Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/aTj3ixa4wu22tG7Lt9O_K3i3ihw.roa
File: aTj3ixa4wu22tG7Lt9O_K3i3ihw.roa (raw, json)
Hash identifier: aLntzfk+cthnSODtYVB1/i5MJtGcw1h++YSgNAwpqSw=
Subject key identifier: 69:38:F7:8B:16:B8:C2:ED:B6:B4:6E:CB:B7:D3:BF:2B:78:B7:8A:1C
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 018B627D886D48B9BDF56FFA76AB287E92AF
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/aTj3ixa4wu22tG7Lt9O_K3i3ihw.roa
Signing time: Tue 24 Oct 2023 16:21:15 +0000
ROA not before: Tue 24 Oct 2023 16:21:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 171.22.146.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:62:7d:88:6d:48:b9:bd:f5:6f:fa:76:ab:28:7e:92:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Oct 24 16:21:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6938f78b16b8c2edb6b46ecbb7d3bf2b78b78a1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:7a:5e:64:fa:49:df:5f:bb:0d:d9:07:05:ae:
3c:6b:9c:14:dd:c4:3a:15:2d:3c:dc:85:13:40:be:
14:cf:6d:4e:ef:2e:13:aa:eb:c7:b4:55:8b:6b:08:
34:24:78:e1:a6:bc:00:85:cc:21:27:d7:c0:8f:71:
2e:ae:72:54:36:ab:e4:93:0d:55:a7:a1:a4:94:c7:
88:3a:cb:a3:5f:4b:e1:a3:14:41:cf:49:b2:1a:71:
37:b9:6a:70:b0:ef:f8:85:d7:08:bb:50:89:35:b3:
38:a6:66:f8:41:ab:4b:24:51:b7:cb:0b:69:b5:43:
66:d8:8c:bf:eb:a3:67:17:c8:f5:52:c6:2b:cc:81:
25:b4:bc:40:09:7f:52:db:36:b5:6b:f1:fb:f5:45:
05:a1:4c:6a:ef:1a:51:2e:ac:18:ea:c8:56:09:78:
fc:ce:57:ba:d3:61:ff:c7:b7:e9:20:60:aa:26:23:
3b:f9:bf:f5:df:86:68:e4:cd:e7:81:95:6d:34:5b:
a3:e4:8c:cc:69:30:bf:cf:f5:a8:5d:0b:1b:10:4b:
1f:45:6b:fc:35:de:57:9c:0d:9f:87:e0:72:1a:b6:
c4:07:3b:9f:ed:40:1c:e8:4f:de:de:70:e4:f3:28:
82:d9:fc:fc:cd:c7:74:03:a7:f5:8b:af:8c:7a:9b:
4c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:38:F7:8B:16:B8:C2:ED:B6:B4:6E:CB:B7:D3:BF:2B:78:B7:8A:1C
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/aTj3ixa4wu22tG7Lt9O_K3i3ihw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.146.0/24
Signature Algorithm: sha256WithRSAEncryption
29:c6:a2:5b:23:3f:74:dc:44:dd:21:28:7e:ba:c9:15:a8:55:
c6:17:7c:5f:cb:a0:6f:c2:31:32:f1:8f:8e:11:24:28:16:2e:
ec:35:a5:c1:ee:c3:e9:90:f9:c2:34:af:e8:25:d0:58:91:3c:
59:fa:99:aa:2b:9e:b2:2c:ca:38:02:98:46:62:55:09:ec:c3:
8d:b2:b4:68:2a:32:bf:7f:dd:da:f0:02:28:4c:2f:7a:50:22:
4f:12:a9:97:f2:b2:f2:14:db:dd:6a:fe:ff:56:be:38:34:35:
e3:ff:64:27:ba:bf:d5:a5:94:43:4d:9d:e8:a6:80:1b:d8:08:
f4:b4:2d:73:5e:a3:a1:dc:2d:7e:57:85:e6:3f:58:9f:34:f3:
52:9a:de:77:31:5c:45:8b:f1:a5:ce:0a:1b:e7:56:21:1b:0e:
43:82:b6:69:86:db:e5:30:8f:1b:8b:7f:a0:74:43:93:16:e2:
11:2f:16:e1:82:3e:69:3d:55:40:15:e6:69:de:0b:66:74:78:
4f:0a:67:4d:03:05:25:75:d3:10:8c:ca:7e:72:15:ea:af:92:
08:46:12:39:6a:48:46:8b:f0:f2:21:48:60:e1:91:2f:36:63:
ee:4d:f2:28:70:eb:fd:2d:a3:a4:2c:4d:1b:96:fd:dd:00:d2:
c5:49:7f:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtifYhtSLm99W/6dqsofpKvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMxMDI0MTYyMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTM4Zjc4YjE2YjhjMmVkYjZiNDZlY2JiN2QzYmYyYjc4Yjc4YTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3peZPpJ31+7DdkHBa48a5wU3cQ6
FS083IUTQL4Uz21O7y4TquvHtFWLawg0JHjhprwAhcwhJ9fAj3EurnJUNqvkkw1V
p6GklMeIOsujX0vhoxRBz0myGnE3uWpwsO/4hdcIu1CJNbM4pmb4QatLJFG3ywtp
tUNm2Iy/66NnF8j1UsYrzIEltLxACX9S2za1a/H79UUFoUxq7xpRLqwY6shWCXj8
zle602H/x7fpIGCqJiM7+b/134Zo5M3ngZVtNFuj5IzMaTC/z/WoXQsbEEsfRWv8
Nd5XnA2fh+ByGrbEBzuf7UAc6E/e3nDk8yiC2fz8zcd0A6f1i6+MeptMdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGk494sWuMLttrRuy7fTvyt4t4ocMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvYVRqM2l4YTR3dTIydEc3THQ5T19LM2kzaWh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqxaSMA0G
CSqGSIb3DQEBCwUAA4IBAQApxqJbIz903ETdISh+uskVqFXGF3xfy6BvwjEy8Y+O
ESQoFi7sNaXB7sPpkPnCNK/oJdBYkTxZ+pmqK56yLMo4AphGYlUJ7MONsrRoKjK/
f93a8AIoTC96UCJPEqmX8rLyFNvdav7/Vr44NDXj/2Qnur/VpZRDTZ3opoAb2Aj0
tC1zXqOh3C1+V4XmP1ifNPNSmt53MVxFi/Glzgob51YhGw5DgrZphtvlMI8bi3+g
dEOTFuIRLxbhgj5pPVVAFeZp3gtmdHhPCmdNAwUlddMQjMp+chXqr5IIRhI5akhG
i/DyIUhg4ZEvNmPuTfIocOv9LaOkLE0blv3dANLFSX+7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org