Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/AMNZdnLXo2Z8S0nVDWo-ZC3aBMw.roa
File: AMNZdnLXo2Z8S0nVDWo-ZC3aBMw.roa (raw, json)
Hash identifier: legNxQNkZj8/BGLj2SF4OHL//PHXHoJ064D4Zw6Fa5c=
Subject key identifier: 00:C3:59:76:72:D7:A3:66:7C:4B:49:D5:0D:6A:3E:64:2D:DA:04:CC
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 018572B4229190099A81DFA4E6F41D6E953A
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/AMNZdnLXo2Z8S0nVDWo-ZC3aBMw.roa
Signing time: Mon 02 Jan 2023 13:38:06 +0000
ROA not before: Mon 02 Jan 2023 13:38:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60781
IP address blocks: 31.43.174.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:22:91:90:09:9a:81:df:a4:e6:f4:1d:6e:95:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 2 13:38:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00c3597672d7a3667c4b49d50d6a3e642dda04cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:8a:35:72:06:27:99:58:91:4e:3c:6c:86:3a:
db:1c:9d:75:91:73:fc:99:5a:15:3a:9d:7f:92:3f:
69:89:22:2f:b6:da:e3:88:0a:96:34:57:9b:79:aa:
1a:e3:e7:f7:58:dc:20:66:fa:5c:bc:75:c2:f1:87:
fb:3f:1e:17:ea:bf:b1:dc:00:ff:c2:66:61:c9:05:
71:57:e1:e3:42:7b:0e:54:30:4f:5b:bc:3b:78:84:
91:3f:52:6d:1c:6c:a6:61:ad:cd:8d:ee:b1:35:d6:
9f:d5:03:ac:33:15:9e:c8:a2:59:4a:03:eb:ca:61:
72:a5:e1:b1:14:d7:cb:02:f2:aa:e6:64:f1:9c:cb:
7a:b1:e1:7b:c7:70:d1:4d:f1:db:fd:f5:8f:3e:2b:
b9:6f:2e:56:9d:1a:d2:ed:b9:84:5e:0d:45:48:c3:
3a:4a:e0:c6:90:b5:e0:b4:bd:9f:d4:22:d9:67:b9:
73:32:23:1a:da:5b:00:b8:1b:c8:29:3f:00:b5:0e:
94:18:3a:e2:1f:92:88:1a:70:2d:4b:d5:a0:4c:bf:
42:e2:ee:60:16:86:cd:1d:3d:20:e0:8a:9d:05:6a:
4d:2a:cc:9f:f9:3c:04:2a:cb:a5:f0:54:59:75:c7:
bc:3c:75:8e:a9:6c:ce:e0:1a:bd:b2:0f:b0:76:f4:
9f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C3:59:76:72:D7:A3:66:7C:4B:49:D5:0D:6A:3E:64:2D:DA:04:CC
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/AMNZdnLXo2Z8S0nVDWo-ZC3aBMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.174.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:01:91:40:f5:fc:a3:63:c5:05:0a:08:0d:5f:60:45:9f:54:
3b:89:04:55:ea:30:13:dd:9f:d9:90:cf:f4:8c:57:41:18:40:
e8:51:3c:10:9d:3e:49:b4:3a:1a:4b:b7:ed:3f:81:86:9c:d3:
a0:e9:94:0a:54:35:ad:89:39:26:2e:21:06:29:f9:42:ec:01:
55:ee:75:87:30:2b:c0:a7:27:89:a8:74:aa:b1:9f:72:ad:4d:
96:88:7d:b0:41:77:73:97:18:fa:dc:5a:3a:83:8c:c8:9b:55:
a8:01:29:54:fd:46:28:6e:66:14:74:e1:3b:5e:2e:27:0d:27:
d3:76:6d:21:fe:b6:5e:b3:36:70:13:92:72:36:5f:0e:21:bb:
af:24:69:83:3b:17:74:66:62:fd:7f:52:6e:f7:3a:06:74:2b:
de:b1:01:b4:38:b2:4e:8f:b1:80:62:1a:2f:ee:d8:49:3f:31:
28:fb:aa:ee:cc:79:28:e4:19:48:b4:13:2e:c6:97:39:d8:72:
6f:27:8a:75:34:fd:4b:64:e4:55:eb:64:e8:6f:d9:1e:70:44:
fe:57:66:5c:da:64:44:b6:6d:cf:d5:70:bb:e8:2c:81:56:fc:
62:60:ba:91:ac:c8:79:bb:a7:d0:45:7b:77:52:f0:42:37:94:
b3:b2:28:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytCKRkAmagd+k5vQdbpU6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwMTAyMTMzODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGMzNTk3NjcyZDdhMzY2N2M0YjQ5ZDUwZDZhM2U2NDJkZGEwNGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64o1cgYnmViRTjxshjrbHJ11kXP8
mVoVOp1/kj9piSIvttrjiAqWNFebeaoa4+f3WNwgZvpcvHXC8Yf7Px4X6r+x3AD/
wmZhyQVxV+HjQnsOVDBPW7w7eISRP1JtHGymYa3Nje6xNdaf1QOsMxWeyKJZSgPr
ymFypeGxFNfLAvKq5mTxnMt6seF7x3DRTfHb/fWPPiu5by5WnRrS7bmEXg1FSMM6
SuDGkLXgtL2f1CLZZ7lzMiMa2lsAuBvIKT8AtQ6UGDriH5KIGnAtS9WgTL9C4u5g
FobNHT0g4IqdBWpNKsyf+TwEKsul8FRZdce8PHWOqWzO4Bq9sg+wdvSfGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFADDWXZy16NmfEtJ1Q1qPmQt2gTMMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvQU1OWmRuTFhvMlo4UzBuVkRXby1aQzNhQk13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyuuMA0G
CSqGSIb3DQEBCwUAA4IBAQAeAZFA9fyjY8UFCggNX2BFn1Q7iQRV6jAT3Z/ZkM/0
jFdBGEDoUTwQnT5JtDoaS7ftP4GGnNOg6ZQKVDWtiTkmLiEGKflC7AFV7nWHMCvA
pyeJqHSqsZ9yrU2WiH2wQXdzlxj63Fo6g4zIm1WoASlU/UYobmYUdOE7Xi4nDSfT
dm0h/rZeszZwE5JyNl8OIbuvJGmDOxd0ZmL9f1Ju9zoGdCvesQG0OLJOj7GAYhov
7thJPzEo+6ruzHko5BlItBMuxpc52HJvJ4p1NP1LZORV62Tob9kecET+V2Zc2mRE
tm3P1XC76CyBVvxiYLqRrMh5u6fQRXt3UvBCN5SzsiiI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org