Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/2dcab0-817d-4db4-86cd-808f214ec177/1/i936zSs-aXIXTeKIr-1XC6KkoWI.roa
File: i936zSs-aXIXTeKIr-1XC6KkoWI.roa (raw, json)
Hash identifier: v8weEpYFg5ECXOHwbpZZAM+dJ80LLG1kG90anuepGjA=
Subject key identifier: 8B:DD:FA:CD:2B:3E:69:72:17:4D:E2:88:AF:ED:57:0B:A2:A4:A1:62
Certificate issuer: /CN=0692d72f4ef3d742d725a5b7a92fac56160b925c
Certificate serial: 018691FAC1043CB883B1934C420FE1FC4304
Authority key identifier: 06:92:D7:2F:4E:F3:D7:42:D7:25:A5:B7:A9:2F:AC:56:16:0B:92:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BpLXL07z10LXJaW3qS-sVhYLklw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/2dcab0-817d-4db4-86cd-808f214ec177/1/i936zSs-aXIXTeKIr-1XC6KkoWI.roa
Signing time: Mon 27 Feb 2023 08:26:14 +0000
ROA not before: Mon 27 Feb 2023 08:26:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49778
IP address blocks: 178.22.31.0/24 maxlen: 24
2a11:e380::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:91:fa:c1:04:3c:b8:83:b1:93:4c:42:0f:e1:fc:43:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0692d72f4ef3d742d725a5b7a92fac56160b925c
Validity
Not Before: Feb 27 08:26:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bddfacd2b3e6972174de288afed570ba2a4a162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:93:b5:d8:96:87:ae:18:5d:11:ad:d2:af:ee:
e7:cb:a2:f1:00:f9:6c:c6:e5:c8:6a:bb:fa:c0:af:
dd:66:a9:fe:1b:91:85:01:a7:50:cc:03:20:3d:6d:
3c:d9:f4:cc:1a:f9:4a:08:fd:84:00:8f:be:66:62:
38:3f:20:59:b2:d7:de:75:4a:d4:b3:ca:68:e1:d0:
9c:a9:d7:71:7a:ef:cf:c4:92:f6:3f:ed:65:e9:cb:
f5:7d:c2:45:f6:4e:0a:3a:73:dd:c5:aa:27:d5:33:
83:30:d4:3e:09:56:62:2e:5d:10:cb:92:2b:73:24:
7a:ce:b9:6b:69:d8:35:98:3a:d7:bc:cf:c9:de:5f:
c4:59:d4:40:be:2c:30:ab:76:5f:e9:19:b8:46:f6:
84:81:2f:99:cc:8d:83:b2:5f:b8:79:81:6d:70:3c:
86:d6:d3:41:c1:d1:31:73:fd:c6:a3:16:3e:f8:bf:
11:f4:23:7c:42:4e:37:96:3d:8e:f8:c2:9e:68:8a:
6e:c4:d1:82:b9:c2:7a:e9:a9:35:d3:8f:0f:ec:80:
e7:c5:43:87:3e:d8:d8:24:dd:d8:79:f0:04:07:0a:
4a:c7:fe:08:11:f0:b1:a2:43:b2:00:0a:12:24:6b:
b3:ac:7d:8b:d4:cb:b1:e7:3a:32:6a:e2:b4:5e:4f:
0b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:DD:FA:CD:2B:3E:69:72:17:4D:E2:88:AF:ED:57:0B:A2:A4:A1:62
X509v3 Authority Key Identifier:
keyid:06:92:D7:2F:4E:F3:D7:42:D7:25:A5:B7:A9:2F:AC:56:16:0B:92:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BpLXL07z10LXJaW3qS-sVhYLklw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/2dcab0-817d-4db4-86cd-808f214ec177/1/i936zSs-aXIXTeKIr-1XC6KkoWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/2dcab0-817d-4db4-86cd-808f214ec177/1/BpLXL07z10LXJaW3qS-sVhYLklw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.22.31.0/24
IPv6:
2a11:e380::/29
Signature Algorithm: sha256WithRSAEncryption
14:18:27:07:c5:bd:55:ee:39:e9:aa:91:79:95:9b:f9:5d:c5:
dd:ad:b2:e2:d8:5b:c0:b0:f9:6a:50:67:42:ae:66:77:82:2f:
ed:50:fe:26:66:57:af:4c:3e:6f:4a:a1:77:ad:83:49:1e:71:
dc:f7:6e:1d:54:62:b5:70:d3:48:0e:61:62:b1:f6:c5:e3:f9:
76:5a:75:90:c5:01:3b:54:dc:ca:01:dd:7a:01:91:12:28:5c:
65:27:b6:11:bb:dd:a5:3c:27:8b:c1:d8:0f:46:c0:58:ff:cb:
76:f9:6d:76:ec:78:46:31:3d:ef:7a:b5:c7:c5:c7:11:53:e3:
42:2e:2f:6a:a8:54:3a:d2:e7:53:09:79:68:62:98:49:e9:2b:
ab:da:77:66:75:ad:35:41:25:29:76:8f:90:4f:4c:72:5f:7d:
7b:6c:51:af:b6:6c:b6:10:89:b8:11:da:5b:fc:a5:39:17:e5:
22:b7:13:86:55:56:0e:a8:66:11:26:cb:50:7f:cb:c0:5c:25:
8b:e3:ab:cd:91:4e:a5:48:31:14:cc:0c:f3:10:3f:ac:22:4b:
61:e8:b4:f7:53:bd:dd:c8:b9:d6:12:ac:d2:a2:f5:e2:59:d1:
3d:2a:f1:44:fc:98:12:fa:a8:3a:05:d6:57:c8:9a:3f:08:db:
d5:84:15:ff
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYaR+sEEPLiDsZNMQg/h/EMEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2OTJkNzJmNGVmM2Q3NDJkNzI1YTViN2E5MmZhYzU2MTYw
YjkyNWMwHhcNMjMwMjI3MDgyNjE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmRkZmFjZDJiM2U2OTcyMTc0ZGUyODhhZmVkNTcwYmEyYTRhMTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5O12JaHrhhdEa3Sr+7ny6LxAPls
xuXIarv6wK/dZqn+G5GFAadQzAMgPW082fTMGvlKCP2EAI++ZmI4PyBZstfedUrU
s8po4dCcqddxeu/PxJL2P+1l6cv1fcJF9k4KOnPdxaon1TODMNQ+CVZiLl0Qy5Ir
cyR6zrlradg1mDrXvM/J3l/EWdRAviwwq3Zf6Rm4RvaEgS+ZzI2Dsl+4eYFtcDyG
1tNBwdExc/3GoxY++L8R9CN8Qk43lj2O+MKeaIpuxNGCucJ66ak1048P7IDnxUOH
PtjYJN3YefAEBwpKx/4IEfCxokOyAAoSJGuzrH2L1Mux5zoyauK0Xk8L/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIvd+s0rPmlyF03iiK/tVwuipKFiMB8GA1UdIwQY
MBaAFAaS1y9O89dC1yWlt6kvrFYWC5JcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnBMWEwwN3oxMExYSmFXM3FTLXNWaFlMa2x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8yZGNhYjAtODE3ZC00ZGI0LTg2Y2Qt
ODA4ZjIxNGVjMTc3LzEvaTkzNnpTcy1hWElYVGVLSXItMVhDNktrb1dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni8yZGNhYjAtODE3ZC00ZGI0LTg2Y2QtODA4ZjIxNGVjMTc3
LzEvQnBMWEwwN3oxMExYSmFXM3FTLXNWaFlMa2x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAshYfMA0E
AgACMAcDBQMqEeOAMA0GCSqGSIb3DQEBCwUAA4IBAQAUGCcHxb1V7jnpqpF5lZv5
XcXdrbLi2FvAsPlqUGdCrmZ3gi/tUP4mZlevTD5vSqF3rYNJHnHc924dVGK1cNNI
DmFisfbF4/l2WnWQxQE7VNzKAd16AZESKFxlJ7YRu92lPCeLwdgPRsBY/8t2+W12
7HhGMT3verXHxccRU+NCLi9qqFQ60udTCXloYphJ6Sur2ndmda01QSUpdo+QT0xy
X317bFGvtmy2EIm4Edpb/KU5F+UitxOGVVYOqGYRJstQf8vAXCWL46vNkU6lSDEU
zAzzED+sIkth6LT3U73dyLnWEqzSovXiWdE9KvFE/JgS+qg6BdZXyJo/CNvVhBX/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:41 2023 by rpki-client on console-fra.rpki-client.org