Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/YpgvePrbJROVBChS_gk6_5BwutI.roa
File: YpgvePrbJROVBChS_gk6_5BwutI.roa (raw, json)
Hash identifier: bADO3dubmRknVX+tK4JBCx37Csf2UVpd6vK4Es9/yxk=
Subject key identifier: 62:98:2F:78:FA:DB:25:13:95:04:28:52:FE:09:3A:FF:90:70:BA:D2
Certificate issuer: /CN=e5bcfc1077cf876888fb6c75b2e394923205f3b5
Certificate serial: 05C1B1F1
Authority key identifier: E5:BC:FC:10:77:CF:87:68:88:FB:6C:75:B2:E3:94:92:32:05:F3:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5bz8EHfPh2iI-2x1suOUkjIF87U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/YpgvePrbJROVBChS_gk6_5BwutI.roa
Signing time: Thu 31 Mar 2022 08:57:02 +0000
ROA not before: Thu 31 Mar 2022 08:57:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 176.116.116.0/23 maxlen: 23
176.116.116.0/24 maxlen: 24
176.116.117.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96580081 (0x5c1b1f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bcfc1077cf876888fb6c75b2e394923205f3b5
Validity
Not Before: Mar 31 08:57:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62982f78fadb251395042852fe093aff9070bad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e9:d5:70:46:c9:62:1b:37:ca:69:4a:71:c8:
6a:13:7e:9a:df:af:64:3d:61:0c:4f:50:9a:24:c4:
f3:ae:be:fa:52:ab:bc:e4:1e:29:b9:b2:7c:03:18:
36:79:9b:a4:eb:45:14:89:eb:21:d0:4d:ad:59:4a:
0e:90:3e:9e:eb:87:7b:02:cf:03:9b:9f:39:a7:af:
95:fb:b4:f9:d1:7c:01:32:85:06:34:fc:46:b9:aa:
9e:d7:2e:82:60:80:a7:d5:d5:1f:4b:f1:96:e4:aa:
84:af:13:2c:42:ed:81:dd:a2:cb:84:e7:2e:b7:f0:
1f:e0:0e:4b:66:08:42:06:cd:4c:bf:99:00:e5:e6:
01:3b:13:60:fa:2d:2c:b6:58:f3:b8:fb:17:66:24:
98:87:78:4c:05:e7:7f:9f:52:6a:95:b3:14:74:af:
f7:14:31:9a:6e:9b:27:02:6f:c4:93:13:68:d5:07:
bd:26:5c:0d:f5:7a:71:58:28:18:4c:06:f3:a1:fd:
05:83:09:3c:6b:db:e1:e9:6b:21:bf:f9:08:9e:75:
4a:3e:6b:8a:d9:dd:7c:11:eb:59:c8:7b:40:32:40:
c0:fb:27:9b:67:6e:45:0f:16:60:92:ab:b3:a0:98:
8a:1f:6a:1f:a1:b2:f1:51:c9:fc:0d:88:28:dd:c5:
58:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:98:2F:78:FA:DB:25:13:95:04:28:52:FE:09:3A:FF:90:70:BA:D2
X509v3 Authority Key Identifier:
keyid:E5:BC:FC:10:77:CF:87:68:88:FB:6C:75:B2:E3:94:92:32:05:F3:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5bz8EHfPh2iI-2x1suOUkjIF87U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/YpgvePrbJROVBChS_gk6_5BwutI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e05e77-12ae-4f59-9491-cadd1129c98d/1/5bz8EHfPh2iI-2x1suOUkjIF87U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.116.0/23
Signature Algorithm: sha256WithRSAEncryption
38:13:3d:62:65:81:80:69:23:21:78:af:5e:ed:68:e6:59:75:
ad:d8:3d:21:cb:25:15:3e:a3:dd:e6:50:70:24:bf:36:66:58:
97:75:37:89:7f:46:a4:5d:db:f8:dc:ec:f7:1e:07:3d:f8:96:
75:44:6b:26:ad:88:29:11:27:6c:01:a4:8c:e7:65:21:ce:08:
fe:d9:5b:6f:13:87:24:a3:39:ca:57:88:0f:5a:7c:b9:d7:05:
9f:a1:ec:76:3a:9b:a8:e5:81:b0:37:29:0e:ee:b1:dd:c7:f8:
ad:1e:13:b8:a4:91:9a:6b:01:16:f4:28:cc:0a:a4:77:a8:3f:
bd:07:4f:c3:4f:2f:90:08:40:17:3a:76:f4:ce:ae:0d:89:7f:
c5:6f:01:79:65:0f:1a:21:6e:a0:a4:37:71:ad:54:f9:aa:69:
ac:7c:81:9c:3a:28:09:5b:ff:49:34:40:a0:8c:c3:92:7b:0b:
ad:69:e6:79:21:94:8d:4f:9b:b9:f9:8c:a3:43:69:2f:71:b0:
8d:f5:7e:c5:66:2a:9b:06:5f:33:69:f0:bb:79:5a:bc:28:cc:
d8:ff:a0:36:0c:f9:ff:ce:56:ae:8e:25:3a:9c:fb:dd:42:85:
db:d2:27:ac:c1:e4:b2:5a:48:b7:02:1b:21:f5:b3:e7:40:fe:
9e:60:a4:fa
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBcGx8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NWJjZmMxMDc3Y2Y4NzY4ODhmYjZjNzViMmUzOTQ5MjMyMDVmM2I1MB4XDTIyMDMz
MTA4NTcwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjI5ODJmNzhmYWRi
MjUxMzk1MDQyODUyZmUwOTNhZmY5MDcwYmFkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKvp1XBGyWIbN8ppSnHIahN+mt+vZD1hDE9QmiTE866++lKr
vOQeKbmyfAMYNnmbpOtFFInrIdBNrVlKDpA+nuuHewLPA5ufOaevlfu0+dF8ATKF
BjT8RrmqntcugmCAp9XVH0vxluSqhK8TLELtgd2iy4TnLrfwH+AOS2YIQgbNTL+Z
AOXmATsTYPotLLZY87j7F2YkmId4TAXnf59SapWzFHSv9xQxmm6bJwJvxJMTaNUH
vSZcDfV6cVgoGEwG86H9BYMJPGvb4elrIb/5CJ51Sj5ritndfBHrWch7QDJAwPsn
m2duRQ8WYJKrs6CYih9qH6Gy8VHJ/A2IKN3FWKkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRimC94+tslE5UEKFL+CTr/kHC60jAfBgNVHSMEGDAWgBTlvPwQd8+HaIj7
bHWy45SSMgXztTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzViejhFSGZQaDJpSS0yeDFzdU9Va2pJRjg3VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvZTA1ZTc3LTEyYWUtNGY1OS05NDkxLWNhZGQxMTI5Yzk4ZC8x
L1lwZ3ZlUHJiSlJPVkJDaFNfZ2s2XzVCd3V0SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
ZTA1ZTc3LTEyYWUtNGY1OS05NDkxLWNhZGQxMTI5Yzk4ZC8xLzViejhFSGZQaDJp
SS0yeDFzdU9Va2pJRjg3VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbB0dDANBgkqhkiG9w0BAQsFAAOC
AQEAOBM9YmWBgGkjIXivXu1o5ll1rdg9IcslFT6j3eZQcCS/NmZYl3U3iX9GpF3b
+Nzs9x4HPfiWdURrJq2IKREnbAGkjOdlIc4I/tlbbxOHJKM5yleID1p8udcFn6Hs
djqbqOWBsDcpDu6x3cf4rR4TuKSRmmsBFvQozAqkd6g/vQdPw08vkAhAFzp29M6u
DYl/xW8BeWUPGiFuoKQ3ca1U+apprHyBnDooCVv/STRAoIzDknsLrWnmeSGUjU+b
ufmMo0NpL3GwjfV+xWYqmwZfM2nwu3lavCjM2P+gNgz5/85Wro4lOpz73UKF29In
rMHkslpItwIbIfWz50D+nmCk+g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:53 2023 by rpki-client on console-ams.rpki-client.org