Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/uAOEhnXNClMpixttwPiyMUGBCQw.roa
File: uAOEhnXNClMpixttwPiyMUGBCQw.roa (raw, json)
Hash identifier: 0xoPRPOp+u2Jxy1Fxp/JVFiJ9XPIqmEXP7ixFzB3Pd4=
Subject key identifier: B8:03:84:86:75:CD:0A:53:29:8B:1B:6D:C0:F8:B2:31:41:81:09:0C
Certificate issuer: /CN=39f086ca6211bb95d0643089c7da576fe67c2152
Certificate serial: 018D13D7EB3F96E095C37EBA179C5A017AB6
Authority key identifier: 39:F0:86:CA:62:11:BB:95:D0:64:30:89:C7:DA:57:6F:E6:7C:21:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfCGymIRu5XQZDCJx9pXb-Z8IVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/uAOEhnXNClMpixttwPiyMUGBCQw.roa
Signing time: Tue 16 Jan 2024 19:55:34 +0000
ROA not before: Tue 16 Jan 2024 19:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 62.233.49.0/24 maxlen: 24
185.232.47.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:13:d7:eb:3f:96:e0:95:c3:7e:ba:17:9c:5a:01:7a:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f086ca6211bb95d0643089c7da576fe67c2152
Validity
Not Before: Jan 16 19:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b803848675cd0a53298b1b6dc0f8b2314181090c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:39:ef:c3:56:35:93:78:f0:84:dc:ce:c0:78:
12:ea:73:76:24:63:1c:a9:a3:29:86:ad:c7:e1:86:
45:9d:cb:6f:cb:be:45:59:8b:2e:dc:de:17:9c:a6:
30:d1:46:72:a6:30:bb:04:7b:1d:b4:dc:58:77:ca:
89:e5:08:75:23:c5:1a:27:70:91:14:f8:d1:bf:8a:
17:e9:d7:4f:e0:88:ab:e8:94:90:0a:4f:eb:98:d0:
25:14:45:8b:89:7e:25:dd:19:23:ce:4e:61:f0:18:
a6:08:1d:8a:01:03:42:ef:5b:6b:a2:cf:46:dd:d1:
7b:69:cd:27:42:bc:22:85:d6:f2:7d:e0:9a:fe:6b:
de:3f:e4:05:43:2c:be:d6:a8:73:43:66:78:d2:04:
94:78:ac:7b:68:2f:7e:4c:40:51:5d:7f:ca:81:e1:
82:3b:85:33:a6:5a:57:e0:87:3b:71:bc:30:2e:f2:
62:91:db:b8:99:87:60:fb:cc:8c:ed:b1:c3:35:96:
72:f6:bb:67:44:ae:4b:20:d2:d3:69:42:66:c4:4a:
9b:da:3d:2c:34:37:35:70:7a:8a:91:4b:b5:8a:d0:
2c:59:d3:eb:e0:ce:3a:ef:84:5a:8b:62:1b:38:66:
94:74:b0:4a:1e:e4:3d:4a:55:6e:b1:67:80:ac:e4:
6b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:03:84:86:75:CD:0A:53:29:8B:1B:6D:C0:F8:B2:31:41:81:09:0C
X509v3 Authority Key Identifier:
keyid:39:F0:86:CA:62:11:BB:95:D0:64:30:89:C7:DA:57:6F:E6:7C:21:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfCGymIRu5XQZDCJx9pXb-Z8IVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/uAOEhnXNClMpixttwPiyMUGBCQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/OfCGymIRu5XQZDCJx9pXb-Z8IVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.49.0/24
185.232.47.0/24
Signature Algorithm: sha256WithRSAEncryption
91:52:12:b6:2a:07:97:ad:ae:c7:66:6f:ab:72:d5:49:f5:33:
b9:60:3e:f2:f4:f5:f7:ee:e1:bf:43:b8:9d:39:d1:b9:47:d3:
3c:b0:e6:8a:5a:5b:57:03:74:45:23:3c:05:8c:89:2c:0d:a3:
31:57:89:b6:df:24:09:b5:85:64:9b:d6:c1:c3:5e:d8:45:ff:
ea:a6:af:5e:e1:ac:d1:5f:79:95:98:99:bb:c1:f0:d2:d4:7d:
a8:b9:69:e9:21:98:95:d2:ca:43:11:76:ee:fc:0d:8b:a3:58:
fd:ad:6b:5d:6f:14:9d:e3:80:85:c8:7c:9f:ab:cd:3a:5e:7b:
5f:bd:4f:37:65:77:e3:8a:94:53:78:d5:4e:03:54:ae:2b:ae:
4f:88:13:bd:f3:17:2f:22:89:38:be:f7:72:65:ae:7c:fa:25:
40:fd:53:8d:6e:4c:cd:de:dc:17:45:af:b0:72:16:f1:0a:86:
2a:96:10:9c:1f:58:f7:24:98:f7:44:3e:fe:db:b7:51:45:38:
49:b2:1b:9d:b9:ea:47:23:3a:56:4e:81:97:da:5a:33:d0:67:
58:a5:1f:f7:9c:30:77:e0:31:5c:33:32:0d:67:af:38:17:e6:
f2:19:26:a9:23:b6:36:1a:30:fd:95:84:51:11:27:52:6d:08:
82:49:e9:90
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0T1+s/luCVw366F5xaAXq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ZjA4NmNhNjIxMWJiOTVkMDY0MzA4OWM3ZGE1NzZmZTY3
YzIxNTIwHhcNMjQwMTE2MTk1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODAzODQ4Njc1Y2QwYTUzMjk4YjFiNmRjMGY4YjIzMTQxODEwOTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjnvw1Y1k3jwhNzOwHgS6nN2JGMc
qaMphq3H4YZFnctvy75FWYsu3N4XnKYw0UZypjC7BHsdtNxYd8qJ5Qh1I8UaJ3CR
FPjRv4oX6ddP4Iir6JSQCk/rmNAlFEWLiX4l3Rkjzk5h8BimCB2KAQNC71tros9G
3dF7ac0nQrwihdbyfeCa/mveP+QFQyy+1qhzQ2Z40gSUeKx7aC9+TEBRXX/KgeGC
O4UzplpX4Ic7cbwwLvJikdu4mYdg+8yM7bHDNZZy9rtnRK5LINLTaUJmxEqb2j0s
NDc1cHqKkUu1itAsWdPr4M4674Rai2IbOGaUdLBKHuQ9SlVusWeArORr6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLgDhIZ1zQpTKYsbbcD4sjFBgQkMMB8GA1UdIwQY
MBaAFDnwhspiEbuV0GQwicfaV2/mfCFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2ZDR3ltSVJ1NVhRWkRDSng5cFhiLVo4SVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8wZDY0ZTItZTJkYS00NjhhLThmN2Qt
N2ZlMzI4NTcxOTM4LzEvdUFPRWhuWE5DbE1waXh0dHdQaXlNVUdCQ1F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8wZDY0ZTItZTJkYS00NjhhLThmN2QtN2ZlMzI4NTcxOTM4
LzEvT2ZDR3ltSVJ1NVhRWkRDSng5cFhiLVo4SVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPukxAwQA
uegvMA0GCSqGSIb3DQEBCwUAA4IBAQCRUhK2KgeXra7HZm+rctVJ9TO5YD7y9PX3
7uG/Q7idOdG5R9M8sOaKWltXA3RFIzwFjIksDaMxV4m23yQJtYVkm9bBw17YRf/q
pq9e4azRX3mVmJm7wfDS1H2ouWnpIZiV0spDEXbu/A2Lo1j9rWtdbxSd44CFyHyf
q806XntfvU83ZXfjipRTeNVOA1SuK65PiBO98xcvIok4vvdyZa58+iVA/VONbkzN
3twXRa+wchbxCoYqlhCcH1j3JJj3RD7+27dRRThJshuduepHIzpWToGX2loz0GdY
pR/3nDB34DFcMzINZ684F+byGSapI7Y2GjD9lYRRESdSbQiCSemQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:50 2024 by rpki-client on console-fra.rpki-client.org