Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/cIKmN9ZtwDc90xoKY_vS7G6mL0A.roa
File: cIKmN9ZtwDc90xoKY_vS7G6mL0A.roa (raw, json)
Hash identifier: IHI5m2zx8QqVASy8bWkuJRKKxnp01hu0EBklgx8VHVs=
Subject key identifier: 70:82:A6:37:D6:6D:C0:37:3D:D3:1A:0A:63:FB:D2:EC:6E:A6:2F:40
Certificate issuer: /CN=51618df006d548d1d87ed6419550662db6fc0606
Certificate serial: 0185FB995426F6FD69D1E96ED637A110C0F2
Authority key identifier: 51:61:8D:F0:06:D5:48:D1:D8:7E:D6:41:95:50:66:2D:B6:FC:06:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UWGN8AbVSNHYftZBlVBmLbb8BgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/cIKmN9ZtwDc90xoKY_vS7G6mL0A.roa
Signing time: Sun 29 Jan 2023 03:36:47 +0000
ROA not before: Sun 29 Jan 2023 03:36:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31257
IP address blocks: 176.116.160.0/21 maxlen: 21
176.116.160.0/20 maxlen: 20
176.116.168.0/21 maxlen: 21
176.116.177.0/24 maxlen: 24
176.116.178.0/23 maxlen: 23
176.116.182.0/23 maxlen: 23
176.116.180.0/22 maxlen: 22
176.116.180.0/23 maxlen: 23
213.110.224.0/20 maxlen: 20
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:fb:99:54:26:f6:fd:69:d1:e9:6e:d6:37:a1:10:c0:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51618df006d548d1d87ed6419550662db6fc0606
Validity
Not Before: Jan 29 03:36:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7082a637d66dc0373dd31a0a63fbd2ec6ea62f40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:82:59:48:8c:fc:2c:67:9e:8c:38:5f:b6:b8:
37:b6:1f:ba:d4:e0:c8:d6:cf:07:c4:4f:36:68:b1:
a8:a1:1c:b0:c3:4f:85:94:c4:60:d3:37:12:3c:f9:
36:8c:d9:e6:b5:71:41:2d:15:bf:a1:ea:08:85:81:
2e:84:f5:99:da:9a:91:c9:18:4f:37:0f:b0:b3:fa:
2d:14:8e:34:f2:9e:e8:05:9a:0c:e6:52:e0:95:ee:
d7:41:7e:6f:8b:a3:69:35:29:85:3d:cf:3a:22:71:
8c:7f:ca:78:97:76:d1:86:aa:96:1b:bd:10:2e:ec:
41:21:c2:48:cb:55:3c:1c:ef:9f:4c:26:2e:04:a3:
0f:e5:38:65:42:1e:f6:f6:53:69:74:4b:7c:dc:2c:
6a:fb:cf:53:e3:94:63:46:f6:e8:97:c3:9f:ba:90:
d6:72:73:5b:d2:85:c2:94:ad:23:dc:20:fb:2e:96:
ea:f2:d2:e2:e5:7e:bf:e5:a8:b3:3e:e3:b3:b8:84:
32:98:9f:8e:08:a6:38:f4:ec:74:7f:77:f4:fa:47:
98:db:2b:08:a4:92:9a:f9:0a:c0:96:07:24:7f:f4:
0c:22:91:f4:a4:bf:df:06:54:da:96:77:54:ea:b1:
65:4a:1e:2a:3e:29:74:1e:83:37:92:08:c9:75:2b:
44:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:82:A6:37:D6:6D:C0:37:3D:D3:1A:0A:63:FB:D2:EC:6E:A6:2F:40
X509v3 Authority Key Identifier:
keyid:51:61:8D:F0:06:D5:48:D1:D8:7E:D6:41:95:50:66:2D:B6:FC:06:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UWGN8AbVSNHYftZBlVBmLbb8BgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/cIKmN9ZtwDc90xoKY_vS7G6mL0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d5ffe7-3b48-4f80-8d6a-317c2fb0a35b/1/UWGN8AbVSNHYftZBlVBmLbb8BgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.160.0/20
176.116.177.0-176.116.183.255
213.110.224.0/20
Signature Algorithm: sha256WithRSAEncryption
46:41:e8:bb:f4:e1:8f:c3:1a:4b:51:3a:4d:0b:f3:bb:a6:27:
6d:b5:75:f9:8b:5e:cf:0a:69:01:dd:7c:06:a2:63:9b:a2:8c:
b2:dd:21:1e:95:c8:bc:24:47:29:7f:1d:f8:d9:c6:00:0b:0d:
16:79:a1:3a:d3:c7:81:81:e3:fc:4d:72:25:1a:be:31:63:c0:
05:c3:61:f7:3e:68:0e:6c:40:76:05:a4:35:17:09:8c:15:3c:
d0:4c:bb:60:15:29:3b:3e:d3:b0:de:ef:20:ef:90:65:cf:ee:
72:72:67:12:06:b8:18:fd:2c:81:35:e3:b5:29:9f:63:4b:dc:
e3:6a:84:90:2e:4e:17:77:7b:a8:b8:19:2b:fd:86:c8:22:33:
b7:20:48:b6:f1:9c:14:92:a7:72:a8:18:a1:b1:80:ff:b7:ff:
8a:a3:9b:1c:1f:b8:d9:e9:ab:64:7a:fb:f3:3e:ea:13:e2:55:
af:c6:b9:62:35:d9:d9:55:f6:75:0f:05:6d:63:8f:31:e6:86:
46:3e:59:1d:7d:c9:4e:87:19:7d:59:c3:37:32:8f:4b:65:43:
0d:8d:80:da:01:b3:4c:92:31:75:2c:ab:f7:d5:04:74:e1:78:
67:d5:e8:f6:11:4b:f9:e6:31:39:83:a2:22:9d:ac:82:86:62:
70:07:33:40
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYX7mVQm9v1p0elu1jehEMDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNjE4ZGYwMDZkNTQ4ZDFkODdlZDY0MTk1NTA2NjJkYjZm
YzA2MDYwHhcNMjMwMTI5MDMzNjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDgyYTYzN2Q2NmRjMDM3M2RkMzFhMGE2M2ZiZDJlYzZlYTYyZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIJZSIz8LGeejDhftrg3th+61ODI
1s8HxE82aLGooRyww0+FlMRg0zcSPPk2jNnmtXFBLRW/oeoIhYEuhPWZ2pqRyRhP
Nw+ws/otFI408p7oBZoM5lLgle7XQX5vi6NpNSmFPc86InGMf8p4l3bRhqqWG70Q
LuxBIcJIy1U8HO+fTCYuBKMP5ThlQh729lNpdEt83Cxq+89T45RjRvbol8OfupDW
cnNb0oXClK0j3CD7Lpbq8tLi5X6/5aizPuOzuIQymJ+OCKY49Ox0f3f0+keY2ysI
pJKa+QrAlgckf/QMIpH0pL/fBlTalndU6rFlSh4qPil0HoM3kgjJdStEvQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHCCpjfWbcA3PdMaCmP70uxupi9AMB8GA1UdIwQY
MBaAFFFhjfAG1UjR2H7WQZVQZi22/AYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVdHTjhBYlZTTkhZZnRaQmxWQm1MYmI4QmdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9kNWZmZTctM2I0OC00ZjgwLThkNmEt
MzE3YzJmYjBhMzViLzEvY0lLbU45WnR3RGM5MHhvS1lfdlM3RzZtTDBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9kNWZmZTctM2I0OC00ZjgwLThkNmEtMzE3YzJmYjBhMzVi
LzEvVVdHTjhBYlZTTkhZZnRaQmxWQm1MYmI4QmdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQEsHSgMAwD
BACwdLEDBAOwdLADBATVbuAwDQYJKoZIhvcNAQELBQADggEBAEZB6Lv04Y/DGktR
Ok0L87umJ221dfmLXs8KaQHdfAaiY5uijLLdIR6VyLwkRyl/HfjZxgALDRZ5oTrT
x4GB4/xNciUavjFjwAXDYfc+aA5sQHYFpDUXCYwVPNBMu2AVKTs+07De7yDvkGXP
7nJyZxIGuBj9LIE147Upn2NL3ONqhJAuThd3e6i4GSv9hsgiM7cgSLbxnBSSp3Ko
GKGxgP+3/4qjmxwfuNnpq2R6+/M+6hPiVa/GuWI12dlV9nUPBW1jjzHmhkY+WR19
yU6HGX1Zwzcyj0tlQw2NgNoBs0ySMXUsq/fVBHTheGfV6PYRS/nmMTmDoiKdrIKG
YnAHM0A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:58 2024 by rpki-client on console-fra.rpki-client.org