Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/L3qHO9_sImkW2WiOK-xB9PpEsNM.roa
File: L3qHO9_sImkW2WiOK-xB9PpEsNM.roa (raw, json)
Hash identifier: TDSYcmdtDaiChMHJdXDX8XwrMWF5MasQypxzUQJ+Xb4=
Subject key identifier: 2F:7A:87:3B:DF:EC:22:69:16:D9:68:8E:2B:EC:41:F4:FA:44:B0:D3
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 09A66960
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/L3qHO9_sImkW2WiOK-xB9PpEsNM.roa
Signing time: Sat 01 Jan 2022 09:56:51 +0000
ROA not before: Sat 01 Jan 2022 09:56:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 177.222.64.0/19 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161900896 (0x9a66960)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 1 09:56:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f7a873bdfec226916d9688e2bec41f4fa44b0d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ed:09:87:5d:98:06:e1:86:23:4f:9c:15:e7:
28:aa:ec:44:f5:dd:15:f1:9d:29:0f:08:3b:c8:09:
94:bc:3b:54:30:31:6b:af:6b:cc:62:3b:7c:b8:50:
71:d4:38:4a:c2:06:cc:f2:44:87:3c:ce:5a:6f:79:
13:21:61:e6:04:e2:63:b8:a7:c9:4b:16:aa:94:17:
7a:3a:e8:9b:4d:69:cc:db:56:c0:48:4c:f6:53:8b:
a6:80:d6:bb:f8:d9:f6:d6:6b:6a:ca:8f:5b:2f:27:
e5:39:14:a0:27:42:4d:1d:19:7f:16:90:0d:9d:c8:
9a:6f:0e:9b:4b:cf:cd:f5:db:55:d2:4e:23:28:09:
3b:8f:d4:65:95:19:e8:42:96:3d:7e:dd:b6:c0:18:
54:b5:57:f1:a3:31:b4:16:ab:c9:65:e3:6b:42:7f:
e3:52:fc:bc:66:ca:49:5f:6b:61:50:d8:7c:d3:da:
e2:ce:ff:4d:d5:b1:13:19:43:8d:1e:78:2c:26:24:
1a:40:b1:b0:16:6b:9b:b4:bb:18:96:56:8a:e4:70:
8d:d6:e7:76:ae:b9:4f:8f:50:7a:be:dc:54:18:57:
a5:f0:3f:d4:3d:cd:8f:72:09:f0:b7:d3:82:54:f5:
32:e6:e4:40:83:19:fa:cd:67:33:8b:36:0b:27:bb:
9f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:7A:87:3B:DF:EC:22:69:16:D9:68:8E:2B:EC:41:F4:FA:44:B0:D3
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/L3qHO9_sImkW2WiOK-xB9PpEsNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
177.222.64.0/19
Signature Algorithm: sha256WithRSAEncryption
21:34:b5:65:67:de:1c:cb:32:4a:59:38:d1:93:0f:dc:f3:8d:
a4:6c:1f:28:69:11:61:36:f7:d4:fe:96:e5:14:50:b9:44:5b:
e8:bf:90:b0:80:e2:73:b8:53:28:30:30:31:15:15:48:27:49:
e7:62:25:9f:d2:13:0e:3d:84:00:fa:02:8e:82:22:40:d3:73:
e1:4a:61:aa:af:af:d9:b4:3f:4a:cb:dc:6c:2e:fd:16:79:d9:
33:46:20:d6:77:9c:62:02:42:a5:18:dd:13:90:55:cf:46:b4:
75:e7:cd:51:10:f9:23:74:c4:28:90:18:13:d4:53:70:50:f4:
59:a1:9c:29:3d:11:d8:fb:f0:ea:d1:0d:ef:04:40:c4:54:78:
22:3b:6c:58:85:b0:55:99:a7:ce:cc:2d:5c:31:91:86:7f:6d:
29:e6:98:60:ba:0a:24:91:f5:ce:3d:c0:f6:81:45:7a:09:49:
28:36:21:30:04:2d:7e:de:85:89:99:50:7f:92:ea:88:06:03:
b6:bb:c7:24:8f:7b:a8:21:89:f6:9d:bc:8e:0c:c6:d1:fa:30:
d4:9d:81:ea:a1:69:69:ab:79:04:24:8b:4a:56:fd:94:ad:40:
7b:a3:47:22:c7:5b:d9:fe:99:4f:db:5f:76:51:ce:79:69:29:
88:51:de:94
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECaZpYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDEw
MTA5NTY1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmY3YTg3M2JkZmVj
MjI2OTE2ZDk2ODhlMmJlYzQxZjRmYTQ0YjBkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALntCYddmAbhhiNPnBXnKKrsRPXdFfGdKQ8IO8gJlLw7VDAx
a69rzGI7fLhQcdQ4SsIGzPJEhzzOWm95EyFh5gTiY7inyUsWqpQXejrom01pzNtW
wEhM9lOLpoDWu/jZ9tZrasqPWy8n5TkUoCdCTR0ZfxaQDZ3Imm8Om0vPzfXbVdJO
IygJO4/UZZUZ6EKWPX7dtsAYVLVX8aMxtBaryWXja0J/41L8vGbKSV9rYVDYfNPa
4s7/TdWxExlDjR54LCYkGkCxsBZrm7S7GJZWiuRwjdbndq65T49Qer7cVBhXpfA/
1D3Nj3IJ8LfTglT1MubkQIMZ+s1nM4s2Cye7n4ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQveoc73+wiaRbZaI4r7EH0+kSw0zAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L0wzcUhPOV9zSW1rVzJXaU9LLXhCOVBwRXNOTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbHeQDANBgkqhkiG9w0BAQsFAAOC
AQEAITS1ZWfeHMsySlk40ZMP3PONpGwfKGkRYTb31P6W5RRQuURb6L+QsIDic7hT
KDAwMRUVSCdJ52Iln9ITDj2EAPoCjoIiQNNz4Uphqq+v2bQ/SsvcbC79FnnZM0Yg
1necYgJCpRjdE5BVz0a0defNURD5I3TEKJAYE9RTcFD0WaGcKT0R2Pvw6tEN7wRA
xFR4IjtsWIWwVZmnzswtXDGRhn9tKeaYYLoKJJH1zj3A9oFFeglJKDYhMAQtft6F
iZlQf5LqiAYDtrvHJI97qCGJ9p28jgzG0fow1J2B6qFpaat5BCSLSlb9lK1Ae6NH
Isdb2f6ZT9tfdlHOeWkpiFHelA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org