Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/tgYTDAiErLGXgu_MHQKLIKyTjUQ.roa
File: tgYTDAiErLGXgu_MHQKLIKyTjUQ.roa (raw, json)
Hash identifier: SPd3XLsygzNcL/ZSygTU2GFICg8yWYoOuOZTuaFC7gs=
Subject key identifier: B6:06:13:0C:08:84:AC:B1:97:82:EF:CC:1D:02:8B:20:AC:93:8D:44
Certificate issuer: /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial: 0190515B93782417572E6B071C600133C649
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/tgYTDAiErLGXgu_MHQKLIKyTjUQ.roa
Signing time: Tue 25 Jun 2024 21:44:34 +0000
ROA not before: Tue 25 Jun 2024 21:44:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6762
IP address blocks: 176.117.84.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:51:5b:93:78:24:17:57:2e:6b:07:1c:60:01:33:c6:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Validity
Not Before: Jun 25 21:44:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b606130c0884acb19782efcc1d028b20ac938d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c7:df:94:90:90:6d:1c:98:3d:b6:eb:86:79:
9d:47:5d:88:de:21:2b:69:51:c2:5e:7f:f7:a2:ef:
4e:df:07:cc:b3:b8:a4:7f:0d:4d:7a:05:a9:e2:11:
d1:ba:1c:29:0d:f4:6d:ca:c3:0e:8a:67:0c:0e:dd:
1c:58:b2:ec:4d:d3:c0:cd:ec:cc:92:20:f8:57:93:
f7:92:19:c7:bb:83:6f:e8:e5:07:66:2d:12:02:3c:
31:39:62:7b:84:fd:ac:8f:a1:fc:e7:eb:32:7b:2a:
a2:c5:f6:f6:ef:82:e3:10:f9:d2:52:c2:99:ac:1e:
d1:5f:60:09:5a:c3:d7:d2:eb:18:c0:91:90:c0:d1:
8e:1c:21:5a:a6:0b:64:8b:a3:ce:3d:cc:87:29:a1:
62:22:ae:da:36:c3:e8:2b:f9:1c:82:89:e1:08:06:
60:29:d4:11:38:f9:1b:93:17:4d:f2:05:83:c8:15:
88:24:5c:37:76:5a:aa:0e:0e:a2:19:4c:6b:2c:9e:
e9:8e:96:78:c6:54:a4:86:5a:2b:10:02:75:64:72:
94:7a:dc:bb:37:37:87:9a:5c:a2:70:e9:e6:c2:bb:
ab:fe:4e:32:aa:bb:0f:c3:d2:e7:5d:66:3a:b2:eb:
d8:cd:1c:27:7e:59:5e:05:34:42:9d:86:39:5f:85:
64:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:06:13:0C:08:84:AC:B1:97:82:EF:CC:1D:02:8B:20:AC:93:8D:44
X509v3 Authority Key Identifier:
keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/tgYTDAiErLGXgu_MHQKLIKyTjUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.84.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:fd:1f:1b:b4:2b:8d:0f:e1:6d:0f:18:5c:29:f5:f2:5a:7c:
a7:ac:66:66:bb:c3:a5:2c:32:c5:67:46:a8:69:2e:0d:3e:8f:
9d:7b:9d:56:f0:a3:f2:e2:ee:86:09:4a:81:83:ae:67:17:80:
4a:b0:77:f7:4b:75:d4:ba:f6:6a:80:79:19:58:4a:7f:08:74:
80:24:e4:f2:41:09:f2:15:49:19:70:d4:46:27:04:4a:35:9a:
12:2c:05:fe:f5:35:14:e9:dd:0e:b2:ac:71:6b:0a:34:95:6c:
67:76:25:f7:1b:0c:26:3e:f6:73:69:e6:67:d9:61:aa:06:11:
d5:46:67:d5:90:61:01:6c:42:40:e8:74:31:be:57:15:c9:d3:
aa:6d:03:e9:04:c5:15:9b:d8:6b:23:61:e6:e5:6b:ce:de:84:
72:42:12:50:73:f5:a2:dd:5e:aa:6f:ba:53:67:06:90:ca:83:
83:c9:62:0e:da:19:9d:52:a7:7d:77:cc:ac:37:dd:60:8e:9c:
f1:7e:a0:28:be:78:1a:73:dc:0b:42:0f:50:59:1a:84:6b:a2:
d8:8b:45:46:e7:00:26:e6:47:7b:53:a5:3f:20:b9:6e:35:af:
e6:36:29:91:bb:73:e0:4e:a1:81:ce:e8:7d:19:63:91:c4:a8:
45:1c:ba:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBRW5N4JBdXLmsHHGABM8ZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjQwNjI1MjE0NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjA2MTMwYzA4ODRhY2IxOTc4MmVmY2MxZDAyOGIyMGFjOTM4ZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsfflJCQbRyYPbbrhnmdR12I3iEr
aVHCXn/3ou9O3wfMs7ikfw1NegWp4hHRuhwpDfRtysMOimcMDt0cWLLsTdPAzezM
kiD4V5P3khnHu4Nv6OUHZi0SAjwxOWJ7hP2sj6H85+syeyqixfb274LjEPnSUsKZ
rB7RX2AJWsPX0usYwJGQwNGOHCFapgtki6POPcyHKaFiIq7aNsPoK/kcgonhCAZg
KdQROPkbkxdN8gWDyBWIJFw3dlqqDg6iGUxrLJ7pjpZ4xlSkhlorEAJ1ZHKUety7
NzeHmlyicOnmwrur/k4yqrsPw9LnXWY6suvYzRwnflleBTRCnYY5X4VkOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLYGEwwIhKyxl4LvzB0CiyCsk41EMB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvdGdZVERBaUVyTEdYZ3VfTUhRS0xJS3lUalVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsHVUMA0G
CSqGSIb3DQEBCwUAA4IBAQAu/R8btCuND+FtDxhcKfXyWnynrGZmu8OlLDLFZ0ao
aS4NPo+de51W8KPy4u6GCUqBg65nF4BKsHf3S3XUuvZqgHkZWEp/CHSAJOTyQQny
FUkZcNRGJwRKNZoSLAX+9TUU6d0Osqxxawo0lWxndiX3GwwmPvZzaeZn2WGqBhHV
RmfVkGEBbEJA6HQxvlcVydOqbQPpBMUVm9hrI2Hm5WvO3oRyQhJQc/Wi3V6qb7pT
ZwaQyoODyWIO2hmdUqd9d8ysN91gjpzxfqAovngac9wLQg9QWRqEa6LYi0VG5wAm
5kd7U6U/ILluNa/mNimRu3PgTqGBzuh9GWORxKhFHLrx
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:47:12 2025 by rpki-client