Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2Lih-7HJUlsvNEtSLU__0C3MSYA.roa
File: 2Lih-7HJUlsvNEtSLU__0C3MSYA.roa (raw, json)
Hash identifier: xIlZkkLncHY/ZqRA3Lz/ShOsfWcz2uiAEGdjn7487CM=
Subject key identifier: D8:B8:A1:FB:B1:C9:52:5B:2F:34:4B:52:2D:4F:FF:D0:2D:CC:49:80
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01867C8DDBB9710554042855C13410640B18
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2Lih-7HJUlsvNEtSLU__0C3MSYA.roa
Signing time: Thu 23 Feb 2023 04:35:16 +0000
ROA not before: Thu 23 Feb 2023 04:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 46.102.174.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7c:8d:db:b9:71:05:54:04:28:55:c1:34:10:64:0b:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Feb 23 04:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8b8a1fbb1c9525b2f344b522d4fffd02dcc4980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b6:b1:c8:d6:26:2d:aa:d1:df:1b:1e:d2:21:
13:ae:7f:d5:c0:34:98:de:ec:30:b2:03:53:04:a7:
95:bc:64:b3:d8:93:67:e7:bb:f1:85:71:40:b0:96:
db:ef:cc:b3:5f:b7:2b:3e:47:46:36:ff:bc:e6:ff:
65:b6:ab:56:28:d9:1c:9f:ed:d5:3c:3f:72:33:42:
b0:aa:f2:e3:18:3b:85:59:94:1e:21:00:df:3b:20:
35:9d:0e:7d:10:cc:b1:c4:e4:66:eb:26:d9:e2:28:
d4:8b:78:c9:d6:21:a0:04:9f:cf:c9:d0:54:ad:c1:
c3:7f:4c:bc:ad:22:eb:26:a3:52:9a:89:19:18:45:
54:a8:4b:d1:d3:91:50:e1:e6:df:6b:c8:e8:fe:27:
c8:bc:99:48:03:4e:db:3a:f5:66:95:e6:15:d6:49:
91:22:02:b6:1a:ed:3b:21:69:a7:59:8e:c0:0c:fc:
e5:0f:0c:b7:f8:5d:f1:e1:8a:2d:e7:a7:56:5d:18:
20:9b:1d:27:14:41:f8:a3:76:db:14:c0:ef:55:d7:
d9:4b:3d:7d:29:bf:7a:2f:9f:3f:d9:71:ec:9d:48:
8d:4a:b7:ab:96:ce:0d:d2:f9:32:3c:1d:4b:6b:15:
8f:3d:8f:ea:b5:29:ac:08:31:42:8c:3b:68:26:4c:
79:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B8:A1:FB:B1:C9:52:5B:2F:34:4B:52:2D:4F:FF:D0:2D:CC:49:80
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2Lih-7HJUlsvNEtSLU__0C3MSYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.174.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:26:89:c1:cd:8a:4f:79:11:e8:5a:f7:87:e0:42:2f:2b:6c:
db:ab:d4:c8:51:11:26:23:6c:b4:a5:4d:a6:12:73:96:7c:85:
ca:64:36:4f:e7:0d:5e:7a:85:71:d0:b3:0d:a8:c8:c4:4f:b3:
1b:13:10:78:16:e4:44:e5:95:6a:29:f5:fe:c8:1e:47:58:06:
74:30:b9:27:8a:39:cc:6a:44:57:4b:55:00:5d:8b:27:8a:05:
a9:36:cc:4d:07:42:0b:78:13:dd:56:a8:6c:4d:24:97:fc:77:
ee:01:96:39:ac:3f:a5:79:65:8a:63:df:4e:4e:82:bf:11:64:
42:43:1d:cb:5c:37:31:1a:51:30:09:25:2e:b5:6a:5a:19:4d:
dc:d8:67:94:cd:7c:3b:21:a2:d1:1b:9c:32:24:db:18:d6:7d:
92:0a:a6:d5:0e:ec:bf:0a:25:e8:24:ff:3a:e2:f1:aa:d1:f8:
64:b1:28:99:27:42:72:92:4e:1d:20:39:c8:3c:9f:d6:71:f6:
ea:63:46:05:35:60:f2:d4:9b:9c:3e:6a:fd:62:ed:e1:d1:d5:
00:f5:23:00:23:19:21:5c:5d:3c:5c:29:84:67:ff:d2:bf:c7:
8f:8a:51:a2:52:d3:8b:07:28:bc:30:c2:b9:6f:78:f0:13:4a:
8b:f5:0f:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ8jdu5cQVUBChVwTQQZAsYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMjIzMDQzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGI4YTFmYmIxYzk1MjViMmYzNDRiNTIyZDRmZmZkMDJkY2M0OTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLaxyNYmLarR3xse0iETrn/VwDSY
3uwwsgNTBKeVvGSz2JNn57vxhXFAsJbb78yzX7crPkdGNv+85v9ltqtWKNkcn+3V
PD9yM0KwqvLjGDuFWZQeIQDfOyA1nQ59EMyxxORm6ybZ4ijUi3jJ1iGgBJ/PydBU
rcHDf0y8rSLrJqNSmokZGEVUqEvR05FQ4ebfa8jo/ifIvJlIA07bOvVmleYV1kmR
IgK2Gu07IWmnWY7ADPzlDwy3+F3x4Yot56dWXRggmx0nFEH4o3bbFMDvVdfZSz19
Kb96L58/2XHsnUiNSrerls4N0vkyPB1LaxWPPY/qtSmsCDFCjDtoJkx5kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNi4ofuxyVJbLzRLUi1P/9AtzEmAMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvMkxpaC03SEpVbHN2TkV0U0xVX18wQzNNU1lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALmauMA0G
CSqGSIb3DQEBCwUAA4IBAQAbJonBzYpPeRHoWveH4EIvK2zbq9TIUREmI2y0pU2m
EnOWfIXKZDZP5w1eeoVx0LMNqMjET7MbExB4FuRE5ZVqKfX+yB5HWAZ0MLknijnM
akRXS1UAXYsnigWpNsxNB0ILeBPdVqhsTSSX/HfuAZY5rD+leWWKY99OToK/EWRC
Qx3LXDcxGlEwCSUutWpaGU3c2GeUzXw7IaLRG5wyJNsY1n2SCqbVDuy/CiXoJP86
4vGq0fhksSiZJ0Jykk4dIDnIPJ/WcfbqY0YFNWDy1JucPmr9Yu3h0dUA9SMAIxkh
XF08XCmEZ//Sv8ePilGiUtOLByi8MMK5b3jwE0qL9Q+1
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:14 2024 by rpki-client on console-fra.rpki-client.org