Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/mrs9w98Mwja3sqjV6C4Gz6H7Yac.roa
File: mrs9w98Mwja3sqjV6C4Gz6H7Yac.roa (raw, json)
Hash identifier: A1iK7HH3wjnLVg7b7VV5ZPMJgFPtLMbBrOifre31M7o=
Subject key identifier: 9A:BB:3D:C3:DF:0C:C2:36:B7:B2:A8:D5:E8:2E:06:CF:A1:FB:61:A7
Certificate issuer: /CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
Certificate serial: 018E425E604198EC8FD6F497CDC47E317666
Authority key identifier: 5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/mrs9w98Mwja3sqjV6C4Gz6H7Yac.roa
Signing time: Fri 15 Mar 2024 13:47:45 +0000
ROA not before: Fri 15 Mar 2024 13:47:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56749
IP address blocks: 109.95.60.0/24 maxlen: 24
109.95.61.0/24 maxlen: 24
109.95.62.0/24 maxlen: 24
109.95.63.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:5e:60:41:98:ec:8f:d6:f4:97:cd:c4:7e:31:76:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f51bcd89eb7f5b3ab08806ef51a7c2f6eb98efc
Validity
Not Before: Mar 15 13:47:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9abb3dc3df0cc236b7b2a8d5e82e06cfa1fb61a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:47:c6:0c:97:34:8e:4c:99:fd:83:98:23:1f:
71:ab:20:1c:b5:69:68:12:93:4a:b3:88:74:a8:e1:
ee:2b:c6:4b:d0:99:e3:c2:19:a9:16:2e:d0:ff:31:
08:12:3d:ea:1a:6a:10:66:ce:ed:e5:c2:93:b3:87:
7d:cb:af:28:22:fb:01:35:66:31:70:13:a4:56:5a:
77:28:d4:e6:79:64:d2:f8:0f:23:5c:09:1e:04:02:
71:a2:36:cc:a1:47:32:70:82:f2:35:94:94:71:db:
33:bf:aa:14:18:10:e0:2f:ce:ad:06:e2:2e:42:12:
8b:69:1b:8d:26:92:a6:6e:17:9e:3e:94:f6:44:bb:
6e:2e:e9:83:2e:14:91:ce:11:e5:a1:dc:47:9e:34:
e6:f2:43:90:25:39:98:e7:6c:94:2f:cf:4f:89:9c:
ac:ea:c2:9b:27:3d:c2:64:26:4a:54:54:6e:6c:de:
77:5c:e8:41:33:e4:be:fc:00:97:ce:17:52:f0:f6:
c4:07:68:b5:20:52:82:f9:92:3e:28:19:fa:3f:d1:
1b:27:2d:2c:29:75:d2:33:12:7e:5e:e0:23:46:e6:
79:0e:00:10:9b:ab:52:e0:40:b4:05:9e:a2:67:76:
bd:e9:7b:2c:93:f1:5d:65:46:03:23:6f:c3:d8:e0:
a0:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:BB:3D:C3:DF:0C:C2:36:B7:B2:A8:D5:E8:2E:06:CF:A1:FB:61:A7
X509v3 Authority Key Identifier:
keyid:5F:51:BC:D8:9E:B7:F5:B3:AB:08:80:6E:F5:1A:7C:2F:6E:B9:8E:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1G82J639bOrCIBu9Rp8L265jvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/mrs9w98Mwja3sqjV6C4Gz6H7Yac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/41f6f5-cef0-4a57-8e47-0a85986208a9/1/X1G82J639bOrCIBu9Rp8L265jvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.60.0/22
Signature Algorithm: sha256WithRSAEncryption
49:86:99:e6:c1:32:01:c1:62:64:1c:4f:55:4e:dd:71:4e:d1:
bb:9b:fe:76:05:dd:9a:6e:19:ab:01:83:02:4f:65:48:57:80:
92:e5:79:51:5a:99:c6:ff:8f:2c:2f:0d:47:84:cb:f5:59:7f:
3b:e9:54:d6:cc:7e:22:46:59:42:95:10:e9:dc:b6:67:1f:76:
bd:5f:2a:aa:79:6a:55:8c:31:30:a4:a4:80:07:4c:13:85:69:
a2:18:75:d8:1f:89:74:c3:3c:a3:0a:d5:46:18:89:97:67:20:
2f:28:02:51:0c:c1:57:55:14:5b:18:86:e4:9a:5e:04:10:34:
4f:87:7a:8a:a1:8c:cf:28:b9:ee:34:50:51:3d:16:03:d5:28:
d7:c8:b5:e2:5c:39:8d:aa:90:e8:3f:54:ee:71:b9:12:47:e1:
49:1f:48:6b:fc:06:f3:1a:d1:7f:b6:b0:ca:bd:91:07:e9:00:
90:db:eb:f3:61:8a:47:27:34:03:40:43:60:d4:40:e4:6f:0c:
8d:c8:3b:03:bb:1b:32:8a:ad:e7:a0:e6:bb:88:b9:ca:9d:10:
af:fb:3e:9b:2e:d6:c2:7d:78:ee:cb:a5:27:1c:97:ef:66:00:
96:cf:4d:21:78:e6:36:13:49:2b:db:5e:bc:4c:1f:ba:95:d4:
35:b7:3f:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5CXmBBmOyP1vSXzcR+MXZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNTFiY2Q4OWViN2Y1YjNhYjA4ODA2ZWY1MWE3YzJmNmVi
OThlZmMwHhcNMjQwMzE1MTM0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWJiM2RjM2RmMGNjMjM2YjdiMmE4ZDVlODJlMDZjZmExZmI2MWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEfGDJc0jkyZ/YOYIx9xqyActWlo
EpNKs4h0qOHuK8ZL0JnjwhmpFi7Q/zEIEj3qGmoQZs7t5cKTs4d9y68oIvsBNWYx
cBOkVlp3KNTmeWTS+A8jXAkeBAJxojbMoUcycILyNZSUcdszv6oUGBDgL86tBuIu
QhKLaRuNJpKmbheePpT2RLtuLumDLhSRzhHlodxHnjTm8kOQJTmY52yUL89PiZys
6sKbJz3CZCZKVFRubN53XOhBM+S+/ACXzhdS8PbEB2i1IFKC+ZI+KBn6P9EbJy0s
KXXSMxJ+XuAjRuZ5DgAQm6tS4EC0BZ6iZ3a96Xssk/FdZUYDI2/D2OCgIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJq7PcPfDMI2t7Ko1eguBs+h+2GnMB8GA1UdIwQY
MBaAFF9RvNiet/WzqwiAbvUafC9uuY78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDct
MGE4NTk4NjIwOGE5LzEvbXJzOXc5OE13amEzc3FqVjZDNEd6Nkg3WWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80MWY2ZjUtY2VmMC00YTU3LThlNDctMGE4NTk4NjIwOGE5
LzEvWDFHODJKNjM5Yk9yQ0lCdTlScDhMMjY1anZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbV88MA0G
CSqGSIb3DQEBCwUAA4IBAQBJhpnmwTIBwWJkHE9VTt1xTtG7m/52Bd2abhmrAYMC
T2VIV4CS5XlRWpnG/48sLw1HhMv1WX876VTWzH4iRllClRDp3LZnH3a9XyqqeWpV
jDEwpKSAB0wThWmiGHXYH4l0wzyjCtVGGImXZyAvKAJRDMFXVRRbGIbkml4EEDRP
h3qKoYzPKLnuNFBRPRYD1SjXyLXiXDmNqpDoP1TucbkSR+FJH0hr/AbzGtF/trDK
vZEH6QCQ2+vzYYpHJzQDQENg1EDkbwyNyDsDuxsyiq3noOa7iLnKnRCv+z6bLtbC
fXjuy6UnHJfvZgCWz00heOY2E0kr2168TB+6ldQ1tz9i
-----END CERTIFICATE-----
Generated at Thu May 15 02:51:34 2025 by rpki-client