Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/MxgTV8JGTSSrY5iaCnK6B_pPiNM.roa
File: MxgTV8JGTSSrY5iaCnK6B_pPiNM.roa (raw, json)
Hash identifier: JKWcP44sLIE2DS1TW5ze036vlQWrzOP6vKKJXMLrS+Y=
Subject key identifier: 33:18:13:57:C2:46:4D:24:AB:63:98:9A:0A:72:BA:07:FA:4F:88:D3
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 38F40F6E
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/MxgTV8JGTSSrY5iaCnK6B_pPiNM.roa
Signing time: Sat 09 Apr 2022 15:05:27 +0000
ROA not before: Sat 09 Apr 2022 15:05:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 87.251.3.0/24 maxlen: 24
87.251.6.0/24 maxlen: 24
87.251.30.0/24 maxlen: 24
87.251.31.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 955518830 (0x38f40f6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Apr 9 15:05:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33181357c2464d24ab63989a0a72ba07fa4f88d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3b:d6:b2:df:f2:5b:15:fb:a4:ca:b7:0e:52:
c4:b9:a3:57:b2:30:47:d3:c2:d1:a9:c3:f4:62:64:
75:d3:71:00:9a:7e:5c:cc:30:24:d9:3b:6e:9a:7a:
5a:01:05:84:9a:c3:ec:6f:3b:f2:4f:54:e7:35:69:
96:b9:9e:3f:81:d0:1f:00:62:40:8c:98:00:e2:6d:
6f:72:7b:ab:59:06:0d:a0:09:84:c7:5a:e6:15:f9:
22:f5:f1:ea:dd:9c:6b:cb:f5:ec:02:86:c6:93:df:
db:0b:65:1c:0e:63:90:71:6a:82:dc:55:60:d8:61:
3c:90:97:13:44:38:1f:1c:7e:1e:a3:ad:5a:56:d3:
71:fb:18:f7:38:e3:94:89:a7:46:2c:40:02:a7:0a:
df:f2:34:da:cd:ff:37:77:78:a3:4c:02:ee:4f:a7:
56:96:c0:c7:0e:80:d9:80:af:52:fa:f2:f1:c1:06:
72:b4:0d:c3:b6:1d:90:80:d3:4a:f1:76:9e:4c:19:
d7:99:22:c7:33:3d:67:b1:49:53:51:35:f7:fb:0f:
66:58:c8:77:72:86:d6:5e:54:7f:32:c4:52:25:25:
a8:24:22:26:fc:56:ec:7a:50:88:9a:b1:25:36:a4:
45:10:42:01:8f:2b:31:13:85:7d:10:2c:df:10:d8:
50:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:18:13:57:C2:46:4D:24:AB:63:98:9A:0A:72:BA:07:FA:4F:88:D3
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/MxgTV8JGTSSrY5iaCnK6B_pPiNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.251.3.0/24
87.251.6.0/24
87.251.30.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:2f:a0:6e:2a:a1:02:29:52:68:29:86:72:0a:9b:94:6d:3d:
4a:d6:2a:3d:39:bc:b3:f3:4c:80:81:e0:e6:e5:d2:c4:99:0b:
1f:16:d5:a9:c8:c0:04:db:a6:65:d1:78:6e:91:97:aa:1e:b0:
5b:4c:2f:0c:a4:f3:6b:05:30:21:16:d8:60:58:83:a0:2a:65:
78:21:55:7b:e3:5c:33:be:64:e9:2c:2f:57:14:11:5d:15:4a:
68:85:82:fc:8d:54:17:b2:d8:27:8a:33:91:17:e0:98:92:56:
87:a3:6d:a9:e8:8b:ad:62:de:f5:ff:d4:8c:1f:e6:7d:e5:ca:
f2:b5:71:7c:f3:ed:ed:08:5c:02:5f:12:c0:38:ea:5c:f5:f7:
96:7c:bc:7e:89:5a:21:7a:d0:f8:1f:b5:47:96:ea:43:e7:de:
44:4a:85:59:d0:6c:5b:92:94:b6:75:0a:c4:92:51:e6:5c:b6:
c3:8c:96:ec:31:b3:ba:18:30:1f:93:86:dd:dc:7a:ab:1f:22:
2c:94:e7:61:c7:00:df:69:b8:78:20:29:76:26:38:cf:58:17:
9e:74:2d:b3:1a:5f:20:ab:bf:02:6b:51:c3:27:a4:9f:db:c7:
db:19:a2:03:46:a6:8e:06:7a:bd:d0:8f:74:e9:97:08:f4:a9:
a5:f7:90:ce
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEOPQPbjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTAxODE1YzZmOThmM2EyYjYxODRhZmViZjE4ZWEzNDFiZTg4MmVhMB4XDTIyMDQw
OTE1MDUyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzMxODEzNTdjMjQ2
NGQyNGFiNjM5ODlhMGE3MmJhMDdmYTRmODhkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANI71rLf8lsV+6TKtw5SxLmjV7IwR9PC0anD9GJkddNxAJp+
XMwwJNk7bpp6WgEFhJrD7G878k9U5zVplrmeP4HQHwBiQIyYAOJtb3J7q1kGDaAJ
hMda5hX5IvXx6t2ca8v17AKGxpPf2wtlHA5jkHFqgtxVYNhhPJCXE0Q4Hxx+HqOt
WlbTcfsY9zjjlImnRixAAqcK3/I02s3/N3d4o0wC7k+nVpbAxw6A2YCvUvry8cEG
crQNw7YdkIDTSvF2nkwZ15kixzM9Z7FJU1E19/sPZljId3KG1l5UfzLEUiUlqCQi
JvxW7HpQiJqxJTakRRBCAY8rMROFfRAs3xDYUL8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQzGBNXwkZNJKtjmJoKcroH+k+I0zAfBgNVHSMEGDAWgBTlAYFcb5jzorYY
Sv6/GOo0G+iC6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVRR0JYRy1ZODZLMkdFci12eGpxTkJ2b2d1by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvNWIwMjIyLWVkNjQtNGY1NS1iNDViLTAwNTlmNzM3ZWYwNS8x
L014Z1RWOEpHVFNTclk1aWFDbks2Ql9wUGlOTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
NWIwMjIyLWVkNjQtNGY1NS1iNDViLTAwNTlmNzM3ZWYwNS8xLzVRR0JYRy1ZODZL
MkdFci12eGpxTkJ2b2d1by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFf7AwMEAFf7BgMEAVf7HjANBgkq
hkiG9w0BAQsFAAOCAQEAqy+gbiqhAilSaCmGcgqblG09StYqPTm8s/NMgIHg5uXS
xJkLHxbVqcjABNumZdF4bpGXqh6wW0wvDKTzawUwIRbYYFiDoCpleCFVe+NcM75k
6SwvVxQRXRVKaIWC/I1UF7LYJ4ozkRfgmJJWh6NtqeiLrWLe9f/UjB/mfeXK8rVx
fPPt7QhcAl8SwDjqXPX3lny8folaIXrQ+B+1R5bqQ+feREqFWdBsW5KUtnUKxJJR
5ly2w4yW7DGzuhgwH5OG3dx6qx8iLJTnYccA32m4eCApdiY4z1gXnnQtsxpfIKu/
AmtRwyekn9vH2xmiA0amjgZ6vdCPdOmXCPSppfeQzg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:44 2023 by rpki-client on console.sobornost.net