Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/VISbb5zpFDFnhCjQFgTryPm6gUg.roa
File: VISbb5zpFDFnhCjQFgTryPm6gUg.roa (raw, json)
Hash identifier: +nX+UhSiDTyMeb2a5rJAY5PxrdcAeVhqR+X4qsabFfE=
Subject key identifier: 54:84:9B:6F:9C:E9:14:31:67:84:28:D0:16:04:EB:C8:F9:BA:81:48
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 018570D5635392D9A85B088307131E4701A5
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/VISbb5zpFDFnhCjQFgTryPm6gUg.roa
Signing time: Mon 02 Jan 2023 04:55:10 +0000
ROA not before: Mon 02 Jan 2023 04:55:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201211
IP address blocks: 62.133.52.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:63:53:92:d9:a8:5b:08:83:07:13:1e:47:01:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 2 04:55:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54849b6f9ce91431678428d01604ebc8f9ba8148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a2:08:df:e7:ae:65:a4:d9:9c:9c:0f:91:68:
58:1f:be:ca:77:c8:db:84:bd:2d:de:01:f9:ea:7d:
54:8b:0a:54:8d:65:25:e5:1a:e8:85:40:4b:68:da:
c9:97:9e:85:cb:20:43:fe:b8:ea:81:7e:23:c1:70:
f1:6f:b0:02:36:5c:70:68:0f:b1:0b:59:e3:b2:4f:
26:f0:05:58:61:58:c6:c1:71:33:9c:f8:19:06:af:
ba:6b:a7:8e:b2:29:4a:b9:d1:ca:72:fa:e6:9b:d3:
e9:10:a2:20:27:f0:ec:61:42:cf:5b:f8:61:b8:6a:
24:f1:23:90:78:f4:51:35:ba:6e:5e:cd:3b:db:52:
d2:d4:81:b7:34:f9:7c:ec:70:73:09:66:7d:cd:a6:
32:eb:52:85:92:43:56:06:65:47:bd:b5:18:73:c4:
63:a8:69:bc:6b:13:89:98:df:c9:75:05:f3:cf:e5:
92:4b:73:d0:a7:81:35:cd:a8:70:09:c7:b6:f1:5a:
3c:6b:42:a6:1b:63:4f:d5:36:f9:4d:19:c2:48:2a:
3e:25:08:1b:dc:be:9a:f3:6a:68:6d:61:bd:f9:ce:
14:7a:bf:23:4b:27:df:54:d3:bf:9f:64:38:72:48:
32:47:e5:41:9f:fc:a0:1e:6c:ed:56:bc:ae:d0:94:
8e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:84:9B:6F:9C:E9:14:31:67:84:28:D0:16:04:EB:C8:F9:BA:81:48
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/VISbb5zpFDFnhCjQFgTryPm6gUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.133.52.0/22
Signature Algorithm: sha256WithRSAEncryption
79:d7:88:5a:9b:1d:44:af:26:a9:a5:e9:b9:a2:75:87:0f:3c:
fb:0a:f9:9a:fd:f6:fc:5d:0d:3e:00:8e:ff:80:89:cb:8e:03:
df:4c:39:64:8a:20:10:c8:cb:29:f9:5a:28:2d:7d:f8:09:a0:
dd:a0:dd:f3:98:b2:64:5c:66:0a:bd:0f:bd:02:2e:79:89:e1:
ff:78:08:6a:ec:dc:f7:31:cc:25:ac:19:37:7b:5f:31:58:2d:
bd:43:27:af:53:d6:5f:28:47:8a:58:ad:d2:c9:e4:40:6b:1c:
dc:ed:1d:cb:62:1e:61:02:ef:af:83:b5:e8:7e:c1:8a:ba:18:
ed:11:d5:36:a0:cb:f2:23:d8:f7:fd:2c:b5:08:ff:d2:0f:91:
40:e2:83:66:99:06:ff:29:a5:de:dd:ca:75:10:a7:de:0b:85:
f4:8d:bc:2a:37:20:d1:41:f0:de:3b:6b:35:07:a6:5f:a4:ea:
fd:46:3b:c9:42:1a:2a:cf:e7:7d:91:2b:06:2a:cd:a5:28:bb:
9e:d4:9b:70:79:21:db:91:28:a8:3e:e2:7c:e0:fc:2e:38:51:
77:ce:b2:07:4e:05:39:67:28:1b:ac:71:4d:4e:65:d8:b5:9d:
a6:ac:33:42:04:61:2b:ee:5f:6b:65:f4:d7:11:8c:40:ce:39:
b5:d8:ba:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1WNTktmoWwiDBxMeRwGlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjMwMTAyMDQ1NTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDg0OWI2ZjljZTkxNDMxNjc4NDI4ZDAxNjA0ZWJjOGY5YmE4MTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaII3+euZaTZnJwPkWhYH77Kd8jb
hL0t3gH56n1UiwpUjWUl5RrohUBLaNrJl56FyyBD/rjqgX4jwXDxb7ACNlxwaA+x
C1njsk8m8AVYYVjGwXEznPgZBq+6a6eOsilKudHKcvrmm9PpEKIgJ/DsYULPW/hh
uGok8SOQePRRNbpuXs0721LS1IG3NPl87HBzCWZ9zaYy61KFkkNWBmVHvbUYc8Rj
qGm8axOJmN/JdQXzz+WSS3PQp4E1zahwCce28Vo8a0KmG2NP1Tb5TRnCSCo+JQgb
3L6a82pobWG9+c4Uer8jSyffVNO/n2Q4ckgyR+VBn/ygHmztVryu0JSO5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFSEm2+c6RQxZ4Qo0BYE68j5uoFIMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvVklTYmI1enBGREZuaENqUUZnVHJ5UG02Z1VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCPoU0MA0G
CSqGSIb3DQEBCwUAA4IBAQB514hamx1Eryappem5onWHDzz7Cvma/fb8XQ0+AI7/
gInLjgPfTDlkiiAQyMsp+VooLX34CaDdoN3zmLJkXGYKvQ+9Ai55ieH/eAhq7Nz3
McwlrBk3e18xWC29QyevU9ZfKEeKWK3SyeRAaxzc7R3LYh5hAu+vg7XofsGKuhjt
EdU2oMvyI9j3/Sy1CP/SD5FA4oNmmQb/KaXe3cp1EKfeC4X0jbwqNyDRQfDeO2s1
B6ZfpOr9RjvJQhoqz+d9kSsGKs2lKLue1JtweSHbkSioPuJ84PwuOFF3zrIHTgU5
ZygbrHFNTmXYtZ2mrDNCBGEr7l9rZfTXEYxAzjm12Lom
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org