Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lVFOS8YLyvF3uthLP4AtWKsEpfg.roa
File: lVFOS8YLyvF3uthLP4AtWKsEpfg.roa (raw, json)
Hash identifier: xNyjtlcjHtY1IkNtEMMV94/+aGaf3ZH5PqEUotQWbLI=
Subject key identifier: 95:51:4E:4B:C6:0B:CA:F1:77:BA:D8:4B:3F:80:2D:58:AB:04:A5:F8
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0A1AED0F
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lVFOS8YLyvF3uthLP4AtWKsEpfg.roa
Signing time: Wed 16 Feb 2022 12:10:44 +0000
ROA not before: Wed 16 Feb 2022 12:10:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12189
IP address blocks: 171.22.146.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169536783 (0xa1aed0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Feb 16 12:10:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95514e4bc60bcaf177bad84b3f802d58ab04a5f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8e:49:0a:bb:74:6c:b2:f7:71:09:22:55:32:
7b:28:f1:68:71:0f:af:13:b9:44:8e:22:fb:6e:18:
23:41:92:fb:86:1d:a6:57:cb:bb:66:b0:9f:48:f1:
69:b1:28:d7:77:06:2b:82:ea:5a:56:04:71:8d:5f:
1b:75:57:5f:45:b5:5b:c0:db:d9:11:3e:85:13:d9:
48:54:5c:7b:e4:98:16:60:26:1d:59:9f:6f:1f:aa:
c2:8b:45:ad:66:b9:07:a1:3b:d0:24:41:da:1c:cd:
26:0d:54:a3:d9:dc:8d:09:08:b3:ea:26:1c:9f:70:
b4:d6:ba:af:ac:75:fa:5e:a2:56:f0:72:19:88:fc:
a5:23:c5:19:2b:75:b2:0f:1a:cd:55:cc:23:84:91:
73:1b:01:a2:d6:d1:b3:6a:de:41:e2:11:03:77:0c:
cb:58:96:43:15:55:ff:de:c0:f2:34:32:4b:17:47:
59:ac:6f:33:82:0e:c7:e1:46:59:b9:77:ad:5c:56:
a2:be:9f:10:b0:1e:82:b9:bf:25:d7:4a:c4:f8:63:
07:3e:28:a3:d6:db:71:11:66:7f:9e:40:e7:77:7b:
59:cb:23:be:a2:c9:c4:59:66:bc:ed:67:47:0b:a0:
2b:a7:6d:bf:b7:2c:79:e3:23:af:a6:24:db:d3:72:
56:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:51:4E:4B:C6:0B:CA:F1:77:BA:D8:4B:3F:80:2D:58:AB:04:A5:F8
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lVFOS8YLyvF3uthLP4AtWKsEpfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.146.0/24
Signature Algorithm: sha256WithRSAEncryption
94:f6:0c:79:24:2e:91:c7:00:e5:90:22:a9:e6:32:c8:36:ce:
90:a9:e6:b6:be:e4:7b:50:11:ab:19:f1:6f:ab:da:7f:23:f0:
b6:52:46:a3:9d:c8:c4:35:53:48:df:99:6d:57:bf:80:8a:e0:
c3:f1:75:d1:9b:ad:0b:df:3d:89:b1:20:30:9e:35:84:01:37:
ec:3a:3b:02:bf:4b:d2:c0:18:56:7f:71:3a:32:f3:6d:17:de:
7f:c8:59:da:42:ea:59:de:3f:90:5b:9f:18:81:de:c2:d8:b0:
80:27:ca:5b:fc:2f:71:82:a3:fb:56:94:b0:38:3f:7b:cd:6f:
f8:2c:25:f1:68:fb:e5:58:90:33:e2:79:77:f2:b8:f8:b9:64:
f6:63:86:bd:2d:ae:52:36:68:05:b9:2f:1b:88:7e:da:ec:7c:
f3:0b:33:5c:d9:83:02:b2:35:d0:00:02:76:69:42:e7:f6:88:
5f:6f:f7:a8:75:38:cb:95:63:2e:26:29:a6:57:70:54:ae:4e:
38:53:f5:6d:f9:f4:26:81:c5:86:ca:df:1b:a7:08:17:b4:6e:
34:3b:a2:8b:f8:32:4d:77:f1:0f:7f:78:66:d3:fa:b0:40:45:
6d:79:96:45:c1:e0:72:38:ef:4f:5f:05:90:48:01:21:b6:b5:
f4:15:33:a9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEChrtDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDIx
NjEyMTA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTU1MTRlNGJjNjBi
Y2FmMTc3YmFkODRiM2Y4MDJkNThhYjA0YTVmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL2OSQq7dGyy93EJIlUyeyjxaHEPrxO5RI4i+24YI0GS+4Yd
plfLu2awn0jxabEo13cGK4LqWlYEcY1fG3VXX0W1W8Db2RE+hRPZSFRce+SYFmAm
HVmfbx+qwotFrWa5B6E70CRB2hzNJg1Uo9ncjQkIs+omHJ9wtNa6r6x1+l6iVvBy
GYj8pSPFGSt1sg8azVXMI4SRcxsBotbRs2reQeIRA3cMy1iWQxVV/97A8jQySxdH
WaxvM4IOx+FGWbl3rVxWor6fELAegrm/JddKxPhjBz4oo9bbcRFmf55A53d7Wcsj
vqLJxFlmvO1nRwugK6dtv7cseeMjr6Yk29NyVhUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSVUU5LxgvK8Xe62Es/gC1YqwSl+DAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L2xWRk9TOFlMeXZGM3V0aExQNEF0V0tzRXBmZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKsWkjANBgkqhkiG9w0BAQsFAAOC
AQEAlPYMeSQukccA5ZAiqeYyyDbOkKnmtr7ke1ARqxnxb6vafyPwtlJGo53IxDVT
SN+ZbVe/gIrgw/F10ZutC989ibEgMJ41hAE37Do7Ar9L0sAYVn9xOjLzbRfef8hZ
2kLqWd4/kFufGIHewtiwgCfKW/wvcYKj+1aUsDg/e81v+Cwl8Wj75ViQM+J5d/K4
+Llk9mOGvS2uUjZoBbkvG4h+2ux88wszXNmDArI10AACdmlC5/aIX2/3qHU4y5Vj
LiYppldwVK5OOFP1bfn0JoHFhsrfG6cIF7RuNDuii/gyTXfxD394ZtP6sEBFbXmW
RcHgcjjvT18FkEgBIba19BUzqQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org