Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/Y2_VhKKH5SZyFIBo-MKFkMC1Gqk.roa
File: Y2_VhKKH5SZyFIBo-MKFkMC1Gqk.roa (raw, json)
Hash identifier: 7mOnJRqXZxwLN75Ggz3GcPkyNPYRCaOcFTCh4Rasj0E=
Subject key identifier: 63:6F:D5:84:A2:87:E5:26:72:14:80:68:F8:C2:85:90:C0:B5:1A:A9
Certificate issuer: /CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Certificate serial: 018F0C1DC10F1FF1D12800C902D6CEFA5DCC
Authority key identifier: CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/Y2_VhKKH5SZyFIBo-MKFkMC1Gqk.roa
Signing time: Tue 23 Apr 2024 18:00:27 +0000
ROA not before: Tue 23 Apr 2024 18:00:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47122
IP address blocks: 62.233.46.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0c:1d:c1:0f:1f:f1:d1:28:00:c9:02:d6:ce:fa:5d:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Validity
Not Before: Apr 23 18:00:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=636fd584a287e52672148068f8c28590c0b51aa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:59:f4:9b:0c:20:60:06:61:90:50:fb:07:e2:
1e:fd:f8:f0:cf:fb:09:dd:35:2f:ce:51:30:35:a3:
db:85:b1:a4:da:08:02:29:62:7f:d7:09:49:5e:0c:
2b:ef:15:78:e3:ab:5a:b5:39:57:3f:47:14:d3:ed:
11:a5:2b:ed:30:20:43:83:03:78:70:24:19:e1:b6:
e0:d2:af:c7:ab:63:f5:1e:13:a1:70:71:9f:68:ec:
85:08:48:c1:f7:db:1a:ff:94:1b:8b:55:34:85:cd:
41:c5:f6:66:72:fa:c8:bf:0f:e4:30:a3:e7:52:e8:
9f:d7:9a:b7:8c:44:81:98:3d:36:9f:ce:96:ff:f9:
24:98:20:ab:0f:c8:63:1d:dd:a2:bb:90:7f:28:7f:
3b:27:60:d4:fd:00:b1:45:1a:7b:17:99:f2:3b:82:
e1:f1:62:6a:d3:37:c8:68:96:b6:1f:56:69:73:6a:
d7:e0:32:e4:c5:81:a7:f2:91:2a:a1:55:60:75:b5:
6b:e4:35:c1:50:fd:cc:83:24:0f:93:ec:27:8e:56:
54:6d:a4:54:74:4b:c1:5d:12:ef:19:a5:15:c7:ad:
03:5d:65:1e:7a:43:d2:ea:9c:15:a4:7b:f1:bf:9f:
42:01:9b:3a:82:db:54:69:a0:e2:23:dc:71:97:8e:
7b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:6F:D5:84:A2:87:E5:26:72:14:80:68:F8:C2:85:90:C0:B5:1A:A9
X509v3 Authority Key Identifier:
keyid:CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/Y2_VhKKH5SZyFIBo-MKFkMC1Gqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.233.46.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:e3:4b:f1:30:a2:ee:55:a1:79:a5:9d:05:7f:93:a9:0d:3e:
d4:e7:54:74:d5:3d:c4:db:1b:47:ff:5b:c4:c7:bc:e0:41:78:
19:42:b5:c4:91:10:72:6f:73:1c:b2:12:b5:e4:0c:48:61:21:
13:4d:e1:8d:23:87:52:2b:b9:41:63:f5:cf:5f:07:b2:c9:c2:
44:1e:67:9e:6a:c8:3d:a4:ae:49:3c:d3:7f:93:53:f9:f4:9e:
e3:08:84:af:17:73:ba:4e:65:b4:d8:fc:db:5d:4d:31:b8:1c:
04:86:e1:a9:73:cc:61:29:29:15:d6:f7:17:67:3f:2f:22:82:
38:f9:e4:ea:23:45:78:3f:47:79:8d:29:91:6a:ce:d7:0c:66:
c7:12:f5:8e:49:b8:e0:2f:8d:aa:b6:cd:e2:5f:4c:9e:54:60:
33:41:e7:53:9b:9d:e4:60:8a:fe:91:c7:6c:97:ee:93:6b:56:
d4:cc:2f:3f:b0:7d:64:8a:f1:95:54:2d:04:74:70:7c:33:a1:
ba:f7:e4:ec:8f:67:26:7a:ac:6b:7a:55:c8:4e:44:dc:fb:24:
70:5c:de:a0:6c:c1:3b:32:33:f0:a3:07:1e:5d:9f:ba:76:06:
41:4d:9a:5a:df:a2:1d:5e:3f:93:bd:1c:76:d4:39:9e:ac:36:
b5:c6:ca:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8MHcEPH/HRKADJAtbO+l3MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGJlZmJhOGZlM2MxZjY2OGM4NDQ0Mzg0ZmU0YTNhOWY0
ZDg3ZjEwHhcNMjQwNDIzMTgwMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzZmZDU4NGEyODdlNTI2NzIxNDgwNjhmOGMyODU5MGMwYjUxYWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvln0mwwgYAZhkFD7B+Ie/fjwz/sJ
3TUvzlEwNaPbhbGk2ggCKWJ/1wlJXgwr7xV446tatTlXP0cU0+0RpSvtMCBDgwN4
cCQZ4bbg0q/Hq2P1HhOhcHGfaOyFCEjB99sa/5Qbi1U0hc1BxfZmcvrIvw/kMKPn
Uuif15q3jESBmD02n86W//kkmCCrD8hjHd2iu5B/KH87J2DU/QCxRRp7F5nyO4Lh
8WJq0zfIaJa2H1Zpc2rX4DLkxYGn8pEqoVVgdbVr5DXBUP3MgyQPk+wnjlZUbaRU
dEvBXRLvGaUVx60DXWUeekPS6pwVpHvxv59CAZs6gttUaaDiI9xxl457eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGNv1YSih+UmchSAaPjChZDAtRqpMB8GA1UdIwQY
MBaAFM3b77qP48H2aMhEQ4T+SjqfTYfxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMt
MWEzOWU2YTZkZTkzLzEvWTJfVmhLS0g1U1p5RklCby1NS0ZrTUMxR3FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMtMWEzOWU2YTZkZTkz
LzEvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPukuMA0G
CSqGSIb3DQEBCwUAA4IBAQBO40vxMKLuVaF5pZ0Ff5OpDT7U51R01T3E2xtH/1vE
x7zgQXgZQrXEkRByb3McshK15AxIYSETTeGNI4dSK7lBY/XPXweyycJEHmeeasg9
pK5JPNN/k1P59J7jCISvF3O6TmW02PzbXU0xuBwEhuGpc8xhKSkV1vcXZz8vIoI4
+eTqI0V4P0d5jSmRas7XDGbHEvWOSbjgL42qts3iX0yeVGAzQedTm53kYIr+kcds
l+6Ta1bUzC8/sH1kivGVVC0EdHB8M6G69+Tsj2cmeqxrelXITkTc+yRwXN6gbME7
MjPwowceXZ+6dgZBTZpa36IdXj+TvRx21DmerDa1xsqp
-----END CERTIFICATE-----
Generated at Wed May 15 17:07:53 2024 by rpki-client on console-fra.rpki-client.org