Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/oLooAgn179qBzZ5wo_Piwfm9PX4.roa
File: oLooAgn179qBzZ5wo_Piwfm9PX4.roa (raw, json)
Hash identifier: GyQjtX1+o5x/bffaYLkNUcHpLGRMWF6ZkTPTYQKIgfg=
Subject key identifier: A0:BA:28:02:09:F5:EF:DA:81:CD:9E:70:A3:F3:E2:C1:F9:BD:3D:7E
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 09AC80FE
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/oLooAgn179qBzZ5wo_Piwfm9PX4.roa
Signing time: Sat 01 Jan 2022 09:56:54 +0000
ROA not before: Sat 01 Jan 2022 09:56:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60781
IP address blocks: 31.43.174.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162300158 (0x9ac80fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 1 09:56:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0ba280209f5efda81cd9e70a3f3e2c1f9bd3d7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:97:38:8d:21:31:a0:5d:02:a2:87:84:7d:43:
c8:85:5c:36:b5:7a:eb:32:30:7f:f1:88:34:37:11:
44:d9:6f:e6:df:4e:4a:ef:ed:02:5b:21:bc:ac:dd:
23:5a:ac:f5:9d:fe:36:9c:50:cd:ad:0e:7f:ab:e9:
84:1c:0c:29:96:d7:bf:f5:52:e5:19:3e:27:26:49:
a9:42:f6:13:48:b1:84:76:f7:d7:74:70:b5:e5:1e:
19:1a:96:3d:39:8f:ce:ec:b0:bb:34:4b:bb:a8:15:
c2:5a:1f:91:89:82:0b:32:d2:f2:85:5f:2c:9e:c0:
b5:bd:32:1e:dd:d1:f7:dd:ce:3f:0f:71:de:c4:c6:
2e:fa:6c:24:23:2a:44:e5:4a:65:ee:ee:0f:66:da:
bc:22:7a:57:61:aa:80:eb:42:29:9f:56:ed:86:c5:
84:27:d6:a0:1b:6f:4d:dd:46:42:41:bf:b5:18:30:
b3:7b:14:f4:1e:24:3d:6f:61:b9:74:82:b7:b7:2d:
90:2e:fa:88:5a:e5:d1:52:d8:1c:4f:2a:3d:65:b0:
5f:78:93:85:6a:01:aa:92:0b:2a:a2:f9:d3:7b:de:
83:3c:30:ee:6e:06:f1:90:fc:51:a5:07:43:fe:32:
6e:a3:ea:6c:73:94:a0:43:a6:69:a6:d8:54:26:fe:
0a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:BA:28:02:09:F5:EF:DA:81:CD:9E:70:A3:F3:E2:C1:F9:BD:3D:7E
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/oLooAgn179qBzZ5wo_Piwfm9PX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.174.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:74:8b:a4:51:17:86:3e:45:1c:59:33:b9:47:ce:a6:02:37:
7d:79:48:23:c4:5a:eb:60:37:9e:f7:15:26:83:6d:a0:43:20:
82:d4:dc:d0:d9:93:1b:a1:a3:6b:f5:12:7f:71:67:e6:95:17:
4c:4d:af:21:b9:d6:45:74:8f:a8:4e:14:e0:68:5d:72:f5:15:
de:a7:ee:7d:34:a3:a7:70:64:d6:3f:ef:ea:85:81:72:2f:63:
e1:24:ee:ba:45:43:32:08:61:81:51:2c:26:28:06:70:56:31:
71:09:ac:70:5f:4a:97:da:f4:8e:c1:47:b9:bf:18:8f:25:95:
b6:37:de:45:71:52:4d:0c:44:d1:f6:26:5a:33:c9:fe:22:b7:
ce:c3:16:ab:6d:c1:54:f7:5c:49:2a:e8:2c:5f:3d:9e:b7:43:
5a:2d:94:5f:13:f3:0a:f9:82:18:3f:e3:eb:c5:80:ee:4f:87:
35:e7:a0:a3:10:34:4c:df:ff:29:b7:c1:4b:93:7e:f4:07:80:
e3:6d:52:1d:98:a4:b7:7e:94:8a:18:9a:5d:94:01:03:96:48:
7d:fe:a4:26:62:58:d2:0f:c1:76:24:f3:a4:16:b5:79:75:db:
b9:0d:0d:20:b7:9a:d5:14:f8:b8:4e:9c:9d:21:a6:ef:f3:f9:
c1:38:e2:f2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECayA/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDEw
MTA5NTY1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTBiYTI4MDIwOWY1
ZWZkYTgxY2Q5ZTcwYTNmM2UyYzFmOWJkM2Q3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOCXOI0hMaBdAqKHhH1DyIVcNrV66zIwf/GINDcRRNlv5t9O
Su/tAlshvKzdI1qs9Z3+NpxQza0Of6vphBwMKZbXv/VS5Rk+JyZJqUL2E0ixhHb3
13RwteUeGRqWPTmPzuywuzRLu6gVwlofkYmCCzLS8oVfLJ7Atb0yHt3R993OPw9x
3sTGLvpsJCMqROVKZe7uD2bavCJ6V2GqgOtCKZ9W7YbFhCfWoBtvTd1GQkG/tRgw
s3sU9B4kPW9huXSCt7ctkC76iFrl0VLYHE8qPWWwX3iThWoBqpILKqL503vegzww
7m4G8ZD8UaUHQ/4ybqPqbHOUoEOmaabYVCb+ClcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSguigCCfXv2oHNnnCj8+LB+b09fjAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L29Mb29BZ24xNzlxQnpaNXdvX1Bpd2ZtOVBYNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB8rrjANBgkqhkiG9w0BAQsFAAOC
AQEAKnSLpFEXhj5FHFkzuUfOpgI3fXlII8Ra62A3nvcVJoNtoEMggtTc0NmTG6Gj
a/USf3Fn5pUXTE2vIbnWRXSPqE4U4GhdcvUV3qfufTSjp3Bk1j/v6oWBci9j4STu
ukVDMghhgVEsJigGcFYxcQmscF9Kl9r0jsFHub8YjyWVtjfeRXFSTQxE0fYmWjPJ
/iK3zsMWq23BVPdcSSroLF89nrdDWi2UXxPzCvmCGD/j68WA7k+HNeegoxA0TN//
KbfBS5N+9AeA421SHZikt36UihiaXZQBA5ZIff6kJmJY0g/BdiTzpBa1eXXbuQ0N
ILea1RT4uE6cnSGm7/P5wTji8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:31 2024 by rpki-client on console-fra.rpki-client.org