Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Ha46cc2o2PlqP-DIGcGhoMjlxHc.roa
File: Ha46cc2o2PlqP-DIGcGhoMjlxHc.roa (raw, json)
Hash identifier: hMukx47OITazdh4JfavF7EMKmaW4+FjWqsE/gv5tpsA=
Subject key identifier: 1D:AE:3A:71:CD:A8:D8:F9:6A:3F:E0:C8:19:C1:A1:A0:C8:E5:C4:77
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0B83AF4B
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Ha46cc2o2PlqP-DIGcGhoMjlxHc.roa
Signing time: Fri 17 Jun 2022 11:59:44 +0000
ROA not before: Fri 17 Jun 2022 11:59:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 171.22.147.0/24 maxlen: 24
31.43.174.0/23 maxlen: 24
185.235.71.0/24 maxlen: 24
185.149.15.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 193179467 (0xb83af4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jun 17 11:59:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1dae3a71cda8d8f96a3fe0c819c1a1a0c8e5c477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e0:d8:23:44:56:0e:a3:60:c2:7e:21:bb:c8:
d3:07:0f:07:d1:cf:12:11:fc:4f:60:55:81:50:0b:
3a:cb:2c:64:ab:db:d6:15:7b:ad:ce:f2:38:74:c7:
74:bd:6d:74:16:61:05:e9:3b:51:c4:14:40:14:de:
70:e9:e9:12:72:02:04:2a:89:73:bc:c5:56:3f:0a:
d4:b9:a9:77:0b:c9:79:39:b2:ea:0f:1a:23:93:1e:
41:5b:5c:c2:db:82:df:d7:17:e6:36:79:29:2c:b1:
e0:3c:29:96:27:13:b4:02:6b:ef:6f:10:d1:ce:15:
d7:b3:59:3c:45:fb:ea:a9:da:7d:7b:ad:e4:76:17:
08:e0:fe:76:e0:d4:71:f0:98:0c:4f:72:14:ca:50:
98:ba:e4:2e:0a:e7:ae:29:e4:4a:ec:a0:5c:15:c1:
ce:a1:fb:f0:ef:3d:54:b5:df:8d:d9:cb:94:f1:a5:
ea:c8:e5:8f:4b:07:75:98:8f:2d:07:be:f4:e9:c9:
0e:0b:f7:c9:0d:9d:33:05:9c:67:72:0a:e7:73:b0:
68:87:8d:fb:b9:ef:27:f9:51:37:93:7b:79:ae:03:
26:92:ee:58:64:98:34:74:36:8b:68:69:6b:86:e0:
fb:79:5d:e1:a5:4c:c4:19:09:b3:99:02:72:c5:d0:
94:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AE:3A:71:CD:A8:D8:F9:6A:3F:E0:C8:19:C1:A1:A0:C8:E5:C4:77
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/Ha46cc2o2PlqP-DIGcGhoMjlxHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.174.0/23
171.22.147.0/24
185.149.15.0/24
185.235.71.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:bf:39:0d:f8:61:fc:2b:a1:24:f9:16:a0:61:f4:dc:cb:ad:
00:40:70:3e:e4:db:6b:f9:9f:df:90:30:77:bc:42:aa:60:ef:
6d:ae:24:8f:8b:c3:a7:9b:4a:5d:05:04:8f:ed:84:60:1b:72:
18:9f:99:1b:b7:18:26:1e:e5:ef:c2:f3:2e:c1:35:66:ee:25:
0a:30:58:eb:38:90:f4:25:a5:cd:5a:20:8b:ee:ec:44:08:3f:
84:81:b6:2d:3c:c8:04:2b:5a:f5:a6:71:92:f5:23:1a:be:a9:
9c:93:e0:fe:f2:45:f5:6d:77:cf:0e:ed:9b:52:05:02:39:c3:
37:53:21:b2:69:c4:12:2b:c8:04:77:42:53:22:40:bc:88:71:
d9:07:56:a4:7c:a6:02:1b:0e:7b:53:dd:34:db:e4:fc:47:79:
7c:99:34:8d:51:56:54:36:c6:82:44:23:f1:98:c1:7f:76:27:
29:17:ba:a4:c4:c5:a4:70:1a:92:2f:4e:18:1f:51:9b:0f:9e:
81:eb:9a:e7:68:ab:d7:74:6f:1a:4d:a6:30:ec:5a:c8:d9:31:
0c:cc:f6:4b:3a:f3:2e:e6:bc:4b:b5:b7:9d:d9:64:c1:9e:18:
a5:d6:b0:58:53:0b:25:91:db:21:99:a9:f8:a3:78:5f:4e:dc:
93:76:93:85
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEC4OvSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDYx
NzExNTk0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRhZTNhNzFjZGE4
ZDhmOTZhM2ZlMGM4MTljMWExYTBjOGU1YzQ3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjg2CNEVg6jYMJ+IbvI0wcPB9HPEhH8T2BVgVALOsssZKvb
1hV7rc7yOHTHdL1tdBZhBek7UcQUQBTecOnpEnICBCqJc7zFVj8K1LmpdwvJeTmy
6g8aI5MeQVtcwtuC39cX5jZ5KSyx4DwplicTtAJr728Q0c4V17NZPEX76qnafXut
5HYXCOD+duDUcfCYDE9yFMpQmLrkLgrnrinkSuygXBXBzqH78O89VLXfjdnLlPGl
6sjlj0sHdZiPLQe+9OnJDgv3yQ2dMwWcZ3IK53OwaIeN+7nvJ/lRN5N7ea4DJpLu
WGSYNHQ2i2hpa4bg+3ld4aVMxBkJs5kCcsXQlNcCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQdrjpxzajY+Wo/4MgZwaGgyOXEdzAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L0hhNDZjYzJvMlBscVAtRElHY0dob01qbHhIYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAR8rrgMEAKsWkwMEALmVDwMEALnr
RzANBgkqhkiG9w0BAQsFAAOCAQEAfL85Dfhh/CuhJPkWoGH03MutAEBwPuTba/mf
35Awd7xCqmDvba4kj4vDp5tKXQUEj+2EYBtyGJ+ZG7cYJh7l78LzLsE1Zu4lCjBY
6ziQ9CWlzVogi+7sRAg/hIG2LTzIBCta9aZxkvUjGr6pnJPg/vJF9W13zw7tm1IF
AjnDN1MhsmnEEivIBHdCUyJAvIhx2QdWpHymAhsOe1PdNNvk/Ed5fJk0jVFWVDbG
gkQj8ZjBf3YnKRe6pMTFpHAaki9OGB9Rmw+egeua52ir13RvGk2mMOxayNkxDMz2
SzrzLua8S7W3ndlkwZ4YpdawWFMLJZHbIZmp+KN4X07ck3aThQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org