Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/ayGEFoNJnwTt_vJiUU9bczZCyI4.roa
File: ayGEFoNJnwTt_vJiUU9bczZCyI4.roa (raw, json)
Hash identifier: BIUOo10u8qQk3HJj1dtfyaBRSTgQVElnILHXzSD3Z5o=
Subject key identifier: 6B:21:84:16:83:49:9F:04:ED:FE:F2:62:51:4F:5B:73:36:42:C8:8E
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 018212B33308B3E0A686A9AE4AC5E319AF27
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/ayGEFoNJnwTt_vJiUU9bczZCyI4.roa
Signing time: Mon 18 Jul 2022 19:05:09 +0000
ROA not before: Mon 18 Jul 2022 19:05:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 171.22.146.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:12:b3:33:08:b3:e0:a6:86:a9:ae:4a:c5:e3:19:af:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jul 18 19:05:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b21841683499f04edfef262514f5b733642c88e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:02:65:e8:6a:13:de:ca:78:36:72:0c:35:9d:
24:8a:ce:48:98:56:91:f0:de:e6:1b:4e:55:99:26:
ec:d8:a9:0e:9b:91:38:e8:4f:87:ae:10:18:fb:63:
01:2f:c8:85:6d:6c:0e:19:c1:71:c8:da:74:97:0d:
40:7c:95:ec:b9:3d:68:f4:fe:d6:cf:2f:7c:3e:e5:
31:8c:18:c9:c5:f8:92:27:9b:0e:b2:a4:67:da:6a:
1d:3e:a0:6b:d9:64:cc:f8:30:f9:36:ad:84:6c:53:
3f:75:13:61:22:d1:f9:52:ff:22:6f:c5:89:d6:bf:
49:a1:b4:c0:46:c1:36:2d:e3:fe:f0:23:cc:15:5b:
a9:40:2f:29:dd:86:24:f6:62:7d:1f:20:15:a1:82:
21:3e:07:d1:a9:c5:04:c4:41:2c:87:20:4d:ab:92:
db:65:c6:f5:6c:cd:21:a9:ee:8c:31:c7:8a:1c:ef:
8c:d5:9b:a6:0e:06:51:d7:53:1c:45:cf:c1:86:2f:
b6:83:ed:5b:38:5a:a0:4f:4e:53:f2:13:c4:9d:75:
3a:9c:ea:b6:81:5f:86:ab:62:89:53:6f:e0:4b:59:
ea:4a:f2:1a:28:15:00:51:fd:7a:44:8f:e0:6a:6a:
8a:8f:6a:a3:3c:72:6d:20:e9:a9:9c:58:07:be:b8:
de:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:21:84:16:83:49:9F:04:ED:FE:F2:62:51:4F:5B:73:36:42:C8:8E
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/ayGEFoNJnwTt_vJiUU9bczZCyI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.146.0/24
Signature Algorithm: sha256WithRSAEncryption
46:ff:27:78:d7:23:50:77:d6:ab:b5:d7:98:57:9a:4f:74:e4:
35:f7:f2:fb:ec:21:15:ec:24:80:d5:53:d4:92:1c:60:6e:6a:
2e:dc:34:54:c2:61:e4:f8:25:fb:e5:4e:94:d1:93:0e:cc:95:
0c:3e:08:a1:0b:b0:7f:8a:a3:09:ef:d8:bf:67:37:a8:65:c8:
23:2b:2e:76:51:a1:c8:85:38:59:91:72:b8:f9:d5:14:c2:7f:
52:4d:b4:88:fd:8a:9c:06:a8:33:14:09:a7:81:3d:ee:09:9b:
e1:6e:cc:1f:f4:0e:07:36:ac:31:80:60:3e:60:0f:9f:41:4b:
0e:24:b4:75:7c:ed:62:40:c4:90:61:37:ed:18:19:d8:85:df:
fe:05:79:47:af:f4:d9:23:1d:37:b7:6d:61:c8:22:43:27:83:
32:52:24:ac:69:d2:3a:52:d8:74:0f:e6:e4:59:4c:fe:52:e8:
76:54:97:8f:41:4e:9d:9b:36:58:d2:0e:cc:c0:bf:88:92:24:
51:db:20:45:8c:64:4e:5f:54:26:44:2a:aa:09:3f:ae:f3:75:
e5:36:cd:39:aa:fb:e9:a4:0a:a6:d9:6d:40:f4:7c:cd:93:04:
63:2f:d1:a6:e8:55:a0:5e:1f:94:c2:d8:62:4c:01:47:11:98:
30:8c:7c:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYISszMIs+CmhqmuSsXjGa8nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjIwNzE4MTkwNTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjIxODQxNjgzNDk5ZjA0ZWRmZWYyNjI1MTRmNWI3MzM2NDJjODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAJl6GoT3sp4NnIMNZ0kis5ImFaR
8N7mG05VmSbs2KkOm5E46E+HrhAY+2MBL8iFbWwOGcFxyNp0lw1AfJXsuT1o9P7W
zy98PuUxjBjJxfiSJ5sOsqRn2modPqBr2WTM+DD5Nq2EbFM/dRNhItH5Uv8ib8WJ
1r9JobTARsE2LeP+8CPMFVupQC8p3YYk9mJ9HyAVoYIhPgfRqcUExEEshyBNq5Lb
Zcb1bM0hqe6MMceKHO+M1ZumDgZR11McRc/Bhi+2g+1bOFqgT05T8hPEnXU6nOq2
gV+Gq2KJU2/gS1nqSvIaKBUAUf16RI/gamqKj2qjPHJtIOmpnFgHvrjeOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGshhBaDSZ8E7f7yYlFPW3M2QsiOMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvYXlHRUZvTkpud1R0X3ZKaVVVOWJjelpDeUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqxaSMA0G
CSqGSIb3DQEBCwUAA4IBAQBG/yd41yNQd9artdeYV5pPdOQ19/L77CEV7CSA1VPU
khxgbmou3DRUwmHk+CX75U6U0ZMOzJUMPgihC7B/iqMJ79i/ZzeoZcgjKy52UaHI
hThZkXK4+dUUwn9STbSI/YqcBqgzFAmngT3uCZvhbswf9A4HNqwxgGA+YA+fQUsO
JLR1fO1iQMSQYTftGBnYhd/+BXlHr/TZIx03t21hyCJDJ4MyUiSsadI6Uth0D+bk
WUz+Uuh2VJePQU6dmzZY0g7MwL+IkiRR2yBFjGROX1QmRCqqCT+u83XlNs05qvvp
pAqm2W1A9HzNkwRjL9Gm6FWgXh+UwthiTAFHEZgwjHzN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org