Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/OafGbCDdbb8GkLYWY4-1O5sehtg.roa
File: OafGbCDdbb8GkLYWY4-1O5sehtg.roa (raw, json)
Hash identifier: LgtMJGomfeuOqR3HbkFM5+H85TxxWb/AMDs45MVNRJw=
Subject key identifier: 39:A7:C6:6C:20:DD:6D:BF:06:90:B6:16:63:8F:B5:3B:9B:1E:86:D8
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0B8220EA
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/OafGbCDdbb8GkLYWY4-1O5sehtg.roa
Signing time: Fri 17 Jun 2022 11:36:44 +0000
ROA not before: Fri 17 Jun 2022 11:36:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60699
IP address blocks: 171.22.146.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 193077482 (0xb8220ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jun 17 11:36:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39a7c66c20dd6dbf0690b616638fb53b9b1e86d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:49:72:02:1c:5c:bb:34:0b:70:6c:42:b7:fd:
04:e7:04:d7:75:d5:13:47:01:75:4f:d0:79:f9:d9:
df:a2:4b:50:6d:fd:59:bc:11:e4:66:c3:6e:1e:4b:
5e:7a:3f:70:26:af:4f:95:86:ed:06:30:64:6b:20:
ba:ff:62:28:6b:f5:07:fd:a7:af:6a:ea:2b:a4:26:
ee:ca:b3:54:2a:f5:90:b8:99:20:a4:9b:1b:b0:de:
26:d5:ac:f7:ea:b8:c5:fb:36:33:ea:61:71:1d:84:
4f:73:2c:ac:87:6c:0f:c2:e3:27:cd:43:25:42:6a:
06:ba:09:59:0c:6e:79:db:67:07:12:9b:d6:e6:78:
de:6c:bf:c6:05:24:ec:5c:a9:eb:09:f7:56:d0:4e:
a8:23:b4:72:14:8d:6e:72:f6:89:7c:9a:82:03:6f:
cd:1a:d0:ca:29:97:c0:84:3c:ad:27:ab:6d:f6:24:
09:11:6a:aa:d6:18:e0:52:19:29:68:7d:c3:3a:92:
df:d7:b3:6d:c5:f5:60:07:39:a8:d1:a9:6c:05:7f:
9f:0b:5a:8c:09:b0:b2:d2:38:32:ba:ac:dc:d5:87:
0d:9c:df:aa:36:84:03:9f:5c:e3:6b:46:94:ac:98:
0b:61:3b:3a:9d:54:51:31:f4:73:eb:75:7c:73:86:
dd:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:A7:C6:6C:20:DD:6D:BF:06:90:B6:16:63:8F:B5:3B:9B:1E:86:D8
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/OafGbCDdbb8GkLYWY4-1O5sehtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.146.0/24
Signature Algorithm: sha256WithRSAEncryption
31:72:f5:8d:85:c9:7c:d8:6c:0a:73:52:a0:92:5b:9c:c8:ee:
1c:09:71:63:9e:03:79:62:86:a6:fd:92:8d:fc:06:b8:4c:c2:
80:67:2e:3d:cf:7e:28:36:25:c2:39:b3:15:98:33:d2:a5:8b:
8d:30:f8:c9:07:30:b3:9d:e1:bd:7c:e1:3f:6d:03:4e:5c:e8:
a9:e0:03:57:b9:94:63:37:1a:74:05:68:cf:05:09:b3:84:00:
e6:6f:c5:9e:78:07:b4:f7:73:b7:51:53:2a:be:0b:14:35:94:
64:b1:22:1b:de:29:fd:51:70:4b:01:45:82:60:49:b8:86:6f:
a9:54:c7:ed:a5:7c:0c:14:2f:52:0c:87:c1:70:c1:7e:8e:1d:
ee:fd:f5:0c:b7:50:29:06:67:24:91:74:44:81:1a:46:2f:49:
87:30:84:85:86:7e:ab:b8:cc:23:a1:ec:b1:34:22:ea:3b:37:
fa:91:ce:ad:53:46:0f:ce:a2:20:8e:61:ba:a8:99:77:4b:17:
64:78:75:69:dc:94:7a:0d:f5:e8:d2:d3:f1:8c:f6:4b:57:0e:
2f:2e:44:49:11:e1:89:78:1f:af:9b:ed:44:f0:2f:b4:8f:e5:
e7:90:1a:fb:9d:66:d2:82:61:de:ef:18:9a:2a:61:18:53:26:
ea:51:fb:41
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC4Ig6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDYx
NzExMzY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzlhN2M2NmMyMGRk
NmRiZjA2OTBiNjE2NjM4ZmI1M2I5YjFlODZkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOFJcgIcXLs0C3BsQrf9BOcE13XVE0cBdU/QefnZ36JLUG39
WbwR5GbDbh5LXno/cCavT5WG7QYwZGsguv9iKGv1B/2nr2rqK6Qm7sqzVCr1kLiZ
IKSbG7DeJtWs9+q4xfs2M+phcR2ET3MsrIdsD8LjJ81DJUJqBroJWQxuedtnBxKb
1uZ43my/xgUk7Fyp6wn3VtBOqCO0chSNbnL2iXyaggNvzRrQyimXwIQ8rSerbfYk
CRFqqtYY4FIZKWh9wzqS39ezbcX1YAc5qNGpbAV/nwtajAmwstI4Mrqs3NWHDZzf
qjaEA59c42tGlKyYC2E7Op1UUTH0c+t1fHOG3a0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ5p8ZsIN1tvwaQthZjj7U7mx6G2DAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L09hZkdiQ0RkYmI4R2tMWVdZNC0xTzVzZWh0Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKsWkjANBgkqhkiG9w0BAQsFAAOC
AQEAMXL1jYXJfNhsCnNSoJJbnMjuHAlxY54DeWKGpv2SjfwGuEzCgGcuPc9+KDYl
wjmzFZgz0qWLjTD4yQcws53hvXzhP20DTlzoqeADV7mUYzcadAVozwUJs4QA5m/F
nngHtPdzt1FTKr4LFDWUZLEiG94p/VFwSwFFgmBJuIZvqVTH7aV8DBQvUgyHwXDB
fo4d7v31DLdQKQZnJJF0RIEaRi9JhzCEhYZ+q7jMI6HssTQi6js3+pHOrVNGD86i
II5huqiZd0sXZHh1adyUeg316NLT8Yz2S1cOLy5ESRHhiXgfr5vtRPAvtI/l55Aa
+51m0oJh3u8YmiphGFMm6lH7QQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org