Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/WFzNN7fMcaDQ-D-pjHDJdArLrA0.roa
File: WFzNN7fMcaDQ-D-pjHDJdArLrA0.roa (raw, json)
Hash identifier: ntKJ77hz+YfsJHRbpAH6oogW1z5vs0GrrxdyX5ejVTU=
Subject key identifier: 58:5C:CD:37:B7:CC:71:A0:D0:F8:3F:A9:8C:70:C9:74:0A:CB:AC:0D
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0A99DB4D
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/WFzNN7fMcaDQ-D-pjHDJdArLrA0.roa
Signing time: Tue 22 Mar 2022 07:43:56 +0000
ROA not before: Tue 22 Mar 2022 07:43:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 171.22.146.0/24 maxlen: 24
95.111.128.0/20 maxlen: 24
177.222.64.0/19 maxlen: 24
95.111.144.0/20 maxlen: 24
185.149.12.0/24 maxlen: 24
185.149.13.0/24 maxlen: 24
89.46.98.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177855309 (0xa99db4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Mar 22 07:43:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=585ccd37b7cc71a0d0f83fa98c70c9740acbac0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c6:a7:7a:1d:fb:0e:2a:da:cc:b3:6a:13:25:
21:a3:9e:a7:24:24:18:9c:24:d7:c4:27:74:02:f5:
6c:c5:7d:84:ae:f8:50:2f:ef:b1:73:3a:77:ff:88:
83:9c:e0:02:bf:ef:9e:46:f6:b9:94:09:db:e1:54:
e7:4b:58:ce:db:be:0d:25:fd:8b:cb:31:3a:13:9c:
21:2e:54:1b:dc:32:63:01:c1:c8:b7:0b:5d:32:dc:
1e:bb:99:4d:55:06:15:50:44:92:79:14:7b:2f:3a:
5d:f4:32:86:f9:bf:7e:bf:af:f9:8b:cc:db:6a:45:
3d:d4:0e:96:e1:ff:b7:c3:0d:7f:b6:ee:04:bf:9a:
89:c9:4d:cd:4f:97:9c:b2:3b:9e:8c:19:0c:66:44:
87:5d:9e:22:b6:a1:15:24:a0:b8:9c:32:7e:a4:a1:
32:68:02:6d:a6:85:46:23:78:99:5e:c6:8c:54:7e:
e5:b4:91:cd:e3:48:27:48:64:70:69:50:98:6f:c8:
d0:5e:b6:62:da:c2:20:09:63:b6:19:82:43:82:5e:
8c:cf:1a:4a:fd:af:0e:0e:ad:fa:96:0a:cd:e4:b6:
b1:a2:04:e9:1a:a9:6f:ca:ac:e0:ee:e2:c9:08:78:
7f:ea:3f:05:07:db:3a:35:a7:bc:8a:66:9e:71:dd:
90:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:5C:CD:37:B7:CC:71:A0:D0:F8:3F:A9:8C:70:C9:74:0A:CB:AC:0D
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/WFzNN7fMcaDQ-D-pjHDJdArLrA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.98.0/24
95.111.128.0/19
171.22.146.0/24
177.222.64.0/19
185.149.12.0/23
Signature Algorithm: sha256WithRSAEncryption
77:18:7f:61:55:70:05:c9:73:67:7f:ac:3b:00:de:a7:f8:cb:
2e:c8:92:8d:e2:f7:99:b7:6b:af:80:c0:f1:0d:c4:ff:8a:15:
f1:dc:23:62:ad:f2:7a:4c:fe:b2:46:33:1c:37:5f:88:37:b8:
53:f2:34:d1:f1:e8:04:23:20:5d:2d:f3:d3:7c:ff:aa:69:d5:
55:e8:b6:83:e1:bd:2d:92:b4:e3:10:e2:89:87:00:50:15:da:
86:f1:37:8e:0e:ee:71:87:20:39:6c:22:07:bc:49:02:23:cf:
bc:88:3d:ec:7a:4f:bf:70:d9:66:b8:92:cb:b2:5b:1f:f6:36:
b4:88:60:d7:1c:e9:ed:6b:93:cc:0d:f9:1f:69:45:e6:d4:95:
75:1e:dc:da:9c:c7:2a:4f:49:42:c3:16:63:43:93:15:3b:15:
0e:72:27:d4:88:a9:f9:13:fe:af:7e:da:8b:e4:ac:5e:25:c1:
e9:ff:17:b8:aa:a6:83:09:d9:5f:ac:8e:d9:08:75:c5:49:ff:
c7:73:4a:23:7c:eb:0b:09:45:79:d3:6c:74:e2:21:af:7b:2c:
22:7d:f9:35:73:fa:a6:c7:53:a6:f8:b8:48:41:e3:a9:a8:fa:
26:d1:52:61:aa:69:02:ae:36:71:43:12:ed:76:89:87:24:4e:
b5:62:4b:36
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECpnbTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDMy
MjA3NDM1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTg1Y2NkMzdiN2Nj
NzFhMGQwZjgzZmE5OGM3MGM5NzQwYWNiYWMwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKDGp3od+w4q2syzahMlIaOepyQkGJwk18QndAL1bMV9hK74
UC/vsXM6d/+Ig5zgAr/vnkb2uZQJ2+FU50tYztu+DSX9i8sxOhOcIS5UG9wyYwHB
yLcLXTLcHruZTVUGFVBEknkUey86XfQyhvm/fr+v+YvM22pFPdQOluH/t8MNf7bu
BL+aiclNzU+XnLI7nowZDGZEh12eIrahFSSguJwyfqShMmgCbaaFRiN4mV7GjFR+
5bSRzeNIJ0hkcGlQmG/I0F62YtrCIAljthmCQ4JejM8aSv2vDg6t+pYKzeS2saIE
6Rqpb8qs4O7iyQh4f+o/BQfbOjWnvIpmnnHdkCsCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRYXM03t8xxoND4P6mMcMl0CsusDTAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L1dGek5ON2ZNY2FEUS1ELXBqSERKZEFyTHJBMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFkuYgMEBV9vgAMEAKsWkgMEBbHe
QAMEAbmVDDANBgkqhkiG9w0BAQsFAAOCAQEAdxh/YVVwBclzZ3+sOwDep/jLLsiS
jeL3mbdrr4DA8Q3E/4oV8dwjYq3yekz+skYzHDdfiDe4U/I00fHoBCMgXS3z03z/
qmnVVei2g+G9LZK04xDiiYcAUBXahvE3jg7ucYcgOWwiB7xJAiPPvIg97HpPv3DZ
ZriSy7JbH/Y2tIhg1xzp7WuTzA35H2lF5tSVdR7c2pzHKk9JQsMWY0OTFTsVDnIn
1Iip+RP+r37ai+SsXiXB6f8XuKqmgwnZX6yO2Qh1xUn/x3NKI3zrCwlFedNsdOIh
r3ssIn35NXP6psdTpvi4SEHjqaj6JtFSYappAq42cUMS7XaJhyROtWJLNg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:01 2023 by rpki-client on console-fra.rpki-client.org