Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/3VBQ2tFP2bcrMkDDoSHWrF0a2Ps.roa
File: 3VBQ2tFP2bcrMkDDoSHWrF0a2Ps.roa (raw, json)
Hash identifier: uydGQCM8hC8rB2Q/7Jrst4T54XphieLp476SMdC1mQ8=
Subject key identifier: DD:50:50:DA:D1:4F:D9:B7:2B:32:40:C3:A1:21:D6:AC:5D:1A:D8:FB
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 09B1401D
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/3VBQ2tFP2bcrMkDDoSHWrF0a2Ps.roa
Signing time: Sat 01 Jan 2022 09:56:57 +0000
ROA not before: Sat 01 Jan 2022 09:56:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212747
IP address blocks: 171.22.146.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162611229 (0x9b1401d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 1 09:56:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd5050dad14fd9b72b3240c3a121d6ac5d1ad8fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9a:c0:f2:7c:1f:fd:46:be:f9:67:70:e2:34:
9a:0e:ef:54:9f:af:79:39:41:29:f6:e7:c5:ab:c3:
e4:ec:29:24:77:b5:3b:83:2e:f6:d3:18:6a:71:db:
a8:68:e4:ae:8c:28:2b:d7:be:a7:83:f2:ff:98:b8:
00:22:f7:13:d8:18:b1:74:e4:27:33:62:26:2d:5f:
45:a9:a6:84:46:4a:6d:ae:d8:27:74:6d:ac:30:c7:
ce:ba:48:c8:3e:fe:74:46:01:3c:17:78:41:f9:23:
cd:23:54:c8:46:8a:ac:ef:12:87:33:70:74:6c:48:
5e:0c:ff:6f:86:2f:9a:ae:22:84:29:a0:bc:5b:2d:
54:96:1a:c7:ad:19:e7:65:90:57:c9:60:d7:2a:b8:
6d:cc:57:ae:41:f0:00:ab:96:57:0e:a7:65:d3:2d:
52:e5:d1:32:4e:76:bf:8d:08:17:d9:36:ba:b8:bc:
10:3e:47:67:da:35:de:0f:4c:26:7f:1a:69:6c:94:
59:0a:b1:2e:5d:bd:85:81:ca:86:fa:8b:ea:44:7a:
d9:e0:e3:49:ef:83:31:9e:30:e9:be:ec:45:e6:77:
df:4d:77:5e:5c:dd:54:30:a5:8e:84:87:42:43:9e:
a6:eb:33:0b:62:8e:66:48:ec:57:de:47:09:e9:1e:
8d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:50:50:DA:D1:4F:D9:B7:2B:32:40:C3:A1:21:D6:AC:5D:1A:D8:FB
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/3VBQ2tFP2bcrMkDDoSHWrF0a2Ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.146.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:cb:42:65:67:02:56:fc:96:7c:94:26:77:68:da:86:df:6a:
48:1f:44:72:6e:01:b7:34:c2:c4:df:19:c6:98:fb:6a:e5:34:
b8:fb:25:2e:8c:c6:49:90:00:f3:db:0b:cf:d7:88:3a:74:54:
cf:2a:4c:f3:89:62:b0:7c:1f:a8:0b:1a:64:e5:bc:ac:ae:d6:
70:04:73:1f:74:0b:ed:18:62:e9:cd:4f:5c:6c:73:77:0e:f2:
cf:cd:90:1c:71:a3:5c:ef:23:a9:60:75:0d:27:86:be:22:f6:
2a:a7:e4:79:81:cd:b0:1a:ce:7f:32:0c:43:cb:93:6d:c5:10:
a5:92:ba:88:af:d4:26:c0:1a:3f:73:27:ee:4c:14:00:03:cc:
14:90:a2:85:a4:33:de:0e:2f:1d:7d:59:03:7f:ca:36:fe:79:
ba:f9:9a:ea:19:f9:bc:1a:b6:e8:d4:3e:d5:d2:66:f9:19:87:
2c:8a:99:9d:bc:16:c4:db:7a:2e:72:9a:c8:3b:86:21:98:cb:
bc:d3:d9:2e:35:85:8c:4f:de:dd:1b:1f:6b:7d:40:72:0d:30:
c6:45:f8:59:5f:22:ce:5e:db:73:4a:55:b3:09:e5:f1:08:14:
68:5b:75:f9:30:3b:c7:cb:1f:d1:25:45:f4:d5:5f:f0:a0:37:
cd:29:2d:c7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECbFAHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDEw
MTA5NTY1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQ1MDUwZGFkMTRm
ZDliNzJiMzI0MGMzYTEyMWQ2YWM1ZDFhZDhmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKmawPJ8H/1GvvlncOI0mg7vVJ+veTlBKfbnxavD5OwpJHe1
O4Mu9tMYanHbqGjkrowoK9e+p4Py/5i4ACL3E9gYsXTkJzNiJi1fRammhEZKba7Y
J3RtrDDHzrpIyD7+dEYBPBd4QfkjzSNUyEaKrO8ShzNwdGxIXgz/b4Yvmq4ihCmg
vFstVJYax60Z52WQV8lg1yq4bcxXrkHwAKuWVw6nZdMtUuXRMk52v40IF9k2uri8
ED5HZ9o13g9MJn8aaWyUWQqxLl29hYHKhvqL6kR62eDjSe+DMZ4w6b7sReZ33013
XlzdVDCljoSHQkOepuszC2KOZkjsV95HCekejekCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTdUFDa0U/ZtysyQMOhIdasXRrY+zAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
LzNWQlEydEZQMmJjck1rRERvU0hXckYwYTJQcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKsWkjANBgkqhkiG9w0BAQsFAAOC
AQEAPstCZWcCVvyWfJQmd2jaht9qSB9Ecm4BtzTCxN8Zxpj7auU0uPslLozGSZAA
89sLz9eIOnRUzypM84lisHwfqAsaZOW8rK7WcARzH3QL7Rhi6c1PXGxzdw7yz82Q
HHGjXO8jqWB1DSeGviL2KqfkeYHNsBrOfzIMQ8uTbcUQpZK6iK/UJsAaP3Mn7kwU
AAPMFJCihaQz3g4vHX1ZA3/KNv55uvma6hn5vBq26NQ+1dJm+RmHLIqZnbwWxNt6
LnKayDuGIZjLvNPZLjWFjE/e3Rsfa31Acg0wxkX4WV8izl7bc0pVswnl8QgUaFt1
+TA7x8sf0SVF9NVf8KA3zSktxw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org