Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/UElIZCu4d8y5DB2VCQoj4ncZqbM.roa
File: UElIZCu4d8y5DB2VCQoj4ncZqbM.roa (raw, json)
Hash identifier: eJXROHWDqT7y41MiInEzt1owQtvJw5T8mYOWUvmweZE=
Subject key identifier: 50:49:48:64:2B:B8:77:CC:B9:0C:1D:95:09:0A:23:E2:77:19:A9:B3
Certificate issuer: /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial: 0184E31D2407279F7C279F268408439C0523
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/UElIZCu4d8y5DB2VCQoj4ncZqbM.roa
Signing time: Mon 05 Dec 2022 16:27:28 +0000
ROA not before: Mon 05 Dec 2022 16:27:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59956
IP address blocks: 176.117.68.0/22 maxlen: 22
176.117.72.0/22 maxlen: 22
176.117.76.0/22 maxlen: 22
176.117.80.0/22 maxlen: 22
176.117.84.0/22 maxlen: 22
176.117.88.0/22 maxlen: 22
176.117.92.0/22 maxlen: 22
176.117.64.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e3:1d:24:07:27:9f:7c:27:9f:26:84:08:43:9c:05:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Validity
Not Before: Dec 5 16:27:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=504948642bb877ccb90c1d95090a23e27719a9b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b4:8a:0f:32:16:b7:f9:73:e2:c9:3c:54:84:
2a:74:f7:b0:74:e8:c6:aa:e7:9e:73:ec:f4:11:72:
ac:1b:14:30:dc:b4:6a:8d:51:f1:47:05:18:c1:bc:
b3:88:7d:6b:1f:fb:e5:4a:af:6c:92:ee:75:af:1d:
3a:0f:35:45:b4:79:b0:d6:7d:48:ad:95:fc:da:33:
71:ba:39:86:4c:9a:4a:15:2f:b1:a5:b9:55:c9:7c:
fa:a8:4a:1e:49:65:49:49:d9:7d:f4:35:3e:6a:e2:
e8:a0:fd:bd:6e:18:b6:87:79:9d:be:6e:f9:44:2b:
85:79:cf:04:f8:ee:54:63:a5:f9:52:d0:92:5e:95:
d2:e7:67:48:b6:3b:3a:77:f3:49:de:4c:ef:0d:d6:
1c:49:07:40:fb:5e:c2:2e:89:d8:21:be:6f:52:e5:
16:cd:7c:a6:9f:77:8b:ce:c4:b7:b6:ff:21:6f:d6:
ea:7e:0c:1d:55:2f:bf:5e:50:f7:ff:19:99:6c:2e:
dd:17:82:02:02:f4:18:fe:34:13:04:db:7f:46:29:
3e:e0:27:12:7b:bc:cb:53:b7:a2:20:28:92:0c:c7:
e1:c9:e0:da:0c:3f:20:b6:2e:c5:cf:44:cd:94:df:
b5:c0:b4:8e:95:77:40:2c:d8:83:14:22:02:48:cc:
a2:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:49:48:64:2B:B8:77:CC:B9:0C:1D:95:09:0A:23:E2:77:19:A9:B3
X509v3 Authority Key Identifier:
keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/UElIZCu4d8y5DB2VCQoj4ncZqbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.64.0/19
Signature Algorithm: sha256WithRSAEncryption
7a:1f:a1:5a:20:33:72:7f:f7:55:da:fc:9c:97:13:65:ad:f9:
fc:02:2e:d3:d8:55:f8:a1:58:a5:7c:a1:b7:8c:de:4a:11:3c:
fb:48:d4:56:7c:28:22:2d:47:5a:55:b1:43:6e:36:b8:d8:74:
b3:71:2b:38:5e:0f:c5:a8:0c:ad:f4:d1:38:bb:b8:95:22:bb:
6d:e1:2a:8f:98:a8:18:dc:c3:45:cc:cd:4f:53:03:05:b4:d7:
30:df:41:f9:99:71:e4:0e:a6:a8:f6:01:3e:27:bb:d8:8b:a4:
f6:a7:79:96:57:c8:d5:bd:cd:25:66:db:f8:cb:07:ad:02:06:
dc:ae:f6:96:14:d0:07:da:ae:dc:fd:de:f4:eb:7d:5a:f6:19:
6f:49:11:da:7b:6d:c3:28:6f:2e:24:01:a6:a1:58:4e:33:8e:
c0:ce:1d:61:29:8d:bd:5f:28:86:03:06:0d:e2:93:71:bc:5b:
9f:49:ed:ea:49:c3:ac:46:ad:bb:41:40:74:eb:15:1f:25:56:
e2:6f:d7:19:61:ac:8d:71:c0:3b:aa:7a:01:5e:f8:0e:1f:f4:
9e:3b:ab:94:fe:1a:e8:2a:b9:a0:43:8a:86:16:84:17:41:a2:
d3:40:8b:81:10:b1:2e:e6:4f:62:da:86:f7:ec:bd:11:6c:c2:
64:54:7c:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTjHSQHJ598J58mhAhDnAUjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjIxMjA1MTYyNzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDQ5NDg2NDJiYjg3N2NjYjkwYzFkOTUwOTBhMjNlMjc3MTlhOWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7SKDzIWt/lz4sk8VIQqdPewdOjG
queec+z0EXKsGxQw3LRqjVHxRwUYwbyziH1rH/vlSq9sku51rx06DzVFtHmw1n1I
rZX82jNxujmGTJpKFS+xpblVyXz6qEoeSWVJSdl99DU+auLooP29bhi2h3mdvm75
RCuFec8E+O5UY6X5UtCSXpXS52dItjs6d/NJ3kzvDdYcSQdA+17CLonYIb5vUuUW
zXymn3eLzsS3tv8hb9bqfgwdVS+/XlD3/xmZbC7dF4ICAvQY/jQTBNt/Rik+4CcS
e7zLU7eiICiSDMfhyeDaDD8gti7Fz0TNlN+1wLSOlXdALNiDFCICSMyiKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFBJSGQruHfMuQwdlQkKI+J3GamzMB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvVUVsSVpDdTRkOHk1REIyVkNRb2o0bmNacWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFsHVAMA0G
CSqGSIb3DQEBCwUAA4IBAQB6H6FaIDNyf/dV2vyclxNlrfn8Ai7T2FX4oVilfKG3
jN5KETz7SNRWfCgiLUdaVbFDbja42HSzcSs4Xg/FqAyt9NE4u7iVIrtt4SqPmKgY
3MNFzM1PUwMFtNcw30H5mXHkDqao9gE+J7vYi6T2p3mWV8jVvc0lZtv4ywetAgbc
rvaWFNAH2q7c/d70631a9hlvSRHae23DKG8uJAGmoVhOM47Azh1hKY29XyiGAwYN
4pNxvFufSe3qScOsRq27QUB06xUfJVbib9cZYayNccA7qnoBXvgOH/SeO6uU/hro
KrmgQ4qGFoQXQaLTQIuBELEu5k9i2ob37L0RbMJkVHzR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:53 2023 by rpki-client on console-ams.rpki-client.org