Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Ey4gOUhMrjUexHFmPZb8VMsdKfY.roa
File: Ey4gOUhMrjUexHFmPZb8VMsdKfY.roa (raw, json)
Hash identifier: UMrqJqWgpBG4romddg+M8Le1J6AtJbH0itKBzvAiVhQ=
Subject key identifier: 13:2E:20:39:48:4C:AE:35:1E:C4:71:66:3D:96:FC:54:CB:1D:29:F6
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0A1C043A
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Ey4gOUhMrjUexHFmPZb8VMsdKfY.roa
Signing time: Wed 16 Feb 2022 12:10:45 +0000
ROA not before: Wed 16 Feb 2022 12:10:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19437
IP address blocks: 171.22.146.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169608250 (0xa1c043a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Feb 16 12:10:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=132e2039484cae351ec471663d96fc54cb1d29f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:cf:dd:fc:1e:49:b2:07:bc:60:10:ac:0d:d5:
46:fd:d4:f4:2f:cd:84:81:a6:bb:cf:32:d6:49:cc:
d6:45:a6:82:06:d6:94:87:60:6e:2e:8c:c6:b3:21:
af:9e:c8:03:d5:99:e7:81:22:f4:34:4b:3d:ef:e6:
bc:00:82:ee:6b:42:48:91:e2:e8:10:d1:83:f2:d8:
b0:18:5b:ed:c4:df:23:3d:da:19:f1:02:0b:bf:49:
aa:c5:e8:46:c3:ad:09:19:99:6e:c9:5f:75:f6:6f:
7b:50:46:85:07:35:07:83:c2:c0:c0:86:f8:37:13:
66:2f:3f:d4:6e:ae:4e:f2:b3:8c:75:99:b3:ad:97:
50:0a:4e:62:2d:6a:3c:4d:36:15:a7:cb:28:16:53:
dd:62:b9:20:c7:3b:0d:8f:36:78:0b:b8:cc:21:72:
51:71:c0:2a:0a:79:bb:09:ae:2d:02:cd:b8:50:b2:
52:3c:09:a6:b6:09:5c:b3:a4:64:a2:54:69:2a:dd:
bd:1b:d3:ef:a8:c7:56:5f:c4:50:76:6c:88:ea:1d:
95:ff:a1:de:c0:a3:e6:ed:47:ab:30:0e:3e:91:4d:
8f:86:35:a2:31:2f:b2:4c:4f:07:63:fe:b0:0c:b6:
12:90:9f:3b:36:3e:6a:bd:82:c7:c3:cc:4f:85:85:
56:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:2E:20:39:48:4C:AE:35:1E:C4:71:66:3D:96:FC:54:CB:1D:29:F6
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Ey4gOUhMrjUexHFmPZb8VMsdKfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.146.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:c5:0e:43:39:a9:1c:e3:64:eb:26:5f:85:0c:ff:96:e2:39:
4b:56:f5:00:68:6f:dc:a8:61:94:3d:b7:4b:ba:6b:ae:bb:35:
7d:ab:cc:39:13:a5:ac:cd:24:10:bb:33:e4:80:e8:5f:8e:a8:
69:a5:e6:8d:c2:ab:39:6b:af:92:b9:e2:15:23:3f:81:4a:8e:
70:5a:39:6c:30:e3:df:43:79:6f:fb:ac:04:cb:d3:11:4b:66:
8d:33:28:81:7e:37:2e:c7:3c:20:11:d5:0d:6d:17:6a:d6:9f:
b5:51:87:48:33:3f:b3:5e:2f:bd:89:cf:c1:ca:09:a2:93:82:
74:41:a2:a7:52:91:88:0f:23:e8:13:29:a2:87:e1:03:29:76:
ec:b2:6d:8a:63:21:22:04:3c:eb:f2:ca:c1:f2:e8:53:5b:51:
c0:eb:fd:af:d7:32:e8:a3:33:28:ff:88:97:2d:b5:c1:08:8f:
bc:c2:99:96:54:17:48:0a:88:c0:cd:06:52:23:67:2f:88:aa:
6b:f8:2c:31:79:be:e8:3d:e3:9d:e4:d9:08:96:ba:6d:cf:8d:
a0:fe:a1:39:fa:1b:28:89:a9:d8:0c:f0:c6:0b:a3:30:67:d3:
85:46:2a:7a:c9:3f:e7:48:4c:63:73:ae:94:ea:cc:50:d7:3c:
f8:0a:d0:d0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEChwEOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDIx
NjEyMTA0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTMyZTIwMzk0ODRj
YWUzNTFlYzQ3MTY2M2Q5NmZjNTRjYjFkMjlmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzP3fweSbIHvGAQrA3VRv3U9C/NhIGmu88y1knM1kWmggbW
lIdgbi6MxrMhr57IA9WZ54Ei9DRLPe/mvACC7mtCSJHi6BDRg/LYsBhb7cTfIz3a
GfECC79JqsXoRsOtCRmZbslfdfZve1BGhQc1B4PCwMCG+DcTZi8/1G6uTvKzjHWZ
s62XUApOYi1qPE02FafLKBZT3WK5IMc7DY82eAu4zCFyUXHAKgp5uwmuLQLNuFCy
UjwJprYJXLOkZKJUaSrdvRvT76jHVl/EUHZsiOodlf+h3sCj5u1HqzAOPpFNj4Y1
ojEvskxPB2P+sAy2EpCfOzY+ar2Cx8PMT4WFVnECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQTLiA5SEyuNR7EcWY9lvxUyx0p9jAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L0V5NGdPVWhNcmpVZXhIRm1QWmI4Vk1zZEtmWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKsWkjANBgkqhkiG9w0BAQsFAAOC
AQEAisUOQzmpHONk6yZfhQz/luI5S1b1AGhv3KhhlD23S7prrrs1favMOROlrM0k
ELsz5IDoX46oaaXmjcKrOWuvkrniFSM/gUqOcFo5bDDj30N5b/usBMvTEUtmjTMo
gX43Lsc8IBHVDW0XataftVGHSDM/s14vvYnPwcoJopOCdEGip1KRiA8j6BMpoofh
Ayl27LJtimMhIgQ86/LKwfLoU1tRwOv9r9cy6KMzKP+Ily21wQiPvMKZllQXSAqI
wM0GUiNnL4iqa/gsMXm+6D3jneTZCJa6bc+NoP6hOfobKImp2AzwxgujMGfThUYq
esk/50hMY3OulOrMUNc8+ArQ0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org