Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/y4KODOPA_Oix8qFft-C11ToM2Lc.roa
File: y4KODOPA_Oix8qFft-C11ToM2Lc.roa (raw, json)
Hash identifier: Ze2bltttKjRe9zXsniBrcx8jm35AmkpkYP3hf1/73D4=
Subject key identifier: CB:82:8E:0C:E3:C0:FC:E8:B1:F2:A1:5F:B7:E0:B5:D5:3A:0C:D8:B7
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0A65EF01
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/y4KODOPA_Oix8qFft-C11ToM2Lc.roa
Signing time: Wed 09 Mar 2022 11:46:55 +0000
ROA not before: Wed 09 Mar 2022 11:46:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 171.22.147.0/24 maxlen: 24
171.22.146.0/24 maxlen: 24
31.43.174.0/23 maxlen: 24
185.235.71.0/24 maxlen: 24
185.149.15.0/24 maxlen: 24
185.149.12.0/24 maxlen: 24
89.46.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 174452481 (0xa65ef01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Mar 9 11:46:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb828e0ce3c0fce8b1f2a15fb7e0b5d53a0cd8b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a5:67:4c:83:f7:6b:e1:d6:8b:c0:7d:1a:50:
e9:32:c1:19:52:2a:41:c3:cc:c0:b0:93:ca:6a:01:
a9:0c:fa:de:de:2a:de:2c:95:7f:00:af:0f:4e:b6:
1e:d5:20:86:8e:82:ed:7f:57:91:8e:30:2e:47:14:
cb:51:4a:17:8e:f9:a8:3d:b8:70:9e:df:3c:4b:37:
57:c8:21:7f:43:a1:96:ed:0a:48:70:8f:7b:54:b0:
5b:63:29:f1:c4:4c:9b:ef:79:85:7f:32:39:d6:8d:
f5:9e:00:50:62:19:6c:d8:13:a0:80:40:d3:7e:64:
b8:2c:f0:7d:0c:3e:fd:62:cc:a1:d8:bc:d7:d1:84:
5a:a9:fb:ba:eb:d6:23:e9:f8:39:ca:7f:44:4f:51:
8a:0d:6a:62:98:e9:29:21:39:f2:b1:74:e5:a4:7c:
5e:fa:dd:10:fc:38:46:67:c5:a0:aa:87:b9:f7:f9:
4a:4d:1b:c9:46:a6:f0:ba:a4:60:fb:58:26:61:96:
07:68:57:0b:52:25:bf:e8:52:56:df:72:e3:d2:e2:
da:b5:fa:79:8f:47:17:1e:d9:76:d8:3d:6e:48:c8:
e7:59:db:3d:20:eb:91:1f:b7:0d:23:dc:ee:78:a1:
9b:50:f7:bd:4b:b5:01:40:f7:8a:65:ff:4e:82:81:
98:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:82:8E:0C:E3:C0:FC:E8:B1:F2:A1:5F:B7:E0:B5:D5:3A:0C:D8:B7
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/y4KODOPA_Oix8qFft-C11ToM2Lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.174.0/23
89.46.99.0/24
171.22.146.0/23
185.149.12.0/24
185.149.15.0/24
185.235.71.0/24
Signature Algorithm: sha256WithRSAEncryption
00:25:f1:6e:0f:d9:a8:5b:2d:6b:53:25:4b:49:f2:8e:51:22:
f8:30:3a:6e:8f:a4:c7:63:15:bc:fd:0e:3c:7d:78:ff:92:ee:
0b:5d:38:f4:a9:07:a6:80:49:19:24:79:da:06:47:65:bc:3b:
68:94:be:a6:02:80:37:54:b6:68:ac:48:64:f9:9c:4d:72:87:
0d:2e:a3:09:39:96:76:d9:a1:71:00:b6:a1:fc:cd:d7:3d:ee:
64:1c:a3:fb:48:e4:81:cc:b1:97:94:b7:25:9f:da:00:6c:99:
73:db:ce:bc:d4:42:3c:06:aa:b6:79:79:4b:30:c9:3f:6a:fa:
35:e9:1c:16:54:8f:80:69:98:97:88:84:b3:2a:81:f2:c6:58:
01:a1:52:d4:0a:63:54:29:f4:ed:45:4e:53:bc:85:d3:4a:82:
62:0f:5f:9b:9d:db:9e:4e:15:7d:d8:cb:2f:96:37:e5:6f:d9:
16:64:f2:47:de:c6:07:3c:97:30:71:ea:ef:d8:7a:a4:05:75:
85:b3:c7:ff:b3:00:81:c9:52:af:38:9a:9d:f2:32:2b:ee:4b:
c6:0c:12:72:d6:96:e8:03:48:ea:ec:d0:af:39:bc:da:32:3d:
aa:2b:bc:92:54:b9:e4:0e:70:37:2e:a4:c4:e2:59:2c:f4:8f:
12:79:98:59
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIECmXvATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDMw
OTExNDY1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2I4MjhlMGNlM2Mw
ZmNlOGIxZjJhMTVmYjdlMGI1ZDUzYTBjZDhiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMulZ0yD92vh1ovAfRpQ6TLBGVIqQcPMwLCTymoBqQz63t4q
3iyVfwCvD062HtUgho6C7X9XkY4wLkcUy1FKF475qD24cJ7fPEs3V8ghf0Ohlu0K
SHCPe1SwW2Mp8cRMm+95hX8yOdaN9Z4AUGIZbNgToIBA035kuCzwfQw+/WLModi8
19GEWqn7uuvWI+n4Ocp/RE9Rig1qYpjpKSE58rF05aR8XvrdEPw4RmfFoKqHuff5
Sk0byUam8LqkYPtYJmGWB2hXC1Ilv+hSVt9y49Li2rX6eY9HFx7Zdtg9bkjI51nb
PSDrkR+3DSPc7nihm1D3vUu1AUD3imX/ToKBmEUCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTLgo4M48D86LHyoV+34LXVOgzYtzAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L3k0S09ET1BBX09peDhxRmZ0LUMxMVRvTTJMYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAR8rrgMEAFkuYwMEAasWkgMEALmV
DAMEALmVDwMEALnrRzANBgkqhkiG9w0BAQsFAAOCAQEAACXxbg/ZqFsta1MlS0ny
jlEi+DA6bo+kx2MVvP0OPH14/5LuC1049KkHpoBJGSR52gZHZbw7aJS+pgKAN1S2
aKxIZPmcTXKHDS6jCTmWdtmhcQC2ofzN1z3uZByj+0jkgcyxl5S3JZ/aAGyZc9vO
vNRCPAaqtnl5SzDJP2r6NekcFlSPgGmYl4iEsyqB8sZYAaFS1ApjVCn07UVOU7yF
00qCYg9fm53bnk4VfdjLL5Y35W/ZFmTyR97GBzyXMHHq79h6pAV1hbPH/7MAgclS
rzianfIyK+5LxgwSctaW6ANI6uzQrzm82jI9qiu8klS55A5wNy6kxOJZLPSPEnmY
WQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:01 2023 by rpki-client on console-fra.rpki-client.org