Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/jP2YcnUq93ooT2Odrid3eeJCvL4.roa
File: jP2YcnUq93ooT2Odrid3eeJCvL4.roa (raw, json)
Hash identifier: EyzZ5PWnH4+2VERNlLfbDDI53PCtEuxAEuQQ1dvfY7s=
Subject key identifier: 8C:FD:98:72:75:2A:F7:7A:28:4F:63:9D:AE:27:77:79:E2:42:BC:BE
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0A8031E0
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/jP2YcnUq93ooT2Odrid3eeJCvL4.roa
Signing time: Mon 14 Mar 2022 15:22:22 +0000
ROA not before: Mon 14 Mar 2022 15:22:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 171.22.146.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176173536 (0xa8031e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Mar 14 15:22:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8cfd9872752af77a284f639dae277779e242bcbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0e:1a:36:b0:74:69:97:21:1d:ca:35:d3:f5:
cf:a2:59:65:68:5b:fd:c1:5e:07:43:31:71:77:53:
ff:15:3c:ad:25:26:c8:9f:4e:0f:7f:0c:36:d0:75:
e6:e9:e5:bf:7c:3c:ce:86:af:45:44:fc:67:d5:27:
72:96:78:4f:32:1e:1d:f5:4f:22:9f:dc:a2:6c:4d:
32:f4:2a:19:98:3d:df:de:0e:09:da:c1:48:b3:40:
f7:b6:b8:ff:a2:f2:2e:77:d6:d5:f3:2c:82:e6:83:
6b:15:ab:15:7e:d0:69:e8:74:81:01:c9:7b:28:34:
56:2f:0e:d1:56:40:b0:34:cd:a8:3b:ca:ee:00:0d:
60:aa:46:ee:aa:a5:e4:90:91:ea:1a:d4:bd:31:d6:
4a:86:1b:d8:dc:e4:0a:9d:10:b1:72:d9:bf:4a:8d:
8f:32:e9:15:35:9c:79:aa:86:98:4a:85:30:72:e5:
1d:b5:b0:1a:ad:ae:77:a9:3d:00:10:60:07:cf:eb:
26:e1:cf:dd:d7:46:55:50:ff:e0:82:2e:81:ad:ec:
4c:c3:e7:a1:e4:ef:63:5b:41:33:43:84:a7:e9:15:
b6:61:b6:64:b1:83:64:cd:60:a2:7d:4a:4b:08:e5:
d0:5d:6c:13:a4:6f:ed:70:5b:80:8f:05:63:01:c1:
b8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:FD:98:72:75:2A:F7:7A:28:4F:63:9D:AE:27:77:79:E2:42:BC:BE
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/jP2YcnUq93ooT2Odrid3eeJCvL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.146.0/24
Signature Algorithm: sha256WithRSAEncryption
55:e6:bb:37:81:c3:46:d4:2e:1a:a2:52:88:9d:d1:e0:65:27:
6d:d2:d7:19:a1:b6:d8:12:5a:e9:b3:51:47:1e:05:41:96:30:
26:60:33:50:ce:65:9c:8f:22:cd:8b:c4:5a:83:40:b2:67:e1:
41:99:fe:95:d3:ed:e0:cc:af:e0:a3:40:38:66:f6:11:fa:9c:
60:74:61:36:46:cb:eb:ed:63:8d:64:51:a0:7e:8e:84:95:1b:
ca:b0:74:eb:5c:e4:8d:9e:ec:7c:76:ec:06:1d:d8:fb:00:41:
8e:3c:00:bf:42:9d:48:45:b7:47:c3:ce:72:fe:de:bc:39:6c:
28:01:0f:9e:09:a8:4d:83:12:14:24:77:db:b6:b6:02:ac:2e:
ea:ef:87:30:a9:85:0f:ee:f6:df:24:86:45:f6:0e:4c:f3:04:
69:2f:92:3e:0e:f1:93:d9:b6:a1:05:31:78:5a:b4:db:98:95:
ce:3a:dd:2b:7b:e7:08:28:89:23:c9:11:90:80:c6:65:12:52:
d3:3e:0e:05:17:72:73:0e:63:c7:1e:43:d3:ff:cf:ca:17:59:
a0:d5:7c:64:e0:74:b9:06:a8:97:53:bb:a8:48:fa:e4:f8:11:
94:81:e4:46:8f:fc:d0:30:d4:09:55:01:58:fd:ab:e5:c7:d9:
0f:31:1e:4b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECoAx4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDMx
NDE1MjIyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGNmZDk4NzI3NTJh
Zjc3YTI4NGY2MzlkYWUyNzc3NzllMjQyYmNiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8OGjawdGmXIR3KNdP1z6JZZWhb/cFeB0MxcXdT/xU8rSUm
yJ9OD38MNtB15unlv3w8zoavRUT8Z9UncpZ4TzIeHfVPIp/comxNMvQqGZg9394O
CdrBSLNA97a4/6LyLnfW1fMsguaDaxWrFX7Qaeh0gQHJeyg0Vi8O0VZAsDTNqDvK
7gANYKpG7qql5JCR6hrUvTHWSoYb2NzkCp0QsXLZv0qNjzLpFTWceaqGmEqFMHLl
HbWwGq2ud6k9ABBgB8/rJuHP3ddGVVD/4IIuga3sTMPnoeTvY1tBM0OEp+kVtmG2
ZLGDZM1gon1KSwjl0F1sE6Rv7XBbgI8FYwHBuJ0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSM/ZhydSr3eihPY52uJ3d54kK8vjAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L2pQMlljblVxOTNvb1QyT2RyaWQzZWVKQ3ZMNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKsWkjANBgkqhkiG9w0BAQsFAAOC
AQEAVea7N4HDRtQuGqJSiJ3R4GUnbdLXGaG22BJa6bNRRx4FQZYwJmAzUM5lnI8i
zYvEWoNAsmfhQZn+ldPt4Myv4KNAOGb2EfqcYHRhNkbL6+1jjWRRoH6OhJUbyrB0
61zkjZ7sfHbsBh3Y+wBBjjwAv0KdSEW3R8POcv7evDlsKAEPngmoTYMSFCR327a2
Aqwu6u+HMKmFD+723ySGRfYOTPMEaS+SPg7xk9m2oQUxeFq025iVzjrdK3vnCCiJ
I8kRkIDGZRJS0z4OBRdycw5jxx5D0//PyhdZoNV8ZOB0uQaol1O7qEj65PgRlIHk
Ro/80DDUCVUBWP2r5cfZDzEeSw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org