Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/mm5a78aLrLV5XiTIKKqTFwiMcnE.roa
File: mm5a78aLrLV5XiTIKKqTFwiMcnE.roa (raw, json)
Hash identifier: I0YWIuSxcd0/XnRaGj67O3/P8n2LCmNcEfY6FO6E+7w=
Subject key identifier: 9A:6E:5A:EF:C6:8B:AC:B5:79:5E:24:C8:28:AA:93:17:08:8C:72:71
Certificate issuer: /CN=ea1219292d86ca96397b8a8bd24e08b1a897c1a3
Certificate serial: 0184CCA426188365AF8C99CDF1313B968980
Authority key identifier: EA:12:19:29:2D:86:CA:96:39:7B:8A:8B:D2:4E:08:B1:A8:97:C1:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6hIZKS2GypY5e4qL0k4IsaiXwaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/mm5a78aLrLV5XiTIKKqTFwiMcnE.roa
Signing time: Thu 01 Dec 2022 07:43:40 +0000
ROA not before: Thu 01 Dec 2022 07:43:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15763
IP address blocks: 149.232.0.0/17 maxlen: 17
149.232.128.0/19 maxlen: 19
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cc:a4:26:18:83:65:af:8c:99:cd:f1:31:3b:96:89:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea1219292d86ca96397b8a8bd24e08b1a897c1a3
Validity
Not Before: Dec 1 07:43:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a6e5aefc68bacb5795e24c828aa9317088c7271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4c:74:82:1c:2d:9f:7c:da:97:8a:5c:7a:19:
5b:11:b4:d8:74:03:ce:3b:ff:26:0a:c5:e6:32:2c:
c2:dc:48:03:a8:87:24:29:cb:9e:5d:73:41:83:32:
21:e6:75:ba:cb:ff:8e:40:5c:ec:82:f2:1c:23:43:
b8:0d:2c:dd:4f:67:04:40:6a:50:40:40:40:c4:dd:
cd:fc:9b:32:e1:6d:ee:fa:8a:37:7b:46:96:0c:82:
fc:cd:3a:99:56:28:d3:c2:10:c9:3a:28:24:bc:19:
94:0e:35:67:24:98:f5:3a:a1:f9:c4:f4:53:af:32:
52:f1:12:87:68:5f:25:9f:2b:81:50:fc:76:5c:d5:
5f:81:20:d3:18:f9:e3:41:7f:a4:2d:77:46:98:ed:
24:38:49:5c:de:a0:3f:ac:7a:94:5c:da:2d:e0:a1:
5f:2a:23:85:98:82:73:95:ec:b3:b4:cf:05:e9:99:
6e:41:c3:3a:35:a6:7f:98:5c:de:b1:59:f8:ee:97:
c4:2f:de:eb:e6:1b:77:22:b5:d3:c9:0e:2e:14:81:
40:a9:6c:35:38:11:d8:69:74:41:ca:92:5d:15:c4:
35:55:14:0d:cd:74:c5:b3:4d:c9:ef:ab:3a:0f:4e:
89:f1:66:d3:15:15:6a:d3:64:e2:bc:c8:da:5a:e0:
5f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:6E:5A:EF:C6:8B:AC:B5:79:5E:24:C8:28:AA:93:17:08:8C:72:71
X509v3 Authority Key Identifier:
keyid:EA:12:19:29:2D:86:CA:96:39:7B:8A:8B:D2:4E:08:B1:A8:97:C1:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6hIZKS2GypY5e4qL0k4IsaiXwaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/mm5a78aLrLV5XiTIKKqTFwiMcnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/cbb2e4-88c3-4cc0-9675-c98a1bde6476/1/6hIZKS2GypY5e4qL0k4IsaiXwaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.232.0.0-149.232.159.255
Signature Algorithm: sha256WithRSAEncryption
3c:e3:b2:7c:3c:b4:fc:6f:d5:e8:41:a3:90:4d:45:c1:e3:89:
b6:68:ea:d8:ab:01:1d:57:ef:df:fc:b3:5c:b9:f7:06:a9:c8:
9a:2a:78:0d:28:3d:1a:25:25:c7:56:58:f1:d1:fb:94:c2:a0:
3c:5d:35:af:48:60:aa:3d:f2:63:41:f8:aa:e9:4e:e7:dd:ed:
df:09:a5:1a:e5:8f:4c:55:a4:dd:ce:ca:d5:3b:1b:df:f6:ba:
ec:5f:ee:25:68:cb:d8:88:7c:19:2f:18:23:9b:a4:8f:26:45:
22:b6:ff:55:d1:bf:66:1a:fb:0e:14:4a:69:59:e9:c1:b1:d0:
90:b2:6f:81:94:50:be:bb:fd:3a:13:8f:d5:9a:6f:b7:01:21:
f3:2e:de:ef:9a:91:8d:04:2b:03:de:93:bf:db:54:18:24:90:
bc:3e:f8:8d:fc:5e:5b:6c:42:83:b8:47:ee:4a:11:f2:a5:d1:
b4:33:81:ec:e0:db:9c:60:76:a0:8c:bb:c1:6c:0e:15:e4:59:
9d:59:ba:6a:ec:c8:c7:d6:13:a3:55:35:57:bf:3a:bd:f5:68:
4b:db:10:9b:28:15:ba:56:dc:bf:ea:71:c8:c1:7a:20:5c:04:
52:3f:2b:dc:e0:35:f9:6a:a4:0c:fe:56:3f:67:08:d0:f3:ed:
54:92:f3:07
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYTMpCYYg2WvjJnN8TE7lomAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMTIxOTI5MmQ4NmNhOTYzOTdiOGE4YmQyNGUwOGIxYTg5
N2MxYTMwHhcNMjIxMjAxMDc0MzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTZlNWFlZmM2OGJhY2I1Nzk1ZTI0YzgyOGFhOTMxNzA4OGM3MjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUx0ghwtn3zal4pcehlbEbTYdAPO
O/8mCsXmMizC3EgDqIckKcueXXNBgzIh5nW6y/+OQFzsgvIcI0O4DSzdT2cEQGpQ
QEBAxN3N/Jsy4W3u+oo3e0aWDIL8zTqZVijTwhDJOigkvBmUDjVnJJj1OqH5xPRT
rzJS8RKHaF8lnyuBUPx2XNVfgSDTGPnjQX+kLXdGmO0kOElc3qA/rHqUXNot4KFf
KiOFmIJzleyztM8F6ZluQcM6NaZ/mFzesVn47pfEL97r5ht3IrXTyQ4uFIFAqWw1
OBHYaXRBypJdFcQ1VRQNzXTFs03J76s6D06J8WbTFRVq02TivMjaWuBfcQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFJpuWu/Gi6y1eV4kyCiqkxcIjHJxMB8GA1UdIwQY
MBaAFOoSGSkthsqWOXuKi9JOCLGol8GjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmhJWktTMkd5cFk1ZTRxTDBrNElzYWlYd2FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jYmIyZTQtODhjMy00Y2MwLTk2NzUt
Yzk4YTFiZGU2NDc2LzEvbW01YTc4YUxyTFY1WGlUSUtLcVRGd2lNY25FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jYmIyZTQtODhjMy00Y2MwLTk2NzUtYzk4YTFiZGU2NDc2
LzEvNmhJWktTMkd5cFk1ZTRxTDBrNElzYWlYd2FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwOV6AME
BZXogDANBgkqhkiG9w0BAQsFAAOCAQEAPOOyfDy0/G/V6EGjkE1FweOJtmjq2KsB
HVfv3/yzXLn3BqnImip4DSg9GiUlx1ZY8dH7lMKgPF01r0hgqj3yY0H4qulO593t
3wmlGuWPTFWk3c7K1Tsb3/a67F/uJWjL2Ih8GS8YI5ukjyZFIrb/VdG/Zhr7DhRK
aVnpwbHQkLJvgZRQvrv9OhOP1ZpvtwEh8y7e75qRjQQrA96Tv9tUGCSQvD74jfxe
W2xCg7hH7koR8qXRtDOB7ODbnGB2oIy7wWwOFeRZnVm6auzIx9YTo1U1V786vfVo
S9sQmygVulbcv+pxyMF6IFwEUj8r3OA1+WqkDP5WP2cI0PPtVJLzBw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:53 2023 by rpki-client on console.sobornost.net