Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/TyqndxM_hJTUWA7fBjMbs3xuVlI.roa
File: TyqndxM_hJTUWA7fBjMbs3xuVlI.roa (raw, json)
Hash identifier: xZjSVJtE5RbBJ8cbJSJaO1xXcvBOy3RuyYUjVkOJHIo=
Subject key identifier: 4F:2A:A7:77:13:3F:84:94:D4:58:0E:DF:06:33:1B:B3:7C:6E:56:52
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0A34C89F
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/TyqndxM_hJTUWA7fBjMbs3xuVlI.roa
Signing time: Tue 22 Feb 2022 16:53:51 +0000
ROA not before: Tue 22 Feb 2022 16:53:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 95.111.128.0/20 maxlen: 24
177.222.64.0/19 maxlen: 24
95.111.144.0/20 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171231391 (0xa34c89f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Feb 22 16:53:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f2aa777133f8494d4580edf06331bb37c6e5652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6e:c6:91:0c:45:a6:31:44:a0:fe:9b:2c:76:
41:82:11:e2:20:4a:cf:1b:fd:a6:28:7f:fa:67:e0:
bd:ac:8d:03:5d:49:6f:c6:56:ad:41:30:02:2d:cf:
86:f2:f4:7d:e7:4b:f8:58:2d:e6:63:92:27:bb:d8:
0d:52:53:31:b3:ee:22:ad:6a:46:da:50:53:44:12:
52:39:62:ec:3c:17:94:9a:72:02:3e:70:c4:66:d9:
2a:7c:e7:23:7f:ab:45:d3:e4:19:82:de:aa:f1:bb:
ad:7c:44:15:c0:54:65:86:63:b5:03:2f:8b:77:6e:
1a:1f:df:84:1c:a1:e5:50:43:82:c8:c7:3f:9d:c3:
a0:af:c7:14:be:97:c6:43:f9:e7:5e:f8:15:8c:1c:
d1:32:92:07:eb:6c:06:7c:8d:ef:1c:13:bc:8b:30:
71:c3:39:f4:cf:50:b3:e0:55:78:d1:ba:e5:5e:49:
8c:ad:23:5b:7d:50:b1:9f:a5:14:c3:d1:31:7a:14:
7d:a8:91:3a:20:23:76:f4:6b:af:52:b6:4b:11:c3:
26:35:8c:a2:4b:fa:be:16:6e:af:0f:40:68:a1:ac:
c7:16:45:fa:e0:83:c2:86:f9:23:59:3e:b9:b8:7b:
24:6e:5d:b8:b4:8a:85:18:8b:79:3e:cc:ca:59:b1:
15:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:2A:A7:77:13:3F:84:94:D4:58:0E:DF:06:33:1B:B3:7C:6E:56:52
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/TyqndxM_hJTUWA7fBjMbs3xuVlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.111.128.0/19
177.222.64.0/19
Signature Algorithm: sha256WithRSAEncryption
08:86:a0:74:99:d7:4f:53:af:85:14:06:27:7e:d6:64:03:1d:
7e:b3:7a:90:c3:03:bb:b3:dd:e6:50:66:1a:33:5a:79:38:55:
5b:b6:27:18:79:da:e5:97:29:85:81:78:08:d1:b2:d7:9e:d7:
c7:7b:46:a3:49:d6:31:de:4f:f9:3a:70:e8:2d:db:ab:10:8f:
9e:75:b5:fb:64:61:9e:05:c4:b6:84:60:18:6b:90:83:c6:3b:
6d:89:2e:da:86:24:e9:12:7c:a0:61:a6:d0:8e:e7:5c:2a:ec:
c6:02:7e:92:9f:e5:0a:99:da:8e:d9:9a:3c:04:14:46:79:3c:
77:56:5f:3c:b2:a1:ac:0a:b6:7d:71:f4:d9:38:ae:6e:7f:06:
fd:d5:4d:a4:92:2f:3b:34:d7:00:91:2b:4d:40:7b:db:dd:c3:
c1:4b:b9:3f:aa:fe:50:c2:2d:02:65:db:84:2a:ab:26:ba:d4:
83:8a:23:e8:b5:49:17:df:2c:87:4a:d7:73:ea:d4:ed:d1:9a:
c4:5d:f1:81:1a:dc:d2:ae:b5:27:c0:f0:0c:65:2d:a5:80:31:
5f:08:91:00:8c:02:07:7e:54:f5:29:8a:01:d9:1d:c1:60:ec:
6b:cd:fb:e3:33:09:2b:51:fa:34:f1:d8:35:c2:34:4e:47:65:
23:36:47:fd
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECjTInzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDIy
MjE2NTM1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGYyYWE3NzcxMzNm
ODQ5NGQ0NTgwZWRmMDYzMzFiYjM3YzZlNTY1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJNuxpEMRaYxRKD+myx2QYIR4iBKzxv9pih/+mfgvayNA11J
b8ZWrUEwAi3PhvL0fedL+Fgt5mOSJ7vYDVJTMbPuIq1qRtpQU0QSUjli7DwXlJpy
Aj5wxGbZKnznI3+rRdPkGYLeqvG7rXxEFcBUZYZjtQMvi3duGh/fhByh5VBDgsjH
P53DoK/HFL6XxkP55174FYwc0TKSB+tsBnyN7xwTvIswccM59M9Qs+BVeNG65V5J
jK0jW31QsZ+lFMPRMXoUfaiROiAjdvRrr1K2SxHDJjWMokv6vhZurw9AaKGsxxZF
+uCDwob5I1k+ubh7JG5duLSKhRiLeT7MylmxFZ0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRPKqd3Ez+ElNRYDt8GMxuzfG5WUjAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L1R5cW5keE1faEpUVVdBN2ZCak1iczN4dVZsSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBV9vgAMEBbHeQDANBgkqhkiG9w0B
AQsFAAOCAQEACIagdJnXT1OvhRQGJ37WZAMdfrN6kMMDu7Pd5lBmGjNaeThVW7Yn
GHna5ZcphYF4CNGy157Xx3tGo0nWMd5P+Tpw6C3bqxCPnnW1+2RhngXEtoRgGGuQ
g8Y7bYku2oYk6RJ8oGGm0I7nXCrsxgJ+kp/lCpnajtmaPAQURnk8d1ZfPLKhrAq2
fXH02Tiubn8G/dVNpJIvOzTXAJErTUB7293DwUu5P6r+UMItAmXbhCqrJrrUg4oj
6LVJF98sh0rXc+rU7dGaxF3xgRrc0q61J8DwDGUtpYAxXwiRAIwCB35U9SmKAdkd
wWDsa8374zMJK1H6NPHYNcI0TkdlIzZH/Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:01 2023 by rpki-client on console-fra.rpki-client.org