Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/YDP1OKmd1I-prW6KallBhc1PUwE.roa
File: YDP1OKmd1I-prW6KallBhc1PUwE.roa (raw, json)
Hash identifier: R0q69MzKPMblEVDuWduakIrP4vv8zcMWHGyqsIYbYCY=
Subject key identifier: 60:33:F5:38:A9:9D:D4:8F:A9:AD:6E:8A:6A:59:41:85:CD:4F:53:01
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0A20989F
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/YDP1OKmd1I-prW6KallBhc1PUwE.roa
Signing time: Fri 18 Feb 2022 08:33:22 +0000
ROA not before: Fri 18 Feb 2022 08:33:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 91.222.43.0/24 maxlen: 24
171.22.147.0/24 maxlen: 24
171.22.146.0/24 maxlen: 24
31.43.174.0/23 maxlen: 24
185.235.71.0/24 maxlen: 24
185.149.15.0/24 maxlen: 24
185.149.14.0/24 maxlen: 24
185.149.12.0/24 maxlen: 24
89.46.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169908383 (0xa20989f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Feb 18 08:33:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6033f538a99dd48fa9ad6e8a6a594185cd4f5301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3c:bf:9e:1a:72:56:1b:d2:c0:02:9e:09:79:
82:5a:23:c5:e8:c2:c2:ff:7a:94:0e:cd:ad:03:ed:
9c:87:bb:d5:72:2d:c9:21:d4:e7:2f:89:17:98:37:
16:b3:57:72:34:b7:c9:0d:fb:ec:87:5f:30:1c:89:
4c:1e:ae:eb:a5:a8:d7:1a:e3:fc:11:85:90:7f:75:
db:07:35:e7:ef:25:67:8e:26:99:c2:6a:3e:c3:ed:
f8:2a:fb:fb:34:26:e6:59:cd:d3:1d:7c:d5:86:6c:
75:43:67:dd:eb:dd:e3:2d:7b:d0:05:21:bd:8f:eb:
24:a0:4e:7b:2f:b9:8d:11:c2:57:39:5e:54:b7:b2:
e7:d7:bc:5f:2c:2e:44:c6:cc:bc:3e:1e:28:1c:8e:
e6:15:52:59:94:cd:d3:71:92:c3:6b:3b:1e:7b:f3:
39:77:e4:1e:1c:0b:7f:b2:16:3c:e5:4f:65:80:f6:
79:35:27:a5:ec:87:98:e6:6b:7d:a7:89:73:0d:92:
fc:82:eb:c5:9b:32:54:9b:ef:b4:89:3b:d9:6f:5f:
db:b1:3d:03:10:12:73:bf:22:1d:b5:7a:e7:7a:ac:
f8:5d:01:77:41:3f:d3:14:57:41:f5:3f:21:1f:72:
37:25:1c:9d:47:54:2a:e0:42:94:e2:5e:4d:5a:5d:
76:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:33:F5:38:A9:9D:D4:8F:A9:AD:6E:8A:6A:59:41:85:CD:4F:53:01
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/YDP1OKmd1I-prW6KallBhc1PUwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.174.0/23
89.46.99.0/24
91.222.43.0/24
171.22.146.0/23
185.149.12.0/24
185.149.14.0/23
185.235.71.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:72:8a:b5:f7:92:49:47:eb:21:81:6d:75:36:15:48:4b:03:
b1:0c:7b:28:cd:44:ae:27:47:bc:9d:c6:7b:53:a4:4b:5c:05:
4a:ff:b9:07:60:4e:70:98:5b:fc:3c:e1:71:b2:1e:34:df:ed:
b1:a2:2c:be:81:7d:12:38:77:3e:3d:07:c0:06:91:0e:5b:7b:
cd:9a:e1:be:e7:fe:32:8c:94:84:93:28:70:c9:08:d8:34:0a:
90:8c:2e:e4:2a:82:01:7f:87:76:cb:65:23:29:6d:3b:3d:f1:
76:40:9a:b6:a0:da:5b:b5:1d:7a:93:79:5f:b9:31:e2:a0:65:
95:1f:42:fc:03:3b:77:3e:91:63:42:6a:3b:65:97:b4:d9:ef:
dc:74:a2:8a:42:de:e4:a0:1f:8b:33:88:4d:39:e5:86:ad:a4:
3d:39:16:85:a8:f2:ce:25:e5:22:ec:4e:26:e3:01:40:61:21:
5f:67:57:14:36:9b:41:7a:8b:23:9a:19:ab:94:57:8e:f8:5a:
a7:59:1a:7e:b2:84:a0:c5:18:dc:dd:e8:53:d6:a8:86:20:51:
1e:28:41:f2:a7:10:78:e7:49:37:a9:0a:12:32:17:05:05:c3:
15:a7:ef:d9:20:59:46:c9:c2:24:e9:df:71:0d:11:6e:21:84:
5c:a7:fe:a9
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIECiCYnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDIx
ODA4MzMyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjAzM2Y1MzhhOTlk
ZDQ4ZmE5YWQ2ZThhNmE1OTQxODVjZDRmNTMwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALI8v54aclYb0sACngl5glojxejCwv96lA7NrQPtnIe71XIt
ySHU5y+JF5g3FrNXcjS3yQ377IdfMByJTB6u66Wo1xrj/BGFkH912wc15+8lZ44m
mcJqPsPt+Cr7+zQm5lnN0x181YZsdUNn3evd4y170AUhvY/rJKBOey+5jRHCVzle
VLey59e8XywuRMbMvD4eKByO5hVSWZTN03GSw2s7HnvzOXfkHhwLf7IWPOVPZYD2
eTUnpeyHmOZrfaeJcw2S/ILrxZsyVJvvtIk72W9f27E9AxASc78iHbV653qs+F0B
d0E/0xRXQfU/IR9yNyUcnUdUKuBClOJeTVpddp0CAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBRgM/U4qZ3Uj6mtbopqWUGFzU9TATAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L1lEUDFPS21kMUktcHJXNkthbGxCaGMxUFV3RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAR8rrgMEAFkuYwMEAFveKwMEAasW
kgMEALmVDAMEAbmVDgMEALnrRzANBgkqhkiG9w0BAQsFAAOCAQEAHXKKtfeSSUfr
IYFtdTYVSEsDsQx7KM1EridHvJ3Ge1OkS1wFSv+5B2BOcJhb/DzhcbIeNN/tsaIs
voF9Ejh3Pj0HwAaRDlt7zZrhvuf+MoyUhJMocMkI2DQKkIwu5CqCAX+HdstlIylt
Oz3xdkCatqDaW7UdepN5X7kx4qBllR9C/AM7dz6RY0JqO2WXtNnv3HSiikLe5KAf
izOITTnlhq2kPTkWhajyziXlIuxOJuMBQGEhX2dXFDabQXqLI5oZq5RXjvhap1ka
frKEoMUY3N3oU9aohiBRHihB8qcQeOdJN6kKEjIXBQXDFafv2SBZRsnCJOnfcQ0R
biGEXKf+qQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org