Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/f39a17-8387-4fba-9ed0-3ead7792073c/1/by7gXhC1bqCl5bqMesjPkmHVYzQ.roa
File: by7gXhC1bqCl5bqMesjPkmHVYzQ.roa (raw, json)
Hash identifier: hLVlYL7gLlCpmucnd2gzIuaDXapq608lz44K6RNDgJc=
Subject key identifier: 6F:2E:E0:5E:10:B5:6E:A0:A5:E5:BA:8C:7A:C8:CF:92:61:D5:63:34
Certificate issuer: /CN=e5f6ced27fc60f900fac1b751db1ee4bf785aab3
Certificate serial: 34B1F07A
Authority key identifier: E5:F6:CE:D2:7F:C6:0F:90:0F:AC:1B:75:1D:B1:EE:4B:F7:85:AA:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5fbO0n_GD5APrBt1HbHuS_eFqrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/f39a17-8387-4fba-9ed0-3ead7792073c/1/by7gXhC1bqCl5bqMesjPkmHVYzQ.roa
Signing time: Sat 01 Jan 2022 00:55:06 +0000
ROA not before: Sat 01 Jan 2022 00:55:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35131
IP address blocks: 176.62.48.0/20 maxlen: 20
2a00:e280::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 884076666 (0x34b1f07a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5f6ced27fc60f900fac1b751db1ee4bf785aab3
Validity
Not Before: Jan 1 00:55:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6f2ee05e10b56ea0a5e5ba8c7ac8cf9261d56334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c5:5f:cf:81:41:5b:af:73:12:29:9e:e8:4e:
b0:8d:99:8f:bf:55:68:83:62:bb:43:96:3b:db:37:
c2:fe:a8:46:85:bc:fb:4e:3e:b2:4c:84:ed:23:99:
eb:15:fc:36:5e:99:1e:5d:3b:ae:5a:d6:17:44:0b:
8b:c1:6d:a9:6b:f0:51:8a:4b:70:45:bd:b2:73:f3:
d9:d0:cf:40:d5:46:f1:39:3b:de:62:b6:83:3e:57:
d2:d1:40:d4:c1:cf:2c:31:bf:86:a3:40:92:64:4f:
b7:4f:02:9c:63:95:c7:bc:ce:44:ae:5e:8c:79:fe:
dd:a5:c5:17:dc:4b:36:f8:5f:05:7e:b1:ee:99:bf:
de:c6:ac:b0:20:dc:77:9e:8f:3f:84:76:70:7d:b5:
56:86:16:85:c7:5e:6d:df:5b:61:94:34:81:12:18:
32:0d:24:61:42:4e:62:2a:16:a6:9b:b9:98:16:87:
4b:38:ca:f3:e6:c4:e9:8b:4e:7b:b4:66:84:39:c2:
0d:48:dd:0b:a1:d4:28:6a:75:bf:ce:3a:68:7e:fd:
35:c4:93:bc:82:c7:9c:ea:af:76:bd:c0:0b:c0:7b:
b3:b7:83:69:d9:8b:82:a8:22:ee:7f:05:f8:5e:b6:
ca:ac:29:f4:6e:03:ba:e0:f6:fd:fb:a5:ff:f5:1f:
b7:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:2E:E0:5E:10:B5:6E:A0:A5:E5:BA:8C:7A:C8:CF:92:61:D5:63:34
X509v3 Authority Key Identifier:
keyid:E5:F6:CE:D2:7F:C6:0F:90:0F:AC:1B:75:1D:B1:EE:4B:F7:85:AA:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5fbO0n_GD5APrBt1HbHuS_eFqrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/f39a17-8387-4fba-9ed0-3ead7792073c/1/by7gXhC1bqCl5bqMesjPkmHVYzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/f39a17-8387-4fba-9ed0-3ead7792073c/1/5fbO0n_GD5APrBt1HbHuS_eFqrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.62.48.0/20
IPv6:
2a00:e280::/32
Signature Algorithm: sha256WithRSAEncryption
64:80:4e:bc:de:45:96:f6:1b:62:12:c2:2f:ad:b6:6b:ff:42:
44:fd:a0:22:ba:87:d7:4b:1c:9d:d1:42:2a:c7:96:07:29:85:
7d:f7:3a:c8:ac:05:70:d3:21:8f:6f:28:8f:d6:bf:ba:85:bc:
77:25:c3:1e:fd:89:2d:f5:6f:14:6a:97:73:07:a5:f5:93:6d:
47:89:fe:62:18:e0:32:50:59:3b:04:53:49:77:79:9f:6e:45:
e2:8f:f1:f8:51:3a:22:c9:20:18:58:2a:68:65:dc:c2:dd:0a:
9f:13:2c:b3:15:f0:71:6d:a6:a9:c3:10:ce:0d:75:6f:8c:96:
3a:d0:02:65:ee:d9:b0:d6:16:f3:1a:58:17:49:83:a1:c0:58:
91:4e:e0:12:c2:2b:24:cf:17:c7:27:ec:a7:37:3f:fc:fa:11:
a6:a9:a3:c7:eb:bc:79:74:d9:df:2b:d1:90:85:9a:7b:85:fb:
33:98:03:d4:5a:7d:46:44:03:37:45:75:33:29:98:8e:28:07:
46:36:23:8c:c6:37:ce:c7:40:5a:19:8e:b5:3a:39:85:1f:ac:
23:d4:5d:ed:95:32:0b:74:94:5e:d5:ba:dc:1c:a7:49:66:08:
f9:94:40:5f:c6:9d:81:08:4f:66:63:5a:2a:dc:4f:d0:05:3b:
0b:5f:a1:ed
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIENLHwejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NWY2Y2VkMjdmYzYwZjkwMGZhYzFiNzUxZGIxZWU0YmY3ODVhYWIzMB4XDTIyMDEw
MTAwNTUwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmYyZWUwNWUxMGI1
NmVhMGE1ZTViYThjN2FjOGNmOTI2MWQ1NjMzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPFX8+BQVuvcxIpnuhOsI2Zj79VaINiu0OWO9s3wv6oRoW8
+04+skyE7SOZ6xX8Nl6ZHl07rlrWF0QLi8FtqWvwUYpLcEW9snPz2dDPQNVG8Tk7
3mK2gz5X0tFA1MHPLDG/hqNAkmRPt08CnGOVx7zORK5ejHn+3aXFF9xLNvhfBX6x
7pm/3sassCDcd56PP4R2cH21VoYWhcdebd9bYZQ0gRIYMg0kYUJOYioWppu5mBaH
SzjK8+bE6YtOe7RmhDnCDUjdC6HUKGp1v846aH79NcSTvILHnOqvdr3AC8B7s7eD
admLgqgi7n8F+F62yqwp9G4DuuD2/ful//Uft/8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRvLuBeELVuoKXluox6yM+SYdVjNDAfBgNVHSMEGDAWgBTl9s7Sf8YPkA+s
G3Udse5L94WqszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVmYk8wbl9HRDVBUHJCdDFIYkh1U19lRnFyTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvZjM5YTE3LTgzODctNGZiYS05ZWQwLTNlYWQ3NzkyMDczYy8x
L2J5N2dYaEMxYnFDbDVicU1lc2pQa21IVll6US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
ZjM5YTE3LTgzODctNGZiYS05ZWQwLTNlYWQ3NzkyMDczYy8xLzVmYk8wbl9HRDVB
UHJCdDFIYkh1U19lRnFyTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBLA+MDANBAIAAjAHAwUAKgDigDAN
BgkqhkiG9w0BAQsFAAOCAQEAZIBOvN5FlvYbYhLCL622a/9CRP2gIrqH10scndFC
KseWBymFffc6yKwFcNMhj28oj9a/uoW8dyXDHv2JLfVvFGqXcwel9ZNtR4n+Yhjg
MlBZOwRTSXd5n25F4o/x+FE6IskgGFgqaGXcwt0KnxMssxXwcW2mqcMQzg11b4yW
OtACZe7ZsNYW8xpYF0mDocBYkU7gEsIrJM8Xxyfspzc//PoRpqmjx+u8eXTZ3yvR
kIWae4X7M5gD1Fp9RkQDN0V1MymYjigHRjYjjMY3zsdAWhmOtTo5hR+sI9Rd7ZUy
C3SUXtW63BynSWYI+ZRAX8adgQhPZmNaKtxP0AU7C1+h7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:10 2024 by rpki-client on console-fra.rpki-client.org