Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/NLOA2smapTRODx8z-wjw-CISNVs.roa
File: NLOA2smapTRODx8z-wjw-CISNVs.roa (raw, json)
Hash identifier: dEuKzcMMQFLfoD4UpCtkqdifWf/I9Cdxtz3YM/hd4wg=
Subject key identifier: 34:B3:80:DA:C9:9A:A5:34:4E:0F:1F:33:FB:08:F0:F8:22:12:35:5B
Certificate issuer: /CN=f4db95f9d1b5c3ec934ff84d6ff7f01242da842a
Certificate serial: 0185737A97C618A6D021362A6E66D3B32D92
Authority key identifier: F4:DB:95:F9:D1:B5:C3:EC:93:4F:F8:4D:6F:F7:F0:12:42:DA:84:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NuV-dG1w-yTT_hNb_fwEkLahCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/NLOA2smapTRODx8z-wjw-CISNVs.roa
Signing time: Mon 02 Jan 2023 17:14:52 +0000
ROA not before: Mon 02 Jan 2023 17:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 83.171.252.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:97:c6:18:a6:d0:21:36:2a:6e:66:d3:b3:2d:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4db95f9d1b5c3ec934ff84d6ff7f01242da842a
Validity
Not Before: Jan 2 17:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34b380dac99aa5344e0f1f33fb08f0f82212355b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ff:af:ce:80:fc:31:ac:a2:46:ba:97:bf:7b:
f4:0f:67:a3:0f:bd:aa:30:aa:01:ae:14:d0:04:2b:
19:9a:4f:1c:47:ac:65:22:db:54:89:77:1c:32:6d:
c3:b0:d2:43:ca:9b:90:d8:6f:d7:af:9d:45:c1:af:
bd:7d:76:0b:6b:a7:3a:3e:0b:a9:46:38:e1:e8:a9:
e5:8a:34:5c:b3:db:c1:a2:7b:bf:0b:1b:91:b9:a8:
11:ff:e0:af:43:f1:ff:24:ed:32:ba:08:06:a2:86:
57:61:42:f4:9e:d4:f8:74:e0:bb:49:87:1f:21:c3:
a7:4a:29:48:9b:72:fa:7b:d0:7b:58:ca:d2:3d:66:
b5:39:9d:24:5a:f8:c3:51:0d:85:31:2e:bc:6f:49:
e4:9e:e3:2d:35:67:8c:72:e4:36:45:0b:0e:bd:77:
7e:82:7d:c4:21:db:c3:2e:93:27:18:fc:f7:15:e1:
9c:57:5a:05:73:f6:ec:60:39:fd:d6:3e:66:9e:ab:
68:81:e2:1d:4c:fd:e8:a3:55:71:93:3d:43:b8:e3:
63:ea:99:9f:42:c0:5f:ed:95:82:36:50:50:14:6c:
bc:91:f3:02:c9:f6:12:fc:13:0f:a9:7c:c6:86:05:
06:25:43:62:23:e9:37:54:13:25:08:3c:7a:f6:3a:
eb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B3:80:DA:C9:9A:A5:34:4E:0F:1F:33:FB:08:F0:F8:22:12:35:5B
X509v3 Authority Key Identifier:
keyid:F4:DB:95:F9:D1:B5:C3:EC:93:4F:F8:4D:6F:F7:F0:12:42:DA:84:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NuV-dG1w-yTT_hNb_fwEkLahCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/NLOA2smapTRODx8z-wjw-CISNVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/9NuV-dG1w-yTT_hNb_fwEkLahCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.252.0/23
Signature Algorithm: sha256WithRSAEncryption
06:41:23:71:74:ee:20:e3:77:0e:03:1b:0c:a3:85:14:3e:58:
32:38:74:fd:9c:29:9c:b7:06:dd:2b:c0:53:14:b4:d3:05:78:
3c:2a:49:7e:8c:3f:b3:8a:d9:8a:03:77:4c:2f:17:33:6e:53:
03:80:b3:d7:e4:3c:ba:4e:a3:d0:fd:66:78:7e:f5:aa:e1:2a:
d1:b8:21:8c:ac:ef:ba:b0:98:07:f2:0c:1b:e6:7c:d9:d9:33:
e7:4d:f3:3f:17:bf:db:b6:1d:d1:d5:29:58:75:24:8f:8e:62:
ed:e7:b6:64:66:99:d1:de:d8:7d:a1:e3:c3:de:55:75:5d:68:
c6:d3:a8:54:b1:c0:c2:4a:9e:2e:a1:39:6e:6f:34:56:5e:bf:
89:ff:6b:be:71:07:05:84:de:2d:ae:bc:75:a7:0b:c0:91:7c:
8f:c6:c0:6f:40:3b:55:c2:31:14:6c:d5:94:0a:70:c3:2c:45:
0e:a4:7a:ef:04:cb:1f:46:07:d1:f1:ad:87:d0:82:79:ce:fb:
7d:d7:0b:c0:fc:9d:47:1c:f0:f0:3b:e3:fb:48:75:24:e4:64:
87:a2:f8:cc:2f:ab:98:22:10:3f:34:fc:fc:ac:e2:fa:5d:06:
ef:21:a1:e6:6f:a2:34:0c:80:7c:a8:68:2a:f8:a4:db:f6:de:
5b:f2:ac:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzepfGGKbQITYqbmbTsy2SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZGI5NWY5ZDFiNWMzZWM5MzRmZjg0ZDZmZjdmMDEyNDJk
YTg0MmEwHhcNMjMwMTAyMTcxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGIzODBkYWM5OWFhNTM0NGUwZjFmMzNmYjA4ZjBmODIyMTIzNTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtf+vzoD8MayiRrqXv3v0D2ejD72q
MKoBrhTQBCsZmk8cR6xlIttUiXccMm3DsNJDypuQ2G/Xr51Fwa+9fXYLa6c6Pgup
Rjjh6KnlijRcs9vBonu/CxuRuagR/+CvQ/H/JO0yuggGooZXYUL0ntT4dOC7SYcf
IcOnSilIm3L6e9B7WMrSPWa1OZ0kWvjDUQ2FMS68b0nknuMtNWeMcuQ2RQsOvXd+
gn3EIdvDLpMnGPz3FeGcV1oFc/bsYDn91j5mnqtogeIdTP3oo1Vxkz1DuONj6pmf
QsBf7ZWCNlBQFGy8kfMCyfYS/BMPqXzGhgUGJUNiI+k3VBMlCDx69jrrIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSzgNrJmqU0Tg8fM/sI8PgiEjVbMB8GA1UdIwQY
MBaAFPTblfnRtcPsk0/4TW/38BJC2oQqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU51Vi1kRzF3LXlUVF9oTmJfZndFa0xhaENvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC80NmQ3YWYtMDJmYi00NWY5LWE5MjIt
MTRiMzhiNmUwMGE3LzEvTkxPQTJzbWFwVFJPRHg4ei13anctQ0lTTlZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC80NmQ3YWYtMDJmYi00NWY5LWE5MjItMTRiMzhiNmUwMGE3
LzEvOU51Vi1kRzF3LXlUVF9oTmJfZndFa0xhaENvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBU6v8MA0G
CSqGSIb3DQEBCwUAA4IBAQAGQSNxdO4g43cOAxsMo4UUPlgyOHT9nCmctwbdK8BT
FLTTBXg8Kkl+jD+zitmKA3dMLxczblMDgLPX5Dy6TqPQ/WZ4fvWq4SrRuCGMrO+6
sJgH8gwb5nzZ2TPnTfM/F7/bth3R1SlYdSSPjmLt57ZkZpnR3th9oePD3lV1XWjG
06hUscDCSp4uoTlubzRWXr+J/2u+cQcFhN4trrx1pwvAkXyPxsBvQDtVwjEUbNWU
CnDDLEUOpHrvBMsfRgfR8a2H0IJ5zvt91wvA/J1HHPDwO+P7SHUk5GSHovjML6uY
IhA/NPz8rOL6XQbvIaHmb6I0DIB8qGgq+KTb9t5b8qwa
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:03 2023 by rpki-client on console-ams.rpki-client.org