Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/f39a17-8387-4fba-9ed0-3ead7792073c/1/Io92fOz2OpOeywMA6zo-csDr0bE.roa
File: Io92fOz2OpOeywMA6zo-csDr0bE.roa (raw, json)
Hash identifier: qh5WGVD7tGgXxNomQcwfWrREe939wg0yfFFN+h9EELw=
Subject key identifier: 22:8F:76:7C:EC:F6:3A:93:9E:CB:03:00:EB:3A:3E:72:C0:EB:D1:B1
Certificate issuer: /CN=e5f6ced27fc60f900fac1b751db1ee4bf785aab3
Certificate serial: 34B299AA
Authority key identifier: E5:F6:CE:D2:7F:C6:0F:90:0F:AC:1B:75:1D:B1:EE:4B:F7:85:AA:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5fbO0n_GD5APrBt1HbHuS_eFqrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/f39a17-8387-4fba-9ed0-3ead7792073c/1/Io92fOz2OpOeywMA6zo-csDr0bE.roa
Signing time: Sat 01 Jan 2022 00:55:06 +0000
ROA not before: Sat 01 Jan 2022 00:55:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197835
IP address blocks: 176.62.53.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 884119978 (0x34b299aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5f6ced27fc60f900fac1b751db1ee4bf785aab3
Validity
Not Before: Jan 1 00:55:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=228f767cecf63a939ecb0300eb3a3e72c0ebd1b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:42:e6:26:96:1e:e7:e6:15:6c:ac:b1:9b:b1:
d7:9d:cb:4b:0a:73:28:26:e3:5c:c8:9e:f8:a7:f4:
aa:01:3b:c3:4a:fc:bb:59:89:5a:a9:27:71:9d:fe:
7d:5f:82:cf:b5:da:a8:ee:41:ab:a1:0a:3b:c3:83:
32:2d:62:90:7b:3c:f5:58:cb:d1:3a:3f:d1:16:73:
eb:de:3c:2c:52:65:30:e5:e2:69:84:5b:f1:d8:ff:
aa:f1:2a:c3:49:eb:2a:8d:83:56:60:66:e1:ec:14:
63:c0:41:1f:04:4f:96:de:da:67:71:d9:9e:cb:88:
e2:e2:21:dd:59:d0:de:54:aa:fd:e8:39:5e:4f:25:
63:ab:db:65:06:1e:7c:0d:f4:b6:26:0b:ea:3d:51:
04:62:a1:ae:29:73:ec:b7:fc:d6:fb:b7:bc:de:95:
01:81:2b:dd:0e:fd:39:64:f5:42:9c:68:a1:eb:75:
49:32:2b:a1:cf:76:ce:7e:75:00:95:0c:1b:fe:1b:
6d:9f:d5:65:86:9c:63:34:ab:b9:f9:19:9f:1a:e6:
c7:ea:c7:21:bd:da:96:0e:6c:e9:fb:de:93:c3:ec:
a8:ec:b2:65:78:bb:d0:3a:4a:d5:e4:dd:1b:fb:66:
62:e5:d0:5f:9d:01:89:db:62:26:32:ea:5e:10:45:
bb:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:8F:76:7C:EC:F6:3A:93:9E:CB:03:00:EB:3A:3E:72:C0:EB:D1:B1
X509v3 Authority Key Identifier:
keyid:E5:F6:CE:D2:7F:C6:0F:90:0F:AC:1B:75:1D:B1:EE:4B:F7:85:AA:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5fbO0n_GD5APrBt1HbHuS_eFqrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/f39a17-8387-4fba-9ed0-3ead7792073c/1/Io92fOz2OpOeywMA6zo-csDr0bE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/f39a17-8387-4fba-9ed0-3ead7792073c/1/5fbO0n_GD5APrBt1HbHuS_eFqrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.62.53.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:cd:2c:d4:82:67:2e:b8:22:76:20:35:0d:9a:d9:33:1e:6d:
9d:c5:51:c0:b9:e0:27:c2:a4:b3:8a:62:b1:80:66:2b:76:e6:
1f:19:5d:7b:0b:8e:33:ab:bf:fb:01:77:30:64:0e:e8:f0:a7:
fe:0d:ec:fd:ab:99:30:54:65:76:41:cc:6a:76:2f:7d:9b:d5:
0d:09:4b:be:7f:56:57:a9:33:d6:af:73:f6:55:9d:99:5c:1c:
53:ce:58:50:86:de:4f:c8:58:de:f2:1d:f1:fe:d0:69:08:ac:
b9:ca:09:1b:e7:06:f8:53:da:22:1d:f2:f3:95:f3:66:79:99:
3b:9e:aa:92:0c:24:5c:a3:fb:9e:8b:30:94:46:15:55:e1:7c:
fe:74:4d:51:8e:d8:c4:96:c3:84:55:e6:ce:71:dd:55:6b:11:
dc:98:04:65:48:50:38:7a:8e:66:d1:f6:dd:ef:13:fc:92:cd:
ed:84:f1:99:e6:19:6a:25:a1:7d:5a:d8:cc:cf:d6:1f:bd:0b:
e0:34:7e:f0:6d:9a:bb:18:39:b5:14:b0:19:b0:0b:89:55:81:
8e:e7:4e:62:43:00:6a:fa:2d:44:d0:21:09:ef:26:d2:1c:9c:
ed:ac:d4:8a:cc:66:ba:be:b2:0a:43:12:52:c2:57:1f:0f:18:
da:d9:5c:03
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENLKZqjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NWY2Y2VkMjdmYzYwZjkwMGZhYzFiNzUxZGIxZWU0YmY3ODVhYWIzMB4XDTIyMDEw
MTAwNTUwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjI4Zjc2N2NlY2Y2
M2E5MzllY2IwMzAwZWIzYTNlNzJjMGViZDFiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpC5iaWHufmFWyssZux153LSwpzKCbjXMie+Kf0qgE7w0r8
u1mJWqkncZ3+fV+Cz7XaqO5Bq6EKO8ODMi1ikHs89VjL0To/0RZz6948LFJlMOXi
aYRb8dj/qvEqw0nrKo2DVmBm4ewUY8BBHwRPlt7aZ3HZnsuI4uIh3VnQ3lSq/eg5
Xk8lY6vbZQYefA30tiYL6j1RBGKhrilz7Lf81vu3vN6VAYEr3Q79OWT1Qpxooet1
STIroc92zn51AJUMG/4bbZ/VZYacYzSrufkZnxrmx+rHIb3alg5s6fvek8PsqOyy
ZXi70DpK1eTdG/tmYuXQX50BidtiJjLqXhBFu4kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQij3Z87PY6k57LAwDrOj5ywOvRsTAfBgNVHSMEGDAWgBTl9s7Sf8YPkA+s
G3Udse5L94WqszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVmYk8wbl9HRDVBUHJCdDFIYkh1U19lRnFyTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvZjM5YTE3LTgzODctNGZiYS05ZWQwLTNlYWQ3NzkyMDczYy8x
L0lvOTJmT3oyT3BPZXl3TUE2em8tY3NEcjBiRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
ZjM5YTE3LTgzODctNGZiYS05ZWQwLTNlYWQ3NzkyMDczYy8xLzVmYk8wbl9HRDVB
UHJCdDFIYkh1U19lRnFyTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALA+NTANBgkqhkiG9w0BAQsFAAOC
AQEAHM0s1IJnLrgidiA1DZrZMx5tncVRwLngJ8Kks4pisYBmK3bmHxldewuOM6u/
+wF3MGQO6PCn/g3s/auZMFRldkHManYvfZvVDQlLvn9WV6kz1q9z9lWdmVwcU85Y
UIbeT8hY3vId8f7QaQisucoJG+cG+FPaIh3y85XzZnmZO56qkgwkXKP7noswlEYV
VeF8/nRNUY7YxJbDhFXmznHdVWsR3JgEZUhQOHqOZtH23e8T/JLN7YTxmeYZaiWh
fVrYzM/WH70L4DR+8G2auxg5tRSwGbALiVWBjudOYkMAavotRNAhCe8m0hyc7azU
isxmur6yCkMSUsJXHw8Y2tlcAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:10 2024 by rpki-client on console-fra.rpki-client.org