Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/1pSJONAL2jtvfDS_K50OaoM2LwU.roa
File: 1pSJONAL2jtvfDS_K50OaoM2LwU.roa (raw, json)
Hash identifier: pkBO8m7joEN3QYKCdEu0Ehpr1glNdMIu+sanGTn+zBs=
Subject key identifier: D6:94:89:38:D0:0B:DA:3B:6F:7C:34:BF:2B:9D:0E:6A:83:36:2F:05
Certificate issuer: /CN=0e282a15c1a5d154bbda872b357607a91f950aa5
Certificate serial: 030805D6
Authority key identifier: 0E:28:2A:15:C1:A5:D1:54:BB:DA:87:2B:35:76:07:A9:1F:95:0A:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DigqFcGl0VS72ocrNXYHqR-VCqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/1pSJONAL2jtvfDS_K50OaoM2LwU.roa
Signing time: Sat 01 Jan 2022 10:55:22 +0000
ROA not before: Sat 01 Jan 2022 10:55:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57033
IP address blocks: 31.43.163.0/24 maxlen: 24
31.43.160.0/22 maxlen: 22
31.43.161.0/24 maxlen: 24
31.43.162.0/24 maxlen: 24
193.107.80.0/24 maxlen: 24
193.107.81.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50857430 (0x30805d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e282a15c1a5d154bbda872b357607a91f950aa5
Validity
Not Before: Jan 1 10:55:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6948938d00bda3b6f7c34bf2b9d0e6a83362f05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:34:30:5d:f7:01:2a:c8:8c:05:02:a3:f4:c1:
30:11:9e:6a:e4:63:8a:d4:63:d5:f6:a1:14:d1:39:
70:fb:76:33:39:13:e5:e3:7b:e4:fd:d0:ba:01:ac:
64:a9:82:37:15:27:70:e6:69:b9:ff:fa:83:86:02:
c2:6a:29:51:33:c6:f8:50:63:fd:ea:16:4b:18:48:
eb:2d:18:00:a6:30:ef:51:37:cf:db:ea:23:59:15:
31:52:06:e0:22:f7:a0:76:44:75:74:50:f8:5b:c4:
25:fc:99:20:07:a7:93:1e:7b:ea:32:ac:72:c8:c4:
a9:7e:55:37:37:2f:f1:e2:03:e4:86:90:c0:dd:e2:
a4:60:51:9f:f8:15:ee:b0:fe:1a:48:1f:a0:5b:0c:
05:98:5b:ea:ec:4d:aa:4d:a5:6f:8c:7d:db:9d:66:
cb:89:09:71:12:b6:0e:6b:9e:39:99:99:91:5b:49:
fe:62:4f:9d:de:19:f6:94:34:5e:dd:34:f3:5f:74:
93:a2:00:d2:86:8e:1d:49:e5:95:6f:65:ff:e9:28:
1e:a6:72:39:c6:51:90:27:b8:96:c7:46:22:d7:e5:
5a:88:c7:70:07:88:54:39:cf:6c:61:e2:c5:92:6a:
b9:d0:1b:b6:8c:b2:96:af:b6:46:51:37:26:dd:85:
91:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:94:89:38:D0:0B:DA:3B:6F:7C:34:BF:2B:9D:0E:6A:83:36:2F:05
X509v3 Authority Key Identifier:
keyid:0E:28:2A:15:C1:A5:D1:54:BB:DA:87:2B:35:76:07:A9:1F:95:0A:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DigqFcGl0VS72ocrNXYHqR-VCqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/1pSJONAL2jtvfDS_K50OaoM2LwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/daf1ae-d5eb-4ca4-8aaf-78741ac93b30/1/DigqFcGl0VS72ocrNXYHqR-VCqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.160.0/22
193.107.80.0/23
Signature Algorithm: sha256WithRSAEncryption
96:de:ce:36:8c:01:12:7c:85:49:65:68:d5:5c:0f:97:c0:93:
81:e5:db:97:ae:61:0a:af:b6:28:9b:1e:76:c5:20:48:0a:22:
c5:c9:2a:cf:28:05:48:72:8e:9a:07:95:f5:48:10:3c:23:ef:
60:f6:8b:7b:27:8b:0a:70:15:48:44:23:b2:ba:67:d1:f1:15:
21:2c:af:cb:73:70:07:3e:aa:d6:9a:a6:7b:b0:0c:7a:94:9c:
d8:8a:45:82:e2:84:35:25:10:4d:55:20:f5:00:c2:b3:21:b3:
b2:c7:76:34:fc:cb:e6:5b:e9:0a:a6:e9:ed:f3:ff:8e:f5:7d:
9d:ec:32:0d:46:cf:74:8e:84:4b:20:06:28:2a:b9:98:f3:4c:
60:01:5f:18:2c:b8:83:c0:6c:26:0a:ba:cb:1a:98:8c:33:da:
dc:c1:e1:c5:85:25:14:db:07:d8:23:39:5f:93:6f:5b:d8:87:
f0:b7:f2:ef:10:f6:0f:ef:f9:55:c4:87:e3:66:15:a3:56:65:
bb:f5:04:ad:b2:f6:21:1d:ad:c9:98:ca:14:a9:b8:7a:83:07:
98:4e:af:a9:15:71:01:10:5d:2e:1b:dc:1d:ee:48:b4:30:9a:
f8:bd:c7:75:e5:24:47:7c:3f:30:7d:94:e3:7d:ea:0f:d6:93:
cc:3b:20:f4
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAwgF1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZTI4MmExNWMxYTVkMTU0YmJkYTg3MmIzNTc2MDdhOTFmOTUwYWE1MB4XDTIyMDEw
MTEwNTUyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDY5NDg5MzhkMDBi
ZGEzYjZmN2MzNGJmMmI5ZDBlNmE4MzM2MmYwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKE0MF33ASrIjAUCo/TBMBGeauRjitRj1fahFNE5cPt2MzkT
5eN75P3QugGsZKmCNxUncOZpuf/6g4YCwmopUTPG+FBj/eoWSxhI6y0YAKYw71E3
z9vqI1kVMVIG4CL3oHZEdXRQ+FvEJfyZIAenkx576jKscsjEqX5VNzcv8eID5IaQ
wN3ipGBRn/gV7rD+GkgfoFsMBZhb6uxNqk2lb4x9251my4kJcRK2DmueOZmZkVtJ
/mJPnd4Z9pQ0Xt008190k6IA0oaOHUnllW9l/+koHqZyOcZRkCe4lsdGItflWojH
cAeIVDnPbGHixZJqudAbtoyylq+2RlE3Jt2FkTkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTWlIk40AvaO298NL8rnQ5qgzYvBTAfBgNVHSMEGDAWgBQOKCoVwaXRVLva
hys1dgepH5UKpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RpZ3FGY0dsMFZTNzJvY3JOWFlIcVItVkNxVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvZGFmMWFlLWQ1ZWItNGNhNC04YWFmLTc4NzQxYWM5M2IzMC8x
LzFwU0pPTkFMMmp0dmZEU19LNTBPYW9NMkx3VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
ZGFmMWFlLWQ1ZWItNGNhNC04YWFmLTc4NzQxYWM5M2IzMC8xL0RpZ3FGY0dsMFZT
NzJvY3JOWFlIcVItVkNxVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAh8roAMEAcFrUDANBgkqhkiG9w0B
AQsFAAOCAQEAlt7ONowBEnyFSWVo1VwPl8CTgeXbl65hCq+2KJsedsUgSAoixckq
zygFSHKOmgeV9UgQPCPvYPaLeyeLCnAVSEQjsrpn0fEVISyvy3NwBz6q1pqme7AM
epSc2IpFguKENSUQTVUg9QDCsyGzssd2NPzL5lvpCqbp7fP/jvV9newyDUbPdI6E
SyAGKCq5mPNMYAFfGCy4g8BsJgq6yxqYjDPa3MHhxYUlFNsH2CM5X5NvW9iH8Lfy
7xD2D+/5VcSH42YVo1Zlu/UErbL2IR2tyZjKFKm4eoMHmE6vqRVxARBdLhvcHe5I
tDCa+L3HdeUkR3w/MH2U433qD9aTzDsg9A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:24 2024 by rpki-client on console-ams.rpki-client.org