Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/a_Fd2EGL3Fgk7re7cRmqeNfMft8.roa
File: a_Fd2EGL3Fgk7re7cRmqeNfMft8.roa (raw, json)
Hash identifier: hiBltCwVG4P7O3cJlkFfLnXEDQlF2BfHRNlBCGq/AsE=
Subject key identifier: 6B:F1:5D:D8:41:8B:DC:58:24:EE:B7:BB:71:19:AA:78:D7:CC:7E:DF
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0B8222DA
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/a_Fd2EGL3Fgk7re7cRmqeNfMft8.roa
Signing time: Fri 17 Jun 2022 11:36:45 +0000
ROA not before: Fri 17 Jun 2022 11:36:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134176
IP address blocks: 171.22.146.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 193077978 (0xb8222da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jun 17 11:36:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6bf15dd8418bdc5824eeb7bb7119aa78d7cc7edf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5a:ae:c6:7c:66:d3:9d:5a:3f:da:01:90:a6:
70:83:a3:42:71:c6:28:db:31:50:7d:25:0e:76:9c:
1d:7f:da:9c:34:c7:85:ea:76:c6:f2:9a:24:43:33:
32:21:d2:22:b0:07:39:d7:70:b9:86:e1:13:6f:7d:
e8:1b:e6:0b:0c:e2:45:10:17:ae:14:63:86:04:16:
a7:dd:a6:9b:14:3b:da:0d:00:56:6c:65:f2:38:ba:
2e:d0:eb:86:41:ac:3d:06:22:b1:cd:e2:09:59:f2:
5e:ef:d7:46:5c:41:01:9c:8c:ef:66:1c:11:15:52:
9d:b3:30:87:10:b7:41:f8:d8:e8:ed:09:20:a0:27:
b5:6e:c3:70:73:f2:b1:af:ff:45:23:90:b5:5a:b3:
f5:e5:48:f7:42:ed:b5:93:40:70:e2:d2:5c:2c:27:
28:bd:81:44:1f:d8:c6:61:21:45:a2:17:7e:cc:13:
63:a7:44:72:79:82:bc:64:6f:d5:2a:e6:0d:de:80:
5f:7e:26:61:9e:75:14:9f:50:81:6c:df:2b:69:14:
df:e0:7b:4c:15:63:5d:ee:a2:60:d0:c1:d4:ab:07:
04:97:69:99:df:4f:6c:f7:50:82:9f:e4:21:2e:d4:
ba:df:97:38:75:0d:48:63:78:54:68:0c:08:f4:f2:
47:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F1:5D:D8:41:8B:DC:58:24:EE:B7:BB:71:19:AA:78:D7:CC:7E:DF
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/a_Fd2EGL3Fgk7re7cRmqeNfMft8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.146.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:5e:d4:b6:07:ff:94:63:e6:6d:2d:92:98:c7:1e:91:f7:0d:
ce:ea:2c:d7:aa:08:7c:1f:99:7e:c5:68:8b:2a:71:ef:45:6c:
a0:c8:1c:00:32:1c:05:b9:76:e9:94:bf:93:90:4a:ed:73:10:
e4:a6:de:f5:92:9c:9f:6f:e7:69:7d:5a:22:da:df:f3:31:7c:
cd:74:d0:a3:5c:6d:d4:f1:dd:86:19:bd:16:9f:36:22:c2:23:
ea:58:75:80:64:d4:ff:f5:bd:ad:1e:ae:53:8f:05:a3:25:05:
b6:58:18:ac:d2:d6:44:f2:4c:69:bd:59:87:44:b1:a9:98:02:
21:af:0b:14:fb:bb:fc:c1:56:35:11:f2:c4:45:d8:eb:c7:08:
90:d6:fe:43:fd:48:37:3b:2d:20:b1:1b:1a:cc:df:a1:9c:5d:
d2:a2:7a:91:75:29:39:f8:0c:89:42:a0:64:e0:18:28:53:7d:
68:09:60:06:29:a1:cb:24:eb:57:2c:46:54:08:1c:58:8b:ec:
47:ed:1d:f7:4f:e2:48:fe:c8:db:76:e8:58:99:e0:d2:90:23:
75:28:e1:eb:9b:77:7e:07:9e:b9:8b:4a:8d:7f:d9:d7:7c:fa:
2b:37:c1:26:bb:cb:2f:b5:de:e1:57:70:0e:2a:19:ec:3e:32:
9a:42:54:54
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC4Ii2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDYx
NzExMzY0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmJmMTVkZDg0MThi
ZGM1ODI0ZWViN2JiNzExOWFhNzhkN2NjN2VkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxarsZ8ZtOdWj/aAZCmcIOjQnHGKNsxUH0lDnacHX/anDTH
hep2xvKaJEMzMiHSIrAHOddwuYbhE2996BvmCwziRRAXrhRjhgQWp92mmxQ72g0A
Vmxl8ji6LtDrhkGsPQYisc3iCVnyXu/XRlxBAZyM72YcERVSnbMwhxC3QfjY6O0J
IKAntW7DcHPysa//RSOQtVqz9eVI90LttZNAcOLSXCwnKL2BRB/YxmEhRaIXfswT
Y6dEcnmCvGRv1SrmDd6AX34mYZ51FJ9QgWzfK2kU3+B7TBVjXe6iYNDB1KsHBJdp
md9PbPdQgp/kIS7Uut+XOHUNSGN4VGgMCPTyR5MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRr8V3YQYvcWCTut7txGap418x+3zAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L2FfRmQyRUdMM0ZnazdyZTdjUm1xZU5mTWZ0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKsWkjANBgkqhkiG9w0BAQsFAAOC
AQEAXl7Utgf/lGPmbS2SmMcekfcNzuos16oIfB+ZfsVoiypx70VsoMgcADIcBbl2
6ZS/k5BK7XMQ5Kbe9ZKcn2/naX1aItrf8zF8zXTQo1xt1PHdhhm9Fp82IsIj6lh1
gGTU//W9rR6uU48FoyUFtlgYrNLWRPJMab1Zh0SxqZgCIa8LFPu7/MFWNRHyxEXY
68cIkNb+Q/1INzstILEbGszfoZxd0qJ6kXUpOfgMiUKgZOAYKFN9aAlgBimhyyTr
VyxGVAgcWIvsR+0d90/iSP7I23boWJng0pAjdSjh65t3fgeeuYtKjX/Z13z6KzfB
JrvLL7Xe4VdwDioZ7D4ymkJUVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org