Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/6Pt_UQ_Hlld84BqIVtGy6WZuFPQ.roa
File: 6Pt_UQ_Hlld84BqIVtGy6WZuFPQ.roa (raw, json)
Hash identifier: L1NZG0BGnb8998W3LvKzpqXH/EWpj9cWRlvNYAbmDoo=
Subject key identifier: E8:FB:7F:51:0F:C7:96:57:7C:E0:1A:88:56:D1:B2:E9:66:6E:14:F4
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0185C8DAFDC083F438B8F8E7105744E1E269
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/6Pt_UQ_Hlld84BqIVtGy6WZuFPQ.roa
Signing time: Thu 19 Jan 2023 07:07:53 +0000
ROA not before: Thu 19 Jan 2023 07:07:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 171.22.146.0/24 maxlen: 24
185.149.12.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c8:da:fd:c0:83:f4:38:b8:f8:e7:10:57:44:e1:e2:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 19 07:07:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8fb7f510fc796577ce01a8856d1b2e9666e14f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:87:4a:2e:c1:f1:5e:8d:ad:0a:8b:fb:a0:09:
0c:02:2b:3c:09:53:84:12:eb:df:23:2f:8e:6d:a7:
51:cf:4a:08:49:4f:29:f9:80:9c:12:67:10:72:3c:
7e:72:23:d0:c9:ea:76:d9:24:75:4e:6a:23:5b:93:
38:31:92:1e:1f:d5:3f:aa:df:63:70:34:a9:dd:f9:
3d:ed:08:47:8d:ee:ac:17:54:49:0a:ae:33:8f:b5:
de:87:0a:df:03:e1:bb:72:9f:f6:26:04:3f:f3:34:
1c:07:72:5a:b6:85:39:67:4f:4d:a1:82:a4:bf:32:
ba:5f:55:3c:81:91:43:5d:2c:d9:30:26:b0:82:eb:
62:d9:7f:08:be:d7:23:57:79:7b:7a:7d:92:93:6b:
3a:3c:dd:2f:12:f9:25:ad:c8:7b:64:57:8e:74:c8:
b4:43:1b:9f:ea:0e:2a:1e:49:d5:d1:3d:fe:f5:f9:
13:d5:a3:fe:74:24:e3:a3:a8:44:13:c6:71:61:7b:
bb:bf:01:b7:39:7c:b3:a4:25:ea:f2:06:db:d3:02:
b5:1e:4d:1c:52:71:ad:59:84:d6:e3:47:6f:9b:e7:
7e:c8:8d:ed:e9:92:4d:ee:36:30:53:5f:a5:73:ea:
1f:31:bb:b9:65:41:46:28:1b:61:ef:c1:3e:0c:26:
09:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:FB:7F:51:0F:C7:96:57:7C:E0:1A:88:56:D1:B2:E9:66:6E:14:F4
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/6Pt_UQ_Hlld84BqIVtGy6WZuFPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.146.0/24
185.149.12.0/24
Signature Algorithm: sha256WithRSAEncryption
28:97:d2:85:f1:4b:eb:5e:9c:38:35:6d:68:ff:ef:3b:d0:a0:
56:63:06:d3:4d:73:47:d7:ce:84:ea:38:09:f4:70:72:7b:10:
eb:e6:0d:cc:ca:42:0f:95:02:e2:e6:f5:1d:e6:62:93:b9:cf:
c2:df:cb:08:d6:ea:9c:07:84:a6:d6:55:5e:c3:a8:2e:96:6e:
66:44:d3:8d:3d:57:c9:5f:e3:c4:16:60:49:a2:3f:af:bc:c1:
e0:f7:e6:f0:48:f9:02:3c:3c:33:1b:ea:eb:c0:e2:ec:aa:93:
44:fd:81:70:56:4a:bf:a7:63:fa:d7:13:16:e8:a3:ef:8c:86:
12:21:bf:86:83:e6:a8:99:61:18:36:63:4c:c4:e3:6f:33:b1:
65:6e:b6:81:1f:45:e8:f8:3c:35:02:47:02:cd:39:13:4a:e1:
7c:ff:2a:81:29:e8:81:fa:e5:33:11:4f:58:57:42:cc:f7:a1:
71:42:96:eb:81:15:a3:61:c3:e5:c3:72:70:28:96:d9:43:fe:
5f:e5:68:ff:95:a5:9f:ad:76:35:34:76:07:5b:a5:aa:56:29:
32:50:cc:1a:42:88:3f:93:72:64:c0:f4:14:59:19:a1:c5:97:
d6:72:b1:97:47:22:43:d6:a4:18:9e:b9:58:e0:65:70:fd:ce:
44:cf:16:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXI2v3Ag/Q4uPjnEFdE4eJpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwMTE5MDcwNzUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGZiN2Y1MTBmYzc5NjU3N2NlMDFhODg1NmQxYjJlOTY2NmUxNGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIdKLsHxXo2tCov7oAkMAis8CVOE
EuvfIy+ObadRz0oISU8p+YCcEmcQcjx+ciPQyep22SR1TmojW5M4MZIeH9U/qt9j
cDSp3fk97QhHje6sF1RJCq4zj7XehwrfA+G7cp/2JgQ/8zQcB3JatoU5Z09NoYKk
vzK6X1U8gZFDXSzZMCawguti2X8IvtcjV3l7en2Sk2s6PN0vEvklrch7ZFeOdMi0
Qxuf6g4qHknV0T3+9fkT1aP+dCTjo6hEE8ZxYXu7vwG3OXyzpCXq8gbb0wK1Hk0c
UnGtWYTW40dvm+d+yI3t6ZJN7jYwU1+lc+ofMbu5ZUFGKBth78E+DCYJKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOj7f1EPx5ZXfOAaiFbRsulmbhT0MB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvNlB0X1VRX0hsbGQ4NEJxSVZ0R3k2V1p1RlBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAqxaSAwQA
uZUMMA0GCSqGSIb3DQEBCwUAA4IBAQAol9KF8UvrXpw4NW1o/+870KBWYwbTTXNH
186E6jgJ9HByexDr5g3MykIPlQLi5vUd5mKTuc/C38sI1uqcB4Sm1lVew6gulm5m
RNONPVfJX+PEFmBJoj+vvMHg9+bwSPkCPDwzG+rrwOLsqpNE/YFwVkq/p2P61xMW
6KPvjIYSIb+Gg+aomWEYNmNMxONvM7FlbraBH0Xo+Dw1AkcCzTkTSuF8/yqBKeiB
+uUzEU9YV0LM96FxQpbrgRWjYcPlw3JwKJbZQ/5f5Wj/laWfrXY1NHYHW6WqViky
UMwaQog/k3JkwPQUWRmhxZfWcrGXRyJD1qQYnrlY4GVw/c5EzxZZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org