Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/AH-j9oXBrc5cRXGN2Zi83m0a_kw.roa
File: AH-j9oXBrc5cRXGN2Zi83m0a_kw.roa (raw, json)
Hash identifier: Ss0rNYrCk5etMQsXJ4TTBR5soAO7Wc4NDdTnpc8fROg=
Subject key identifier: 00:7F:A3:F6:85:C1:AD:CE:5C:45:71:8D:D9:98:BC:DE:6D:1A:FE:4C
Certificate issuer: /CN=d03febfd537e320cbbec2b4e22677b9ae66f604e
Certificate serial: 018D8430EFE0429F31201D91419F912D8F88
Authority key identifier: D0:3F:EB:FD:53:7E:32:0C:BB:EC:2B:4E:22:67:7B:9A:E6:6F:60:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0D_r_VN-Mgy77CtOImd7muZvYE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/AH-j9oXBrc5cRXGN2Zi83m0a_kw.roa
Signing time: Wed 07 Feb 2024 15:30:16 +0000
ROA not before: Wed 07 Feb 2024 15:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 31.222.246.0/24 maxlen: 24
93.190.120.0/24 maxlen: 24
146.19.10.0/24 maxlen: 24
146.19.72.0/24 maxlen: 24
185.140.174.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:30:ef:e0:42:9f:31:20:1d:91:41:9f:91:2d:8f:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d03febfd537e320cbbec2b4e22677b9ae66f604e
Validity
Not Before: Feb 7 15:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=007fa3f685c1adce5c45718dd998bcde6d1afe4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:83:3e:f1:01:a3:36:a0:8a:f8:75:08:28:51:
d1:a0:a6:c6:7f:49:5e:03:03:b5:a3:a5:33:23:f4:
bb:8d:89:35:b8:19:07:be:b7:e7:74:dd:17:ad:37:
a4:1b:de:58:42:5c:99:74:20:f9:71:c0:ff:1a:69:
74:24:ae:1f:8d:cb:76:01:09:3e:a0:c2:0b:1a:f8:
73:3f:f7:03:15:c9:d5:97:da:71:1c:c9:31:5a:67:
ec:77:f9:0b:ef:da:8a:fa:fb:5d:f1:bc:76:ec:f7:
c1:03:b7:86:ff:7e:0a:8d:6e:5c:60:6b:0d:4c:1c:
05:75:a6:2f:c3:70:d9:9d:b4:c7:d8:cd:72:fc:db:
51:4a:c2:73:3d:82:ba:85:94:0f:d6:29:94:d0:c5:
b3:6e:52:da:00:75:a4:90:fd:24:ea:4e:7a:0f:54:
91:00:61:f2:0a:89:a0:2f:0f:77:7b:00:3f:48:75:
ba:b1:d6:71:a5:f0:d1:11:57:43:16:f6:c1:ba:02:
36:39:c5:51:57:3f:da:a3:0e:c6:49:19:86:bf:66:
f8:39:5a:bd:87:fd:60:90:c1:41:77:87:2a:43:f9:
4f:fa:28:05:78:68:0b:44:8f:9e:58:76:72:eb:37:
fd:a4:35:ef:df:5f:d9:eb:a2:6a:f9:56:64:2a:b4:
ba:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:7F:A3:F6:85:C1:AD:CE:5C:45:71:8D:D9:98:BC:DE:6D:1A:FE:4C
X509v3 Authority Key Identifier:
keyid:D0:3F:EB:FD:53:7E:32:0C:BB:EC:2B:4E:22:67:7B:9A:E6:6F:60:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0D_r_VN-Mgy77CtOImd7muZvYE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/AH-j9oXBrc5cRXGN2Zi83m0a_kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a11567-259e-4d1b-bfcb-281fade2834b/1/0D_r_VN-Mgy77CtOImd7muZvYE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.246.0/24
93.190.120.0/24
146.19.10.0/24
146.19.72.0/24
185.140.174.0/24
Signature Algorithm: sha256WithRSAEncryption
65:9e:82:bc:5a:00:b2:bc:a0:a7:d0:25:25:d4:11:f9:d0:c2:
06:07:60:26:f7:b5:01:70:6c:b5:2a:63:89:b4:92:b5:08:ef:
ff:46:db:b1:3a:9c:17:9d:41:37:79:62:b5:be:11:0e:5b:8f:
46:d7:0d:67:f4:6d:df:50:e2:ce:bb:bc:15:d0:66:a6:da:7f:
f7:a1:fc:1f:b0:45:81:40:43:b1:f4:ee:c1:f8:28:63:2b:11:
3e:b4:04:ea:de:a2:99:3e:71:2e:6a:05:dd:9e:1f:b0:d6:ec:
4c:bc:d9:0f:60:4d:78:5a:fe:7c:4f:bd:e9:02:43:69:8c:a6:
ed:c5:40:9a:1a:9a:be:85:28:75:34:da:5e:c7:21:e5:60:84:
88:81:f2:c8:55:79:e2:71:9a:4a:cb:7f:9b:44:34:cc:69:7b:
cd:8f:1c:8c:8a:71:d2:be:82:7f:76:ba:34:7f:fa:60:84:01:
b2:aa:38:78:a2:18:ac:86:74:3d:f5:67:a7:2a:2c:45:3f:c3:
25:87:f0:a9:f8:02:9f:e2:64:db:53:28:f5:29:41:25:b9:45:
6b:8a:98:dd:80:be:6a:1a:b2:f0:47:a5:57:9b:aa:16:16:8a:
4b:3b:ee:e2:08:94:a7:8c:96:32:92:e4:33:88:34:43:23:64:
c6:16:ea:aa
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY2EMO/gQp8xIB2RQZ+RLY+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwM2ZlYmZkNTM3ZTMyMGNiYmVjMmI0ZTIyNjc3YjlhZTY2
ZjYwNGUwHhcNMjQwMjA3MTUzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDdmYTNmNjg1YzFhZGNlNWM0NTcxOGRkOTk4YmNkZTZkMWFmZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoM+8QGjNqCK+HUIKFHRoKbGf0le
AwO1o6UzI/S7jYk1uBkHvrfndN0XrTekG95YQlyZdCD5ccD/Gml0JK4fjct2AQk+
oMILGvhzP/cDFcnVl9pxHMkxWmfsd/kL79qK+vtd8bx27PfBA7eG/34KjW5cYGsN
TBwFdaYvw3DZnbTH2M1y/NtRSsJzPYK6hZQP1imU0MWzblLaAHWkkP0k6k56D1SR
AGHyComgLw93ewA/SHW6sdZxpfDREVdDFvbBugI2OcVRVz/aow7GSRmGv2b4OVq9
h/1gkMFBd4cqQ/lP+igFeGgLRI+eWHZy6zf9pDXv31/Z66Jq+VZkKrS6swIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAB/o/aFwa3OXEVxjdmYvN5tGv5MMB8GA1UdIwQY
MBaAFNA/6/1TfjIMu+wrTiJne5rmb2BOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERfcl9WTi1NZ3k3N0N0T0ltZDdtdVp2WUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hMTE1NjctMjU5ZS00ZDFiLWJmY2It
MjgxZmFkZTI4MzRiLzEvQUgtajlvWEJyYzVjUlhHTjJaaTgzbTBhX2t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hMTE1NjctMjU5ZS00ZDFiLWJmY2ItMjgxZmFkZTI4MzRi
LzEvMERfcl9WTi1NZ3k3N0N0T0ltZDdtdVp2WUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAH972AwQA
Xb54AwQAkhMKAwQAkhNIAwQAuYyuMA0GCSqGSIb3DQEBCwUAA4IBAQBlnoK8WgCy
vKCn0CUl1BH50MIGB2Am97UBcGy1KmOJtJK1CO//RtuxOpwXnUE3eWK1vhEOW49G
1w1n9G3fUOLOu7wV0Gam2n/3ofwfsEWBQEOx9O7B+ChjKxE+tATq3qKZPnEuagXd
nh+w1uxMvNkPYE14Wv58T73pAkNpjKbtxUCaGpq+hSh1NNpexyHlYISIgfLIVXni
cZpKy3+bRDTMaXvNjxyMinHSvoJ/dro0f/pghAGyqjh4ohishnQ99WenKixFP8Ml
h/Cp+AKf4mTbUyj1KUEluUVripjdgL5qGrLwR6VXm6oWFopLO+7iCJSnjJYykuQz
iDRDI2TGFuqq
-----END CERTIFICATE-----
Generated at Thu Feb 29 16:39:03 2024 by rpki-client on console-ams.rpki-client.org