Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Es731xF2xzOGoDRvO1IMsj5kEMs.roa
File: Es731xF2xzOGoDRvO1IMsj5kEMs.roa (raw, json)
Hash identifier: /xn1D6hgX5XPTv8phqJ91yp8i7RaKOh+Wdmwp0U2Ujg=
Subject key identifier: 12:CE:F7:D7:11:76:C7:33:86:A0:34:6F:3B:52:0C:B2:3E:64:10:CB
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0A16FAD5
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Es731xF2xzOGoDRvO1IMsj5kEMs.roa
Signing time: Tue 15 Feb 2022 09:59:42 +0000
ROA not before: Tue 15 Feb 2022 09:59:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 91.222.43.0/24 maxlen: 24
171.22.147.0/24 maxlen: 24
171.22.146.0/24 maxlen: 24
31.43.174.0/23 maxlen: 24
185.235.71.0/24 maxlen: 24
185.149.15.0/24 maxlen: 24
185.149.14.0/24 maxlen: 24
185.149.12.0/24 maxlen: 24
89.46.96.0/22 maxlen: 24
89.46.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169278165 (0xa16fad5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Feb 15 09:59:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=12cef7d71176c73386a0346f3b520cb23e6410cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:44:0b:91:37:81:25:ec:03:00:39:75:3a:74:
dd:9d:19:69:78:2a:a5:9c:4a:a4:21:55:57:28:38:
ad:86:69:64:6c:c4:ea:24:a6:c7:02:b2:f4:30:bc:
d8:fd:05:8f:1b:ab:ee:77:e0:2d:12:3a:55:4f:03:
20:47:94:7d:8c:84:6b:00:4b:e5:a7:20:5a:7f:c9:
26:30:c7:0b:d9:3a:5e:97:d3:8b:f6:76:40:fc:da:
ab:1e:d2:31:af:c4:c2:72:2d:54:d9:ed:9e:2d:a6:
24:fe:1d:dd:42:a2:0e:6f:38:57:38:10:93:05:4a:
92:06:c7:16:f5:82:b7:da:88:81:ce:4f:35:23:49:
ff:1d:24:47:c6:09:7e:50:ab:ad:06:d3:1b:15:8e:
e9:3b:9b:73:97:d8:86:b5:cf:2c:ae:8e:b9:d2:2e:
42:cd:db:18:4a:95:8b:4a:2c:f9:8e:38:83:13:7d:
24:cf:60:ed:fe:e5:75:92:a2:01:9a:9f:e9:37:85:
cb:2a:56:6e:b7:74:c7:3c:89:20:58:7f:09:3f:f7:
cf:b5:26:fd:54:37:c4:56:63:8d:8c:58:6a:c2:64:
b5:85:29:df:01:e8:c2:e6:94:ae:c9:c3:b2:a4:7c:
de:90:92:c3:44:5e:93:93:23:f9:c4:98:6f:94:94:
bf:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:CE:F7:D7:11:76:C7:33:86:A0:34:6F:3B:52:0C:B2:3E:64:10:CB
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Es731xF2xzOGoDRvO1IMsj5kEMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.174.0/23
89.46.96.0/22
91.222.43.0/24
171.22.146.0/23
185.149.12.0/24
185.149.14.0/23
185.235.71.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:93:e2:26:49:2a:57:45:8a:b3:fb:5c:2d:d8:91:14:67:b0:
0a:8d:b7:c6:23:e4:96:44:1f:cd:ee:51:bc:86:69:62:09:aa:
75:7b:61:34:3d:87:08:64:ad:c0:8b:6a:86:cc:c4:89:cc:c1:
5d:7a:02:00:22:51:dc:de:f1:b0:35:f0:45:19:9f:a4:ed:3f:
a0:e5:9a:83:72:f6:ae:70:32:4e:0a:c1:d8:dd:db:e3:4b:b5:
c0:4c:fa:6d:49:4b:03:72:18:ef:08:b3:53:af:6c:9e:1a:f5:
c7:13:0e:88:b5:0b:33:7f:19:aa:3c:ae:e1:8b:77:c4:f4:7b:
f6:88:f9:ba:45:f2:e8:60:03:4a:e0:47:e0:22:c2:32:ab:d6:
a3:0c:e8:e3:9e:cc:f0:16:b8:cc:2f:7e:41:1c:55:ad:e3:b9:
ab:90:52:b9:42:7f:14:da:55:88:df:47:e8:bc:8e:8b:0c:b5:
1d:bd:2c:ac:ef:26:51:64:7c:01:85:b5:34:70:92:67:30:63:
9d:5a:69:2d:88:ba:66:ac:14:eb:61:42:c1:90:c0:7c:3d:2a:
1f:c5:cb:d4:5e:75:ab:86:ef:a6:17:6f:eb:f7:6a:08:68:4c:
d5:02:33:75:29:64:7d:9f:51:1e:e4:f8:4a:33:eb:02:2c:a7:
44:a4:e6:f2
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEChb61TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDIx
NTA5NTk0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTJjZWY3ZDcxMTc2
YzczMzg2YTAzNDZmM2I1MjBjYjIzZTY0MTBjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJEC5E3gSXsAwA5dTp03Z0ZaXgqpZxKpCFVVyg4rYZpZGzE
6iSmxwKy9DC82P0Fjxur7nfgLRI6VU8DIEeUfYyEawBL5acgWn/JJjDHC9k6XpfT
i/Z2QPzaqx7SMa/EwnItVNntni2mJP4d3UKiDm84VzgQkwVKkgbHFvWCt9qIgc5P
NSNJ/x0kR8YJflCrrQbTGxWO6Tubc5fYhrXPLK6OudIuQs3bGEqVi0os+Y44gxN9
JM9g7f7ldZKiAZqf6TeFyypWbrd0xzyJIFh/CT/3z7Um/VQ3xFZjjYxYasJktYUp
3wHowuaUrsnDsqR83pCSw0Rek5Mj+cSYb5SUv+sCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBQSzvfXEXbHM4agNG87UgyyPmQQyzAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L0VzNzMxeEYyeHpPR29EUnZPMUlNc2o1a0VNcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAR8rrgMEAlkuYAMEAFveKwMEAasW
kgMEALmVDAMEAbmVDgMEALnrRzANBgkqhkiG9w0BAQsFAAOCAQEADpPiJkkqV0WK
s/tcLdiRFGewCo23xiPklkQfze5RvIZpYgmqdXthND2HCGStwItqhszEiczBXXoC
ACJR3N7xsDXwRRmfpO0/oOWag3L2rnAyTgrB2N3b40u1wEz6bUlLA3IY7wizU69s
nhr1xxMOiLULM38Zqjyu4Yt3xPR79oj5ukXy6GADSuBH4CLCMqvWowzo457M8Ba4
zC9+QRxVreO5q5BSuUJ/FNpViN9H6LyOiwy1Hb0srO8mUWR8AYW1NHCSZzBjnVpp
LYi6ZqwU62FCwZDAfD0qH8XL1F51q4bvphdv6/dqCGhM1QIzdSlkfZ9RHuT4SjPr
AiynRKTm8g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:42 2023 by rpki-client on console-ams.rpki-client.org