Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/0V-VsemOm_-aDBb3peoxVUOmBdc.roa
File: 0V-VsemOm_-aDBb3peoxVUOmBdc.roa (raw, json)
Hash identifier: 6LNZZZ9gZCW8wrqwqFiNYN5zZ4nT5JeAY7m1ZLdoBSk=
Subject key identifier: D1:5F:95:B1:E9:8E:9B:FF:9A:0C:16:F7:A5:EA:31:55:43:A6:05:D7
Certificate issuer: /CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Certificate serial: 0392B40C
Authority key identifier: 42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/0V-VsemOm_-aDBb3peoxVUOmBdc.roa
Signing time: Fri 01 Apr 2022 11:59:58 +0000
ROA not before: Fri 01 Apr 2022 11:59:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213035
IP address blocks: 194.31.98.0/23 maxlen: 24
194.99.47.0/24 maxlen: 24
31.210.23.0/24 maxlen: 24
194.59.216.0/22 maxlen: 24
162.12.204.0/23 maxlen: 24
162.12.207.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59945996 (0x392b40c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Validity
Not Before: Apr 1 11:59:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d15f95b1e98e9bff9a0c16f7a5ea315543a605d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c9:82:56:d3:dd:34:31:c2:9f:cb:85:39:5c:
6e:18:4c:52:85:9c:f6:f5:06:1a:3d:7f:60:e4:a1:
bb:59:e5:d4:d2:b3:af:32:b2:b2:bd:ca:8f:fe:d0:
ea:a4:a8:8c:6b:d4:06:da:f9:05:47:60:62:38:72:
20:66:b4:05:ee:1d:cc:5c:cf:80:bb:c3:bb:9f:10:
b3:52:de:95:ef:1f:9c:aa:df:ad:59:d5:c1:e3:41:
78:e0:63:64:c5:80:6b:16:d0:b7:3d:18:28:c1:5e:
be:57:20:53:aa:27:55:fb:63:80:4c:67:58:7e:a9:
9e:42:ab:38:d4:72:0a:0d:97:38:1d:1f:91:0d:46:
60:26:4f:53:2f:94:25:a0:ea:ae:8a:94:ef:87:c0:
ff:2e:d7:bf:87:2a:fb:d1:c8:fa:d8:fd:5d:42:5c:
6a:fb:b5:72:20:eb:24:c7:54:5c:f8:af:ac:55:f9:
17:79:14:04:66:58:fe:ff:c0:6a:b6:eb:ac:20:4f:
5d:a4:7d:17:c7:b2:a6:56:30:a8:bf:24:23:02:e2:
e1:9f:09:05:a6:94:86:f3:5b:ab:ef:7d:01:6b:64:
ef:bb:19:7b:5c:86:69:90:40:fd:e9:d7:d1:bf:99:
80:6c:73:5d:db:d3:d3:15:1a:9e:16:96:7c:ff:17:
69:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:5F:95:B1:E9:8E:9B:FF:9A:0C:16:F7:A5:EA:31:55:43:A6:05:D7
X509v3 Authority Key Identifier:
keyid:42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/0V-VsemOm_-aDBb3peoxVUOmBdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/Qk_v-1duQR3lEYcdweC9eiDixNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.23.0/24
162.12.204.0/23
162.12.207.0/24
194.31.98.0/23
194.59.216.0/22
194.99.47.0/24
Signature Algorithm: sha256WithRSAEncryption
20:fc:a5:6b:df:f8:4a:11:ab:80:b5:cf:32:00:9f:dc:85:70:
46:e2:e0:95:8e:fb:fa:da:0f:58:56:43:ce:75:6a:1b:ef:37:
ac:44:97:a4:fc:7f:c6:52:7a:09:11:5a:c4:db:00:ec:1a:bc:
e0:71:6d:76:15:b4:d2:54:74:80:b7:ff:db:f2:61:bd:91:79:
80:7e:6b:30:fa:b1:ce:f9:de:07:d4:bd:e5:b1:8e:11:1b:91:
a2:dc:81:ea:ab:e0:11:26:c6:06:a0:09:70:6c:44:1f:9e:87:
9d:70:1a:59:d4:1d:c7:e5:6a:7f:07:a6:0b:82:a7:aa:4c:ed:
2e:59:94:5f:12:ab:05:aa:bc:04:e9:97:b2:89:03:4d:02:65:
14:ed:55:2b:39:6b:27:7b:ff:bc:38:fc:2c:bb:1d:ff:06:d3:
ac:fa:a1:9f:73:af:50:d3:f0:37:be:09:f0:98:57:76:39:1a:
fd:ab:32:70:70:d9:8d:50:09:06:0b:97:cf:e9:70:ca:ed:28:
93:d5:b9:19:dd:3d:fe:ff:b1:76:33:63:b9:d2:bb:8a:7a:1c:
8a:ea:51:0d:f0:98:20:99:45:8d:84:8e:4f:8d:81:e3:c0:b2:
70:06:f1:a7:96:5e:a2:c7:0e:23:1f:61:d6:40:e1:79:07:3b:
35:58:73:ac
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEA5K0DDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MjRmZWZmYjU3NmU0MTFkZTUxMTg3MWRjMWUwYmQ3YTIwZTJjNGQ3MB4XDTIyMDQw
MTExNTk1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDE1Zjk1YjFlOThl
OWJmZjlhMGMxNmY3YTVlYTMxNTU0M2E2MDVkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANDJglbT3TQxwp/LhTlcbhhMUoWc9vUGGj1/YOShu1nl1NKz
rzKysr3Kj/7Q6qSojGvUBtr5BUdgYjhyIGa0Be4dzFzPgLvDu58Qs1Lele8fnKrf
rVnVweNBeOBjZMWAaxbQtz0YKMFevlcgU6onVftjgExnWH6pnkKrONRyCg2XOB0f
kQ1GYCZPUy+UJaDqroqU74fA/y7Xv4cq+9HI+tj9XUJcavu1ciDrJMdUXPivrFX5
F3kUBGZY/v/AarbrrCBPXaR9F8eyplYwqL8kIwLi4Z8JBaaUhvNbq+99AWtk77sZ
e1yGaZBA/enX0b+ZgGxzXdvT0xUanhaWfP8XaQkCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTRX5Wx6Y6b/5oMFvel6jFVQ6YF1zAfBgNVHSMEGDAWgBRCT+/7V25BHeUR
hx3B4L16IOLE1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FrX3YtMWR1UVIzbEVZY2R3ZUM5ZWlEaXhOYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvNjEzNTA4LTA4MzItNDFmNi1hY2I3LTgzMWY3ZTZmNWNjZC8x
LzBWLVZzZW1PbV8tYURCYjNwZW94VlVPbUJkYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
NjEzNTA4LTA4MzItNDFmNi1hY2I3LTgzMWY3ZTZmNWNjZC8xL1FrX3YtMWR1UVIz
bEVZY2R3ZUM5ZWlEaXhOYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAB/SFwMEAaIMzAMEAKIMzwMEAcIf
YgMEAsI72AMEAMJjLzANBgkqhkiG9w0BAQsFAAOCAQEAIPyla9/4ShGrgLXPMgCf
3IVwRuLglY77+toPWFZDznVqG+83rESXpPx/xlJ6CRFaxNsA7Bq84HFtdhW00lR0
gLf/2/JhvZF5gH5rMPqxzvneB9S95bGOERuRotyB6qvgESbGBqAJcGxEH56HnXAa
WdQdx+VqfwemC4KnqkztLlmUXxKrBaq8BOmXsokDTQJlFO1VKzlrJ3v/vDj8LLsd
/wbTrPqhn3OvUNPwN74J8JhXdjka/asycHDZjVAJBguXz+lwyu0ok9W5Gd09/v+x
djNjudK7inociupRDfCYIJlFjYSOT42B48CycAbxp5ZeoscOIx9h1kDheQc7NVhz
rA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:57 2023 by rpki-client on console-fra.rpki-client.org