Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/XUrrqBVc4crTi96P8NrKj5SrFe4.roa
File: XUrrqBVc4crTi96P8NrKj5SrFe4.roa (raw, json)
Hash identifier: 9RdY5wD+PYkz2MwPAGStfCNYH06QIMiS8YjmUwcLyfI=
Subject key identifier: 5D:4A:EB:A8:15:5C:E1:CA:D3:8B:DE:8F:F0:DA:CA:8F:94:AB:15:EE
Certificate issuer: /CN=97ebf14a8e54f12dd8b245353df683e182a096c5
Certificate serial: 018D1827B4836931F807056D9C6A3B32C7A9
Authority key identifier: 97:EB:F1:4A:8E:54:F1:2D:D8:B2:45:35:3D:F6:83:E1:82:A0:96:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l-vxSo5U8S3YskU1PfaD4YKglsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/XUrrqBVc4crTi96P8NrKj5SrFe4.roa
Signing time: Wed 17 Jan 2024 16:01:11 +0000
ROA not before: Wed 17 Jan 2024 16:01:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41957
IP address blocks: 62.3.48.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:18:27:b4:83:69:31:f8:07:05:6d:9c:6a:3b:32:c7:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97ebf14a8e54f12dd8b245353df683e182a096c5
Validity
Not Before: Jan 17 16:01:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d4aeba8155ce1cad38bde8ff0daca8f94ab15ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fb:e6:ff:74:31:23:5c:f7:2b:d7:f0:a5:0b:
aa:44:ce:d8:f4:63:96:de:37:f4:9f:ce:24:f7:a8:
7f:ed:34:02:57:93:0e:84:49:42:c7:f3:af:a7:f1:
29:fe:17:cd:be:04:bc:75:8e:e4:bd:21:e6:e4:63:
ae:ea:b5:72:f8:15:bb:4d:8c:26:ac:f0:74:19:24:
e0:65:a4:84:e7:3b:d3:b2:c4:f6:eb:27:63:a1:cc:
dc:b9:9f:cd:42:56:b5:26:db:45:9e:47:ce:ba:64:
74:09:90:d5:d7:42:0b:8f:b8:43:5c:a9:5d:98:d6:
fe:49:f5:c7:f0:23:7d:8e:27:d2:20:0b:bc:2e:f3:
28:3d:41:3c:36:d0:ce:e6:2d:52:c8:13:47:3f:65:
12:2c:33:dc:d6:0d:1f:2b:14:73:31:71:93:b3:1d:
08:b3:24:eb:34:45:6d:34:f9:35:10:68:bf:3c:a7:
62:2b:ad:b1:a3:33:fe:c9:a3:2d:80:c8:a3:a1:91:
3f:a8:04:19:2a:df:9b:15:d3:c0:97:6b:df:25:b7:
3c:da:23:22:43:a7:13:a7:37:ff:bb:c9:8a:9a:ba:
5a:7e:82:6c:44:2f:d5:bf:85:8c:7d:8f:f7:51:ce:
5b:9b:c0:c9:57:4b:f0:07:4d:05:28:cb:72:46:a0:
61:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:4A:EB:A8:15:5C:E1:CA:D3:8B:DE:8F:F0:DA:CA:8F:94:AB:15:EE
X509v3 Authority Key Identifier:
keyid:97:EB:F1:4A:8E:54:F1:2D:D8:B2:45:35:3D:F6:83:E1:82:A0:96:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l-vxSo5U8S3YskU1PfaD4YKglsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/XUrrqBVc4crTi96P8NrKj5SrFe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/092b11-1622-4556-8e65-2409aad081d2/1/l-vxSo5U8S3YskU1PfaD4YKglsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.48.0/24
Signature Algorithm: sha256WithRSAEncryption
07:64:5a:fc:67:06:8d:3f:0c:58:c6:25:ed:40:fb:fc:2d:84:
28:76:af:48:57:85:24:3f:b9:c0:f1:e5:5b:de:f7:12:a7:39:
40:ba:ba:2f:4a:c1:ed:dd:90:10:4a:45:b8:7f:a8:a6:a5:f0:
99:59:58:dc:f0:46:04:41:a3:dc:24:f7:de:1b:76:15:a1:2c:
a4:15:12:fd:8f:66:71:c4:ae:95:0c:cd:92:87:85:49:67:7d:
68:16:0b:c8:73:be:8b:04:9f:e4:74:b4:f2:09:b6:26:8c:5d:
f7:5a:bd:33:b7:72:fd:2c:41:57:7b:78:4c:a3:3c:75:bf:45:
ce:b8:02:3e:94:bb:b2:11:0f:38:2e:e2:de:7f:94:93:c0:98:
7f:64:e6:72:6c:d4:a5:96:86:06:d5:83:89:17:c9:b4:b3:f6:
cc:d7:37:e4:44:bc:42:b4:66:2e:3e:a6:78:ad:34:d4:cf:80:
6d:7c:0d:85:c6:43:17:f5:f6:34:73:0b:22:eb:58:68:01:91:
80:a5:33:fb:10:c9:23:9e:94:31:d8:7c:7a:ff:59:b1:61:8c:
0b:01:11:ea:97:35:a5:99:4d:fc:b4:c1:b1:09:da:52:aa:f7:
e4:14:3f:c3:88:32:95:ff:e5:53:ad:c7:79:60:a7:37:7f:f8:
5a:53:02:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0YJ7SDaTH4BwVtnGo7MsepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZWJmMTRhOGU1NGYxMmRkOGIyNDUzNTNkZjY4M2UxODJh
MDk2YzUwHhcNMjQwMTE3MTYwMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDRhZWJhODE1NWNlMWNhZDM4YmRlOGZmMGRhY2E4Zjk0YWIxNWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/vm/3QxI1z3K9fwpQuqRM7Y9GOW
3jf0n84k96h/7TQCV5MOhElCx/Ovp/Ep/hfNvgS8dY7kvSHm5GOu6rVy+BW7TYwm
rPB0GSTgZaSE5zvTssT26ydjoczcuZ/NQla1JttFnkfOumR0CZDV10ILj7hDXKld
mNb+SfXH8CN9jifSIAu8LvMoPUE8NtDO5i1SyBNHP2USLDPc1g0fKxRzMXGTsx0I
syTrNEVtNPk1EGi/PKdiK62xozP+yaMtgMijoZE/qAQZKt+bFdPAl2vfJbc82iMi
Q6cTpzf/u8mKmrpafoJsRC/Vv4WMfY/3Uc5bm8DJV0vwB00FKMtyRqBh3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1K66gVXOHK04vej/Dayo+UqxXuMB8GA1UdIwQY
MBaAFJfr8UqOVPEt2LJFNT32g+GCoJbFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbC12eFNvNVU4UzNZc2tVMVBmYUQ0WUtnbHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wOTJiMTEtMTYyMi00NTU2LThlNjUt
MjQwOWFhZDA4MWQyLzEvWFVycnFCVmM0Y3JUaTk2UDhOcktqNVNyRmU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wOTJiMTEtMTYyMi00NTU2LThlNjUtMjQwOWFhZDA4MWQy
LzEvbC12eFNvNVU4UzNZc2tVMVBmYUQ0WUtnbHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPgMwMA0G
CSqGSIb3DQEBCwUAA4IBAQAHZFr8ZwaNPwxYxiXtQPv8LYQodq9IV4UkP7nA8eVb
3vcSpzlAurovSsHt3ZAQSkW4f6impfCZWVjc8EYEQaPcJPfeG3YVoSykFRL9j2Zx
xK6VDM2Sh4VJZ31oFgvIc76LBJ/kdLTyCbYmjF33Wr0zt3L9LEFXe3hMozx1v0XO
uAI+lLuyEQ84LuLef5STwJh/ZOZybNSlloYG1YOJF8m0s/bM1zfkRLxCtGYuPqZ4
rTTUz4BtfA2FxkMX9fY0cwsi61hoAZGApTP7EMkjnpQx2Hx6/1mxYYwLARHqlzWl
mU38tMGxCdpSqvfkFD/DiDKV/+VTrcd5YKc3f/haUwKX
-----END CERTIFICATE-----
Generated at Thu Apr 18 11:24:57 2024 by rpki-client on console-fra.rpki-client.org