9TQwfXJq7Ei
sBwDhjVsDDGfpFskFp1gHiEFz0ansxBkyuc59kaBgI3hlHPCk9fLNCzGKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJlIUjEmzK18kMxhoSiee6GqHX6BMB8GA1UdIwQY
MBaAFGK9bCvfYeI+r+I93gFtuLPhWV92MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXIxc0s5OWg0ajZ2NGozZUFXMjRzLUZaWDNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80YzlkNzMtZjgwNS00ZDcyLThhMzct
YjgyYjBlZDJkMzIzLzEvbVVoU01TYk1yWHlRekdHaEtKNTdvYW9kZm9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi80YzlkNzMtZjgwNS00ZDcyLThhMzctYjgyYjBlZDJkMzIz
LzEvWXIxc0s5OWg0ajZ2NGozZUFXMjRzLUZaWDNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW9rCMA0G
CSqGSIb3DQEBCwUAA4IBAQAObWSSOe3LZxBT0+yiqIIRjokMWns1w6nw9ZsU2R7X
WQLstd2J+ErpkVob0o/E99voRZZjc30tW6f2FCpQbuTXtByTJkMRB+ftQ1qWELYS
UfSu1tRNh9nsyF9+g272J2z/zFGh0YkRCKthBaI9GyonFiy+hIpn86PdreYcVGFo
MHDaeT19zCC3mVXfLddfoG1jfaoejp5x/A5VcFKBTuHcvwXwtGL+T+s+TjsCUWin
rwOGJuGKNJfEfq8fuan2g9ZO4EJJ9+5f/RLcxhAQn0jmxfuplcvSu951bPk1Fdd7
ldTeQ/AKc5REciMcmbFWG+T2y1ItrpkAso7H8AN727Z0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:57 2024 by rpki-client on console-ams.rpki-client.org