Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/7-RIPewWKYLQ6I20XQubGkYobOI.roa
File: 7-RIPewWKYLQ6I20XQubGkYobOI.roa (raw, json)
Hash identifier: LaGoohDysCtx87T3XNJtdCxTCP7Fag26Xll8S3DTHbc=
Subject key identifier: EF:E4:48:3D:EC:16:29:82:D0:E8:8D:B4:5D:0B:9B:1A:46:28:6C:E2
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0181DF025EF5A7ABE1C85A239575DEF5C07A
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/7-RIPewWKYLQ6I20XQubGkYobOI.roa
Signing time: Fri 08 Jul 2022 18:11:23 +0000
ROA not before: Fri 08 Jul 2022 18:11:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 171.22.147.0/24 maxlen: 24
31.43.174.0/23 maxlen: 24
185.235.71.0/24 maxlen: 24
185.149.15.0/24 maxlen: 24
89.46.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:df:02:5e:f5:a7:ab:e1:c8:5a:23:95:75:de:f5:c0:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jul 8 18:11:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=efe4483dec162982d0e88db45d0b9b1a46286ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f9:9b:6d:ac:37:a7:3c:4e:c6:57:a3:87:0c:
04:31:a2:c9:d5:e7:86:c4:e9:1f:97:8a:30:26:9a:
59:a6:b4:03:ab:90:91:41:bd:4b:c5:f1:be:7d:79:
4f:b3:4e:c6:f9:ec:74:fc:87:30:37:82:8d:24:05:
cb:8b:4f:3b:21:9e:d6:71:95:37:86:98:7c:50:ec:
de:85:74:a4:d1:d8:2a:86:70:f9:3a:dc:06:5f:3a:
49:88:c6:a2:5a:bd:39:da:d9:7e:94:48:1f:d9:38:
6a:b5:c8:f4:f9:8f:8a:96:ee:92:b2:2f:46:93:a5:
7e:b0:05:74:95:52:5b:7c:91:7e:9b:5e:40:54:9b:
83:62:1f:b5:9d:b8:9f:0a:40:55:62:c4:6e:51:e0:
98:84:2b:4f:d0:87:f7:77:c5:00:d2:e5:41:df:7a:
52:9c:0e:ec:b9:9f:c7:6f:db:30:91:82:f9:34:fe:
60:54:f5:04:df:ae:6f:f1:51:d1:33:7c:29:a5:d0:
7f:87:b1:cb:7b:48:1f:5b:7f:c9:fc:47:83:04:a4:
80:aa:76:22:8f:76:d9:91:d6:df:64:e8:8f:ce:33:
fc:a4:2d:53:e2:36:a3:d2:b2:9b:0f:3c:fe:17:3e:
76:9e:22:63:f9:c1:3c:c4:15:c3:52:d8:c4:50:70:
38:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:E4:48:3D:EC:16:29:82:D0:E8:8D:B4:5D:0B:9B:1A:46:28:6C:E2
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/7-RIPewWKYLQ6I20XQubGkYobOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.174.0/23
89.46.99.0/24
171.22.147.0/24
185.149.15.0/24
185.235.71.0/24
Signature Algorithm: sha256WithRSAEncryption
04:4b:b0:a7:a7:1a:3c:27:a0:8f:ad:57:0a:0d:4a:4a:d2:5d:
e5:ff:e7:02:44:36:04:15:67:20:1a:44:fa:ac:e3:84:bf:fc:
7c:62:c5:4c:d3:df:4d:22:24:7b:d2:ec:22:e9:f3:ba:38:26:
9f:3e:44:94:c3:1e:cd:f9:29:9a:49:ef:7f:f9:c1:5d:bb:06:
f8:c2:1e:91:ab:cd:ca:06:72:40:66:b2:d5:60:17:4c:be:38:
f6:1e:d2:34:9c:cf:81:b9:18:10:5b:98:0f:8d:22:28:91:a0:
2f:81:f8:89:02:5a:aa:40:35:c6:6f:e9:e0:05:ad:4b:e4:c3:
79:f2:6d:cb:36:ca:01:0a:d8:b0:5f:89:25:d4:b7:4c:b9:8e:
a0:8b:14:f5:44:bb:9b:b9:52:fc:54:89:63:63:d3:31:8e:3d:
5e:b7:80:27:b4:c7:c6:48:0f:7a:40:7c:81:43:f0:fd:6a:34:
3c:ee:c2:94:bb:bc:ea:80:b1:bd:3f:90:b4:85:c4:9b:1c:61:
bb:86:64:d5:5d:a2:af:f0:ae:bc:01:5e:bf:b5:35:43:c5:f9:
00:1c:b9:42:60:26:f9:3c:f4:04:15:2b:f5:db:d7:74:7c:ea:
1c:cb:de:2c:c5:80:6b:62:c3:b3:9e:52:c4:cb:dc:d0:19:dc:
ee:2d:bc:a1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYHfAl71p6vhyFojlXXe9cB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjIwNzA4MTgxMTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmU0NDgzZGVjMTYyOTgyZDBlODhkYjQ1ZDBiOWIxYTQ2Mjg2Y2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPmbbaw3pzxOxlejhwwEMaLJ1eeG
xOkfl4owJppZprQDq5CRQb1LxfG+fXlPs07G+ex0/IcwN4KNJAXLi087IZ7WcZU3
hph8UOzehXSk0dgqhnD5OtwGXzpJiMaiWr052tl+lEgf2Thqtcj0+Y+Klu6Ssi9G
k6V+sAV0lVJbfJF+m15AVJuDYh+1nbifCkBVYsRuUeCYhCtP0If3d8UA0uVB33pS
nA7suZ/Hb9swkYL5NP5gVPUE365v8VHRM3wppdB/h7HLe0gfW3/J/EeDBKSAqnYi
j3bZkdbfZOiPzjP8pC1T4jaj0rKbDzz+Fz52niJj+cE8xBXDUtjEUHA45QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFO/kSD3sFimC0OiNtF0LmxpGKGziMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvNy1SSVBld1dLWUxRNkkyMFhRdWJHa1lvYk9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBHyuuAwQA
WS5jAwQAqxaTAwQAuZUPAwQAuetHMA0GCSqGSIb3DQEBCwUAA4IBAQAES7Cnpxo8
J6CPrVcKDUpK0l3l/+cCRDYEFWcgGkT6rOOEv/x8YsVM099NIiR70uwi6fO6OCaf
PkSUwx7N+SmaSe9/+cFduwb4wh6Rq83KBnJAZrLVYBdMvjj2HtI0nM+BuRgQW5gP
jSIokaAvgfiJAlqqQDXGb+ngBa1L5MN58m3LNsoBCtiwX4kl1LdMuY6gixT1RLub
uVL8VIljY9Mxjj1et4AntMfGSA96QHyBQ/D9ajQ87sKUu7zqgLG9P5C0hcSbHGG7
hmTVXaKv8K68AV6/tTVDxfkAHLlCYCb5PPQEFSv129d0fOocy94sxYBrYsOznlLE
y9zQGdzuLbyh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org