Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/pLgoJXEnDqVKJexgLeWl3tJkSVI.roa
File: pLgoJXEnDqVKJexgLeWl3tJkSVI.roa (raw, json)
Hash identifier: IIDvZ7DlBfHWaddwL1rUN2ikuIJOeyURAuJcNAnoKW4=
Subject key identifier: A4:B8:28:25:71:27:0E:A5:4A:25:EC:60:2D:E5:A5:DE:D2:64:49:52
Certificate issuer: /CN=f4db95f9d1b5c3ec934ff84d6ff7f01242da842a
Certificate serial: 0185737A9671A0A5EFC11F6CC767E7DBCFAB
Authority key identifier: F4:DB:95:F9:D1:B5:C3:EC:93:4F:F8:4D:6F:F7:F0:12:42:DA:84:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NuV-dG1w-yTT_hNb_fwEkLahCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/pLgoJXEnDqVKJexgLeWl3tJkSVI.roa
Signing time: Mon 02 Jan 2023 17:14:51 +0000
ROA not before: Mon 02 Jan 2023 17:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35830
IP address blocks: 83.171.254.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:96:71:a0:a5:ef:c1:1f:6c:c7:67:e7:db:cf:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4db95f9d1b5c3ec934ff84d6ff7f01242da842a
Validity
Not Before: Jan 2 17:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4b8282571270ea54a25ec602de5a5ded2644952
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:33:6f:cb:83:c1:55:c7:98:33:8e:72:92:9b:
d5:f3:59:5b:90:1d:a7:72:05:95:d9:64:8c:c0:44:
e1:0f:e1:ff:90:db:8b:fe:7b:ef:41:d0:59:47:b1:
d9:e2:7b:8a:f3:76:3c:67:ad:0c:cf:17:c8:67:ad:
42:9b:1a:b2:c5:47:5d:f5:16:11:79:e3:6f:78:23:
4f:77:61:42:56:df:a9:9e:00:c9:4a:02:ea:22:67:
b9:94:ea:35:a7:43:37:bf:1f:25:0b:b7:20:b5:56:
e7:f1:49:78:ca:a0:96:4e:39:61:37:b9:19:2f:c2:
ed:28:00:ce:75:4b:f7:1e:6a:a1:ff:86:4a:5b:7d:
01:96:e4:e5:76:56:b1:84:b1:ca:12:1e:94:48:d9:
dc:91:1d:37:09:0e:86:1f:ef:d4:6d:c7:5c:c1:81:
ec:4c:a8:3f:2f:64:0e:c8:4f:28:1b:16:1a:27:01:
3d:24:bc:90:84:e2:ab:ae:24:01:e6:b9:99:92:fb:
ae:2c:75:a5:b8:94:1b:4e:10:91:41:15:b3:8a:cc:
df:6d:84:9d:ea:4a:13:8a:a5:28:63:9c:93:16:37:
85:ff:40:04:6b:f0:3a:23:d6:87:bb:51:1e:47:88:
20:ee:e2:cc:3c:1e:da:65:20:43:20:44:15:4b:92:
cf:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:B8:28:25:71:27:0E:A5:4A:25:EC:60:2D:E5:A5:DE:D2:64:49:52
X509v3 Authority Key Identifier:
keyid:F4:DB:95:F9:D1:B5:C3:EC:93:4F:F8:4D:6F:F7:F0:12:42:DA:84:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NuV-dG1w-yTT_hNb_fwEkLahCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/pLgoJXEnDqVKJexgLeWl3tJkSVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/46d7af-02fb-45f9-a922-14b38b6e00a7/1/9NuV-dG1w-yTT_hNb_fwEkLahCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.254.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:fe:c5:cf:76:6d:6c:a8:2b:f1:55:a1:85:89:61:b1:09:3f:
2b:a1:3b:58:1d:9c:bc:6f:7a:2b:0e:bb:b6:f0:6f:da:84:c9:
69:cf:49:fd:05:0f:15:8f:65:b2:a5:b8:24:78:b4:b2:3e:2b:
8a:1d:6d:0d:11:07:10:c5:7f:06:11:e6:59:bc:ea:b6:e2:cc:
93:aa:99:7e:06:80:37:9a:ba:b5:e7:06:c2:e5:cf:ed:69:ca:
22:a6:00:f5:5a:79:4b:88:b4:bb:e4:8e:3a:72:6a:88:2a:97:
6c:d6:00:75:4a:37:0b:cb:a2:d7:1b:23:8d:99:93:3d:88:e7:
f7:bd:53:f2:b6:7c:93:22:1b:ec:96:42:08:81:88:56:3c:86:
4a:a1:87:2c:17:0a:9b:f4:b8:fb:ce:9b:37:fe:39:9e:00:2d:
cf:16:06:b0:46:01:fe:d8:69:e1:c5:2e:04:5e:1d:cd:18:4a:
b9:d3:89:51:2f:2c:41:f3:0a:10:b0:44:6d:dc:6a:fa:b6:7d:
46:a6:d6:c4:c5:cf:65:5e:e0:ed:05:a9:64:2e:fc:1e:9d:77:
02:d1:6e:f4:d5:f8:98:93:73:a2:ee:0b:76:0f:bd:76:7f:8c:
e7:ce:fc:71:42:cc:78:7f:6b:de:ff:0f:ee:d1:42:ef:bc:e6:
2f:3d:57:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzepZxoKXvwR9sx2fn28+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZGI5NWY5ZDFiNWMzZWM5MzRmZjg0ZDZmZjdmMDEyNDJk
YTg0MmEwHhcNMjMwMTAyMTcxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGI4MjgyNTcxMjcwZWE1NGEyNWVjNjAyZGU1YTVkZWQyNjQ0OTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjNvy4PBVceYM45ykpvV81lbkB2n
cgWV2WSMwEThD+H/kNuL/nvvQdBZR7HZ4nuK83Y8Z60MzxfIZ61CmxqyxUdd9RYR
eeNveCNPd2FCVt+pngDJSgLqIme5lOo1p0M3vx8lC7cgtVbn8Ul4yqCWTjlhN7kZ
L8LtKADOdUv3Hmqh/4ZKW30BluTldlaxhLHKEh6USNnckR03CQ6GH+/UbcdcwYHs
TKg/L2QOyE8oGxYaJwE9JLyQhOKrriQB5rmZkvuuLHWluJQbThCRQRWziszfbYSd
6koTiqUoY5yTFjeF/0AEa/A6I9aHu1EeR4gg7uLMPB7aZSBDIEQVS5LPVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKS4KCVxJw6lSiXsYC3lpd7SZElSMB8GA1UdIwQY
MBaAFPTblfnRtcPsk0/4TW/38BJC2oQqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU51Vi1kRzF3LXlUVF9oTmJfZndFa0xhaENvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC80NmQ3YWYtMDJmYi00NWY5LWE5MjIt
MTRiMzhiNmUwMGE3LzEvcExnb0pYRW5EcVZLSmV4Z0xlV2wzdEprU1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC80NmQ3YWYtMDJmYi00NWY5LWE5MjItMTRiMzhiNmUwMGE3
LzEvOU51Vi1kRzF3LXlUVF9oTmJfZndFa0xhaENvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBU6v+MA0G
CSqGSIb3DQEBCwUAA4IBAQCL/sXPdm1sqCvxVaGFiWGxCT8roTtYHZy8b3orDru2
8G/ahMlpz0n9BQ8Vj2WypbgkeLSyPiuKHW0NEQcQxX8GEeZZvOq24syTqpl+BoA3
mrq15wbC5c/tacoipgD1WnlLiLS75I46cmqIKpds1gB1SjcLy6LXGyONmZM9iOf3
vVPytnyTIhvslkIIgYhWPIZKoYcsFwqb9Lj7zps3/jmeAC3PFgawRgH+2GnhxS4E
Xh3NGEq504lRLyxB8woQsERt3Gr6tn1GptbExc9lXuDtBalkLvwenXcC0W701fiY
k3Oi7gt2D712f4znzvxxQsx4f2ve/w/u0ULvvOYvPVfQ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:13 2023 by rpki-client on console-fra.rpki-client.org