Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/qdMlXkNVUODNba8s8KSFzRv31rY.roa
File: qdMlXkNVUODNba8s8KSFzRv31rY.roa (raw, json)
Hash identifier: ylhc1RbUCB00pRFyPzs5bQJAr3yBqXgiKcvd4euyCQw=
Subject key identifier: A9:D3:25:5E:43:55:50:E0:CD:6D:AF:2C:F0:A4:85:CD:1B:F7:D6:B6
Certificate issuer: /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial: 0185111AE4B7ADC0DB403B22E8E5CE827C78
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/qdMlXkNVUODNba8s8KSFzRv31rY.roa
Signing time: Wed 14 Dec 2022 14:47:33 +0000
ROA not before: Wed 14 Dec 2022 14:47:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50673
IP address blocks: 176.117.72.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:11:1a:e4:b7:ad:c0:db:40:3b:22:e8:e5:ce:82:7c:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Validity
Not Before: Dec 14 14:47:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a9d3255e435550e0cd6daf2cf0a485cd1bf7d6b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:32:b1:79:77:d3:d9:58:64:6e:1c:13:69:2c:
52:c1:77:c7:a9:f5:8a:4c:63:78:e6:3b:62:d5:c1:
7d:74:d1:e1:bd:a1:91:00:df:1b:d8:d8:9c:c5:92:
ee:6f:90:7f:24:4d:ea:bf:a9:ec:ef:82:dc:cc:8b:
4c:49:40:4c:1a:32:d8:07:ca:11:f0:3c:9b:b7:fb:
59:e8:61:4e:0c:9e:73:6f:4c:5b:13:72:1e:d2:54:
f0:2e:3c:83:af:23:9f:41:2e:68:f9:1e:c1:86:d9:
f1:c5:d7:c6:f4:d5:fa:7e:73:6f:d6:f7:bf:15:39:
09:1b:74:0a:37:8f:9c:03:85:76:27:93:24:70:99:
ee:6c:a9:3a:1a:11:00:5c:c1:c8:95:d8:2b:f6:71:
cd:39:c2:98:aa:1c:ac:66:f1:17:24:0c:e0:ba:83:
dc:94:17:55:f6:33:4f:c3:9a:a2:22:3d:05:09:ba:
98:f3:79:1f:ae:b9:75:62:ab:0a:ca:46:89:a5:b9:
3a:9a:02:e0:49:bc:2b:2f:c7:c7:ff:e0:7f:54:da:
2e:8c:e8:40:39:dd:62:ac:69:a3:2a:1d:85:75:11:
8e:d0:8c:c6:25:25:3b:cc:f1:bc:00:61:4a:72:7f:
60:12:ba:73:a8:a5:03:cf:ba:16:28:02:45:22:11:
e1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:D3:25:5E:43:55:50:E0:CD:6D:AF:2C:F0:A4:85:CD:1B:F7:D6:B6
X509v3 Authority Key Identifier:
keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/qdMlXkNVUODNba8s8KSFzRv31rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.72.0/22
Signature Algorithm: sha256WithRSAEncryption
85:99:22:6e:85:81:d4:cd:3c:3c:93:4c:27:bf:f1:4b:3c:47:
86:57:23:b3:bc:b3:20:c7:7d:35:45:8d:ca:8d:35:47:9f:c2:
de:6e:6d:c8:83:ef:57:f7:20:54:7c:b9:1a:5f:1f:74:33:a8:
da:85:72:28:9c:d2:3e:0f:40:ec:90:cd:be:dc:d5:27:54:7e:
ed:a4:ce:b5:31:99:66:8b:cc:7d:2f:b2:a2:10:2d:c3:fe:b7:
92:ed:55:6a:ec:93:79:84:e4:cc:d9:16:f0:ce:67:da:fa:e6:
13:85:48:7e:b3:97:68:4e:91:a4:6f:e5:78:5b:93:33:e9:84:
10:50:ab:20:92:a2:fa:63:7e:f2:50:dc:f4:00:00:28:89:97:
fb:d6:32:44:53:c9:ac:52:e0:cb:48:8c:dd:69:df:a0:e0:99:
94:95:12:cb:a4:f7:c3:dc:d3:1a:48:64:82:0f:41:91:a9:b2:
33:f2:5c:8a:3c:df:90:0e:b7:a2:8d:c9:30:a9:b0:74:5d:65:
b7:5a:59:0c:4e:73:91:ae:93:0f:06:71:3d:39:67:b6:7a:5b:
e2:8c:8b:2c:db:aa:b2:26:09:30:45:d9:d4:60:4f:db:8b:4e:
91:84:14:12:81:9d:74:d6:ed:30:05:93:4b:df:21:c6:9a:c1:
ac:33:c3:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYURGuS3rcDbQDsi6OXOgnx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjIxMjE0MTQ0NzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWQzMjU1ZTQzNTU1MGUwY2Q2ZGFmMmNmMGE0ODVjZDFiZjdkNmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTKxeXfT2VhkbhwTaSxSwXfHqfWK
TGN45jti1cF9dNHhvaGRAN8b2NicxZLub5B/JE3qv6ns74LczItMSUBMGjLYB8oR
8Dybt/tZ6GFODJ5zb0xbE3Ie0lTwLjyDryOfQS5o+R7BhtnxxdfG9NX6fnNv1ve/
FTkJG3QKN4+cA4V2J5MkcJnubKk6GhEAXMHIldgr9nHNOcKYqhysZvEXJAzguoPc
lBdV9jNPw5qiIj0FCbqY83kfrrl1YqsKykaJpbk6mgLgSbwrL8fH/+B/VNoujOhA
Od1irGmjKh2FdRGO0IzGJSU7zPG8AGFKcn9gErpzqKUDz7oWKAJFIhHhhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKnTJV5DVVDgzW2vLPCkhc0b99a2MB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvcWRNbFhrTlZVT0ROYmE4czhLU0Z6UnYzMXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsHVIMA0G
CSqGSIb3DQEBCwUAA4IBAQCFmSJuhYHUzTw8k0wnv/FLPEeGVyOzvLMgx301RY3K
jTVHn8Lebm3Ig+9X9yBUfLkaXx90M6jahXIonNI+D0DskM2+3NUnVH7tpM61MZlm
i8x9L7KiEC3D/reS7VVq7JN5hOTM2Rbwzmfa+uYThUh+s5doTpGkb+V4W5Mz6YQQ
UKsgkqL6Y37yUNz0AAAoiZf71jJEU8msUuDLSIzdad+g4JmUlRLLpPfD3NMaSGSC
D0GRqbIz8lyKPN+QDreijckwqbB0XWW3WlkMTnORrpMPBnE9OWe2elvijIss26qy
JgkwRdnUYE/bi06RhBQSgZ101u0wBZNL3yHGmsGsM8Ow
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:53 2023 by rpki-client on console-ams.rpki-client.org