Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/6Awyu8P_pMLCj3v7TxcveNlpYrg.roa
File: 6Awyu8P_pMLCj3v7TxcveNlpYrg.roa (raw, json)
Hash identifier: Vub4n6JLez9eg5voNQrtU0I2XEhG6zkXVZNuC+lEeEg=
Subject key identifier: E8:0C:32:BB:C3:FF:A4:C2:C2:8F:7B:FB:4F:17:2F:78:D9:69:62:B8
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0B63069B
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/6Awyu8P_pMLCj3v7TxcveNlpYrg.roa
Signing time: Wed 08 Jun 2022 07:52:03 +0000
ROA not before: Wed 08 Jun 2022 07:52:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 171.22.147.0/24 maxlen: 24
31.43.174.0/23 maxlen: 24
185.235.71.0/24 maxlen: 24
185.149.15.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 191039131 (0xb63069b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jun 8 07:52:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e80c32bbc3ffa4c2c28f7bfb4f172f78d96962b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9f:ad:c2:b9:41:f8:26:45:d9:ff:f2:b8:d5:
4b:26:d1:3c:39:69:3c:81:d8:22:87:2e:51:09:82:
c5:bb:9d:31:8f:18:ed:bc:6d:d6:5e:25:df:93:c1:
c1:90:25:2b:d5:b9:b3:e6:25:4a:06:04:a7:9c:c2:
30:c8:ee:27:e8:37:d3:33:e4:0e:6f:37:a4:46:b7:
7b:8d:dc:a8:73:62:d8:f5:74:fe:b0:9c:57:99:67:
5d:95:0a:0b:75:98:d3:99:0d:8f:82:44:f5:b1:96:
81:9d:55:d4:96:90:ef:df:5f:14:53:9b:37:7a:cc:
f2:21:eb:c2:9e:f9:82:e0:82:44:eb:c3:95:0e:09:
d1:36:c3:3c:37:42:d1:cb:a5:06:0b:5b:90:76:18:
d9:31:9e:08:96:b4:80:b1:d2:76:cd:43:51:d3:93:
7e:47:13:55:6c:80:41:74:06:6b:f2:13:d3:6d:a3:
f4:9e:6a:6e:2e:00:ce:80:71:2d:45:85:61:fb:96:
8d:4b:ed:23:fb:03:31:5c:2a:6b:3a:0c:d8:72:e4:
4b:9e:2f:b1:26:f6:65:6e:f4:d9:69:6e:fd:82:ac:
31:3e:6d:e4:9e:23:f1:f5:1c:e3:3a:76:0c:18:dd:
b1:25:5c:c3:8e:2f:29:94:b5:31:42:db:fa:8c:19:
e0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:0C:32:BB:C3:FF:A4:C2:C2:8F:7B:FB:4F:17:2F:78:D9:69:62:B8
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/6Awyu8P_pMLCj3v7TxcveNlpYrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.174.0/23
171.22.147.0/24
185.149.15.0/24
185.235.71.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:59:63:d8:f4:63:15:05:cb:c4:3d:c3:0d:cb:e7:c7:68:0b:
f0:e7:d0:82:6a:62:90:ee:ac:69:58:f2:10:3d:4f:66:4c:14:
af:da:aa:3e:0e:71:2f:14:9d:a9:be:21:20:14:71:37:1f:82:
a7:d0:1f:32:e2:33:1e:e2:9a:04:39:41:43:85:55:e3:7f:bf:
74:69:c8:ea:d7:dc:96:f7:1e:3d:d2:cf:04:56:78:8f:5d:a6:
0b:54:3e:30:08:e5:30:8d:fe:17:b2:5f:b7:d6:76:02:cc:c4:
4b:3f:99:6c:6d:bc:c3:f8:9b:e6:f5:95:7d:9b:cc:06:27:e9:
e3:47:45:9c:07:86:91:ee:cf:a0:82:2e:9b:55:d3:92:40:f3:
6c:9c:9e:28:4e:af:1b:a5:b2:9a:99:9d:e3:70:8a:6e:35:18:
3c:5e:fc:32:c8:c5:e6:29:d9:e7:32:c9:74:ac:c5:52:b5:1a:
67:00:06:d8:5c:33:1b:bb:fc:72:85:5d:f8:96:87:a7:23:b4:
02:18:18:e3:5c:e8:10:2c:24:f4:78:4c:bf:8d:19:52:33:b5:
ee:16:db:8d:f4:3e:d1:f6:b7:51:75:1c:0c:76:f9:82:0a:6c:
61:61:e1:e8:4d:79:0a:43:bc:97:19:1b:d6:d4:38:41:45:50:
ae:1b:54:3c
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEC2MGmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDYw
ODA3NTIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTgwYzMyYmJjM2Zm
YTRjMmMyOGY3YmZiNGYxNzJmNzhkOTY5NjJiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJqfrcK5QfgmRdn/8rjVSybRPDlpPIHYIocuUQmCxbudMY8Y
7bxt1l4l35PBwZAlK9W5s+YlSgYEp5zCMMjuJ+g30zPkDm83pEa3e43cqHNi2PV0
/rCcV5lnXZUKC3WY05kNj4JE9bGWgZ1V1JaQ799fFFObN3rM8iHrwp75guCCROvD
lQ4J0TbDPDdC0culBgtbkHYY2TGeCJa0gLHSds1DUdOTfkcTVWyAQXQGa/IT022j
9J5qbi4AzoBxLUWFYfuWjUvtI/sDMVwqazoM2HLkS54vsSb2ZW702Wlu/YKsMT5t
5J4j8fUc4zp2DBjdsSVcw44vKZS1MULb+owZ4JECAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBToDDK7w/+kwsKPe/tPFy942WliuDAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
LzZBd3l1OFBfcE1MQ2ozdjdUeGN2ZU5scFlyZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAR8rrgMEAKsWkwMEALmVDwMEALnr
RzANBgkqhkiG9w0BAQsFAAOCAQEATVlj2PRjFQXLxD3DDcvnx2gL8OfQgmpikO6s
aVjyED1PZkwUr9qqPg5xLxSdqb4hIBRxNx+Cp9AfMuIzHuKaBDlBQ4VV43+/dGnI
6tfclvcePdLPBFZ4j12mC1Q+MAjlMI3+F7Jft9Z2AszESz+ZbG28w/ib5vWVfZvM
Bifp40dFnAeGke7PoIIum1XTkkDzbJyeKE6vG6Wympmd43CKbjUYPF78MsjF5inZ
5zLJdKzFUrUaZwAG2FwzG7v8coVd+JaHpyO0AhgY41zoECwk9HhMv40ZUjO17hbb
jfQ+0fa3UXUcDHb5ggpsYWHh6E15CkO8lxkb1tQ4QUVQrhtUPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org