Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/TWbaCDxmwbM530W6UV-EYVzgH5M.roa
File: TWbaCDxmwbM530W6UV-EYVzgH5M.roa (raw, json)
Hash identifier: WyYTS4piVbttOUDqGN5KedFRa1T3EYc/WPHB4SBgb8Y=
Subject key identifier: 4D:66:DA:08:3C:66:C1:B3:39:DF:45:BA:51:5F:84:61:5C:E0:1F:93
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 018590BE67C5CCF13483191FD16FC5244557
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/TWbaCDxmwbM530W6UV-EYVzgH5M.roa
Signing time: Sun 08 Jan 2023 09:37:55 +0000
ROA not before: Sun 08 Jan 2023 09:37:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 171.22.146.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:90:be:67:c5:cc:f1:34:83:19:1f:d1:6f:c5:24:45:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 8 09:37:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d66da083c66c1b339df45ba515f84615ce01f93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fa:43:c9:63:bd:c1:14:cb:6c:76:20:23:40:
e5:5d:57:f1:8a:b7:61:57:11:d1:fa:ed:cd:61:20:
fa:6c:63:e3:8c:6d:82:ac:49:03:77:9d:41:43:55:
69:ed:29:dc:09:e8:44:53:b8:bf:fa:1d:55:45:76:
bd:41:e0:6a:64:6e:bf:fb:cf:8e:c4:1b:3e:44:30:
7a:29:d8:97:99:d7:e2:02:d2:73:83:c3:d0:6b:77:
92:42:57:c4:44:0d:ae:45:f8:cf:c3:66:2f:e5:53:
71:2d:a3:6c:7b:53:38:bc:48:f1:e6:0e:d0:1c:2f:
80:a2:f0:a4:9e:61:fe:b8:0d:11:67:c8:ef:4d:e1:
00:60:e8:f0:3f:0a:3a:b8:f6:8c:ce:ef:fb:08:99:
09:0b:9f:56:56:18:59:ee:77:e6:55:71:7b:be:82:
67:f0:82:b1:38:f4:03:b4:e1:4c:d9:31:f9:3a:f1:
b6:a2:45:85:2a:46:c0:58:6a:60:7d:82:95:9b:9e:
68:24:bb:c6:05:6c:8d:13:0c:e2:11:d5:b7:82:fb:
9f:14:7d:9d:7a:61:3e:8c:3d:54:e0:4b:58:a9:57:
88:ba:e0:f6:cd:55:15:3b:27:b9:a6:44:7c:93:36:
d5:16:e0:aa:64:47:a3:0c:72:52:c6:43:73:50:f5:
17:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:66:DA:08:3C:66:C1:B3:39:DF:45:BA:51:5F:84:61:5C:E0:1F:93
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/TWbaCDxmwbM530W6UV-EYVzgH5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.146.0/24
Signature Algorithm: sha256WithRSAEncryption
34:d8:56:09:47:45:71:1e:37:80:a1:8a:4a:c2:ec:38:96:8e:
2b:23:62:c3:08:81:c7:95:ce:3e:ed:7e:12:5d:20:bd:3f:84:
ee:fe:07:6c:c4:1e:b3:9c:76:e6:ae:7f:bb:ea:ae:5c:fa:c2:
24:db:c3:8f:0d:40:a8:d4:d0:db:2c:1f:ee:cc:ca:be:e7:43:
4f:85:4a:8d:ea:be:75:eb:d3:19:78:a2:e6:8d:e6:18:9d:47:
50:00:c8:23:5b:b4:bc:46:0c:19:73:65:46:03:3e:4d:ee:e4:
31:ce:d0:9f:ef:10:e0:48:5f:41:b8:90:92:70:36:6a:c0:c1:
41:c2:96:c1:04:36:a3:3d:cc:25:05:e9:59:d6:7b:08:e8:8b:
b1:11:01:0c:ed:d7:a1:fc:5a:39:fe:99:94:f4:03:76:bf:6c:
cb:10:e6:ec:c2:fa:f2:0a:25:05:10:7d:59:95:65:0b:1e:1b:
85:18:6f:86:70:6a:ab:f6:5f:23:65:8a:2c:01:9c:4d:26:f2:
f3:1b:51:c0:2f:08:59:08:56:36:51:f9:37:e0:c5:8f:69:aa:
7b:06:63:f1:c7:9d:30:b9:6a:fd:fd:1e:81:d9:01:2b:e2:69:
cd:3e:7c:4b:06:71:56:8a:b4:ed:2d:7e:97:64:7a:6d:16:b6:
90:79:a0:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWQvmfFzPE0gxkf0W/FJEVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwMTA4MDkzNzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDY2ZGEwODNjNjZjMWIzMzlkZjQ1YmE1MTVmODQ2MTVjZTAxZjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/pDyWO9wRTLbHYgI0DlXVfxirdh
VxHR+u3NYSD6bGPjjG2CrEkDd51BQ1Vp7SncCehEU7i/+h1VRXa9QeBqZG6/+8+O
xBs+RDB6KdiXmdfiAtJzg8PQa3eSQlfERA2uRfjPw2Yv5VNxLaNse1M4vEjx5g7Q
HC+AovCknmH+uA0RZ8jvTeEAYOjwPwo6uPaMzu/7CJkJC59WVhhZ7nfmVXF7voJn
8IKxOPQDtOFM2TH5OvG2okWFKkbAWGpgfYKVm55oJLvGBWyNEwziEdW3gvufFH2d
emE+jD1U4EtYqVeIuuD2zVUVOye5pkR8kzbVFuCqZEejDHJSxkNzUPUXcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1m2gg8ZsGzOd9FulFfhGFc4B+TMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvVFdiYUNEeG13Yk01MzBXNlVWLUVZVnpnSDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqxaSMA0G
CSqGSIb3DQEBCwUAA4IBAQA02FYJR0VxHjeAoYpKwuw4lo4rI2LDCIHHlc4+7X4S
XSC9P4Tu/gdsxB6znHbmrn+76q5c+sIk28OPDUCo1NDbLB/uzMq+50NPhUqN6r51
69MZeKLmjeYYnUdQAMgjW7S8RgwZc2VGAz5N7uQxztCf7xDgSF9BuJCScDZqwMFB
wpbBBDajPcwlBelZ1nsI6IuxEQEM7deh/Fo5/pmU9AN2v2zLEObswvryCiUFEH1Z
lWULHhuFGG+GcGqr9l8jZYosAZxNJvLzG1HALwhZCFY2Ufk34MWPaap7BmPxx50w
uWr9/R6B2QEr4mnNPnxLBnFWirTtLX6XZHptFraQeaCE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org