Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/MXiwKWiZP6FasyTHSTMdWkjoNNM.roa
File: MXiwKWiZP6FasyTHSTMdWkjoNNM.roa (raw, json)
Hash identifier: txxQ0+9wx30nEsWskEfAtA5nCIm7OKF3GBb1BIlHMX4=
Subject key identifier: 31:78:B0:29:68:99:3F:A1:5A:B3:24:C7:49:33:1D:5A:48:E8:34:D3
Certificate issuer: /CN=ab1d0e7e818baf9a7afb9866124292a61aafb8ca
Certificate serial: 0189535698CC2604CB34FF7C1B8A20D6CE0F
Authority key identifier: AB:1D:0E:7E:81:8B:AF:9A:7A:FB:98:66:12:42:92:A6:1A:AF:B8:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qx0OfoGLr5p6-5hmEkKSphqvuMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/MXiwKWiZP6FasyTHSTMdWkjoNNM.roa
Signing time: Fri 14 Jul 2023 07:38:51 +0000
ROA not before: Fri 14 Jul 2023 07:38:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59674
IP address blocks: 5.250.241.0/24 maxlen: 24
5.250.243.0/24 maxlen: 24
5.250.244.0/24 maxlen: 24
5.250.242.0/24 maxlen: 24
5.250.245.0/24 maxlen: 24
5.250.246.0/24 maxlen: 24
5.250.252.0/24 maxlen: 24
5.250.253.0/24 maxlen: 24
5.250.247.0/24 maxlen: 24
5.250.248.0/24 maxlen: 24
5.250.250.0/24 maxlen: 24
5.250.251.0/24 maxlen: 24
5.250.249.0/24 maxlen: 24
185.67.123.0/24 maxlen: 24
185.67.121.0/24 maxlen: 24
185.67.122.0/24 maxlen: 24
5.250.240.0/24 maxlen: 24
2a05:e80::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:53:56:98:cc:26:04:cb:34:ff:7c:1b:8a:20:d6:ce:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab1d0e7e818baf9a7afb9866124292a61aafb8ca
Validity
Not Before: Jul 14 07:38:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3178b02968993fa15ab324c749331d5a48e834d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1c:0b:5c:86:7e:44:25:8a:97:d5:43:af:a2:
8e:58:1b:08:d3:6a:2c:57:04:a2:e5:12:c4:df:19:
98:3e:6f:d6:86:88:f8:96:0e:26:0d:13:a4:cc:d2:
71:db:c9:4a:73:8c:02:ad:2c:4d:d1:02:30:75:14:
00:e8:a4:e7:1b:9a:55:a7:39:28:d0:b0:4e:57:9a:
68:4a:7d:61:7b:24:f9:ec:0b:6c:8d:03:24:0a:33:
d3:59:39:6e:c6:a7:2a:e0:71:4f:19:e9:fc:4f:1e:
56:3a:48:9f:67:e5:11:e2:9c:b3:53:cb:26:74:02:
02:e2:15:c5:54:16:d5:b1:6d:bc:a2:ec:42:6c:0c:
77:0d:80:47:ac:0f:6d:3d:99:5a:11:22:bf:72:4b:
93:d8:4f:bf:a6:cd:78:aa:72:53:e3:fd:c6:72:5a:
3c:21:0b:09:f1:e7:b4:10:7c:6a:bb:7f:97:8b:36:
b7:21:34:97:bf:bf:93:34:68:1a:00:8b:9a:db:52:
a2:2a:11:b0:8c:1b:c7:c5:6e:6c:00:ac:48:ce:1d:
64:21:89:d2:be:5b:54:c7:3b:8d:a9:df:95:2e:7d:
89:23:52:89:43:80:1f:c6:0b:de:c1:53:d6:85:ec:
f0:e4:2f:cb:ea:f8:99:0a:32:18:11:69:9b:89:63:
6b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:78:B0:29:68:99:3F:A1:5A:B3:24:C7:49:33:1D:5A:48:E8:34:D3
X509v3 Authority Key Identifier:
keyid:AB:1D:0E:7E:81:8B:AF:9A:7A:FB:98:66:12:42:92:A6:1A:AF:B8:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qx0OfoGLr5p6-5hmEkKSphqvuMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/MXiwKWiZP6FasyTHSTMdWkjoNNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/qx0OfoGLr5p6-5hmEkKSphqvuMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.240.0-5.250.253.255
185.67.121.0-185.67.123.255
IPv6:
2a05:e80::/32
Signature Algorithm: sha256WithRSAEncryption
78:d2:89:d0:5d:9a:9c:ba:63:f0:19:0b:14:b1:46:1d:1a:d4:
aa:b3:d8:cd:9f:16:0f:79:16:d6:b7:d0:d8:83:d8:62:e0:c9:
bb:0c:02:ae:21:c5:45:20:42:2c:77:09:43:f8:ea:99:e5:4a:
94:c5:1a:95:bb:c2:65:a7:8a:c0:38:19:eb:07:27:d7:cd:01:
0e:d8:67:78:24:7a:3c:f4:84:9c:63:e2:2f:c5:b9:3a:8a:bc:
c7:09:ef:82:54:97:40:d4:7a:59:6e:c4:27:55:54:51:a2:5b:
6e:38:d5:ca:8b:a1:6d:e0:72:27:26:7d:8d:df:33:1f:27:f5:
fc:48:41:1e:76:f8:c7:10:c8:b2:a7:cf:ed:81:87:73:76:04:
75:86:07:b1:77:b3:90:27:20:6d:31:c5:b1:11:fb:ea:9b:d7:
55:dc:72:a5:25:97:29:6f:29:d0:ae:08:19:34:96:26:87:83:
9e:2b:bc:be:9a:b0:51:d2:53:a7:73:54:f5:36:59:64:77:f8:
2d:d4:40:8e:69:2f:ab:48:7c:49:f9:b1:01:01:7d:81:5a:76:
12:f6:db:13:a8:0e:a5:ba:91:68:c0:8a:9a:5a:f5:0c:ce:2c:
26:b8:e0:33:c1:8a:a4:50:97:92:d2:a9:c9:21:f0:25:5d:40:
38:5d:ef:c3
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYlTVpjMJgTLNP98G4og1s4PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMWQwZTdlODE4YmFmOWE3YWZiOTg2NjEyNDI5MmE2MWFh
ZmI4Y2EwHhcNMjMwNzE0MDczODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTc4YjAyOTY4OTkzZmExNWFiMzI0Yzc0OTMzMWQ1YTQ4ZTgzNGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthwLXIZ+RCWKl9VDr6KOWBsI02os
VwSi5RLE3xmYPm/Whoj4lg4mDROkzNJx28lKc4wCrSxN0QIwdRQA6KTnG5pVpzko
0LBOV5poSn1heyT57AtsjQMkCjPTWTluxqcq4HFPGen8Tx5WOkifZ+UR4pyzU8sm
dAIC4hXFVBbVsW28ouxCbAx3DYBHrA9tPZlaESK/ckuT2E+/ps14qnJT4/3Gclo8
IQsJ8ee0EHxqu3+Xiza3ITSXv7+TNGgaAIua21KiKhGwjBvHxW5sAKxIzh1kIYnS
vltUxzuNqd+VLn2JI1KJQ4AfxgvewVPWhezw5C/L6viZCjIYEWmbiWNr2wIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFDF4sClomT+hWrMkx0kzHVpI6DTTMB8GA1UdIwQY
MBaAFKsdDn6Bi6+aevuYZhJCkqYar7jKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXgwT2ZvR0xyNXA2LTVobUVrS1NwaHF2dU1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8xMjRjMzUtOTUyMy00M2I3LWI3ZWIt
ZWE1OTI2NGY5MDgzLzEvTVhpd0tXaVpQNkZhc3lUSFNUTWRXa2pvTk5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8xMjRjMzUtOTUyMy00M2I3LWI3ZWItZWE1OTI2NGY5MDgz
LzEvcXgwT2ZvR0xyNXA2LTVobUVrS1NwaHF2dU1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAiBAIAATAcMAwDBAQF+vAD
BAEF+vwwDAMEALlDeQMEArlDeDANBAIAAjAHAwUAKgUOgDANBgkqhkiG9w0BAQsF
AAOCAQEAeNKJ0F2anLpj8BkLFLFGHRrUqrPYzZ8WD3kW1rfQ2IPYYuDJuwwCriHF
RSBCLHcJQ/jqmeVKlMUalbvCZaeKwDgZ6wcn180BDthneCR6PPSEnGPiL8W5Ooq8
xwnvglSXQNR6WW7EJ1VUUaJbbjjVyouhbeByJyZ9jd8zHyf1/EhBHnb4xxDIsqfP
7YGHc3YEdYYHsXezkCcgbTHFsRH76pvXVdxypSWXKW8p0K4IGTSWJoeDniu8vpqw
UdJTp3NU9TZZZHf4LdRAjmkvq0h8SfmxAQF9gVp2EvbbE6gOpbqRaMCKmlr1DM4s
JrjgM8GKpFCXktKpySHwJV1AOF3vww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:11 2024 by rpki-client on console-fra.rpki-client.org