Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/xYylzk3Rld034hfy4bHLkpVl7o4.roa
File: xYylzk3Rld034hfy4bHLkpVl7o4.roa (raw, json)
Hash identifier: fgoMGD8dVOo96QrieRAoFP7h9H39RFe0JQq5lLYsZJw=
Subject key identifier: C5:8C:A5:CE:4D:D1:95:DD:37:E2:17:F2:E1:B1:CB:92:95:65:EE:8E
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 069F9FAC
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/xYylzk3Rld034hfy4bHLkpVl7o4.roa
Signing time: Fri 08 Apr 2022 16:50:15 +0000
ROA not before: Fri 08 Apr 2022 16:50:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201211
IP address blocks: 62.133.52.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111124396 (0x69f9fac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Apr 8 16:50:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c58ca5ce4dd195dd37e217f2e1b1cb929565ee8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:31:d4:90:84:a5:a2:2e:58:e8:a5:f1:18:74:
13:c5:7f:7e:80:bb:f3:00:67:3f:f7:56:68:7b:d4:
1a:c1:68:d3:a1:f8:a2:33:42:c0:85:47:7b:0d:b7:
27:5a:06:ba:a9:3a:c4:26:d9:c7:8b:4c:68:75:ab:
ec:c5:31:e9:a1:c0:30:d6:b2:c8:cf:93:68:96:c8:
1b:0a:91:20:03:2c:02:93:c5:98:48:3c:ce:7d:f3:
77:7b:f4:70:0d:7b:f5:42:a1:4f:7d:6c:e8:62:e1:
ef:2d:96:63:03:3a:b6:32:ba:55:7a:01:0d:5e:32:
92:15:5c:09:90:44:7b:06:e6:3d:f6:a6:d6:e3:a6:
dc:f6:01:19:8f:01:42:d2:be:76:92:68:a2:90:47:
f1:33:e6:fd:49:0d:17:d0:81:85:82:7b:77:cd:4e:
bf:8b:ea:62:95:52:ce:18:6b:29:e7:f6:83:9e:73:
e7:a9:13:51:b5:2e:75:bb:7e:86:90:c4:e3:b4:e9:
16:1a:8a:c5:f2:9b:fb:c8:35:a1:2f:af:f9:c4:21:
51:cc:ac:af:d4:9c:23:b8:00:59:5f:da:d7:2b:2e:
ee:53:40:d6:91:97:2f:22:e7:4b:28:e6:f1:98:19:
33:c3:12:6c:26:e6:8e:65:1f:5c:af:42:b5:bb:91:
28:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:8C:A5:CE:4D:D1:95:DD:37:E2:17:F2:E1:B1:CB:92:95:65:EE:8E
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/xYylzk3Rld034hfy4bHLkpVl7o4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.133.52.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:13:6f:77:cf:ec:3f:2d:78:09:1b:ff:75:b3:d8:f1:a6:c5:
e0:64:4e:11:ab:8c:52:4f:6a:2e:11:bd:cb:9c:54:3f:a9:5c:
b2:2c:fc:19:4b:d7:22:a3:46:2b:90:a4:5c:4f:d1:07:07:87:
06:e4:9c:89:24:2d:c7:24:ce:48:e2:c2:2b:d9:02:f8:a6:36:
ad:32:27:8d:0a:01:2c:04:b0:69:96:bb:dd:9e:40:c1:60:0a:
73:4a:4c:8d:1e:2b:85:71:4c:ae:31:5e:ad:5a:14:2c:74:5b:
db:a5:41:1d:12:66:db:bb:45:4d:30:08:65:17:f6:bb:dd:60:
5c:1b:17:f3:df:62:26:bb:ed:f2:fc:9e:5e:9f:49:8e:5c:ef:
51:19:d7:03:d4:e1:23:2e:00:a1:74:05:2a:37:93:75:6d:c3:
69:01:1a:70:62:bd:e9:12:30:23:2f:5e:e8:ce:0c:61:5b:38:
66:3c:21:f6:9f:1d:a8:1c:13:19:d9:ef:0e:2a:2b:d4:18:2a:
0e:87:3f:ad:63:09:38:b6:2c:a7:b2:8a:6d:90:ab:7a:0f:ab:
a5:79:c2:3c:be:9b:d8:18:b3:6b:58:2d:db:fe:d0:2d:9c:2d:
e2:c5:07:97:a1:9e:e1:81:44:b8:d1:35:14:2e:a6:5f:5d:b3:
20:45:02:a0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBp+frDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3NjE1OWJmZDllMzM3NTIzZWU5MzBmM2RmMTExZDZiYWU3MzA2MB4XDTIyMDQw
ODE2NTAxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzU4Y2E1Y2U0ZGQx
OTVkZDM3ZTIxN2YyZTFiMWNiOTI5NTY1ZWU4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8x1JCEpaIuWOil8Rh0E8V/foC78wBnP/dWaHvUGsFo06H4
ojNCwIVHew23J1oGuqk6xCbZx4tMaHWr7MUx6aHAMNayyM+TaJbIGwqRIAMsApPF
mEg8zn3zd3v0cA179UKhT31s6GLh7y2WYwM6tjK6VXoBDV4ykhVcCZBEewbmPfam
1uOm3PYBGY8BQtK+dpJoopBH8TPm/UkNF9CBhYJ7d81Ov4vqYpVSzhhrKef2g55z
56kTUbUudbt+hpDE47TpFhqKxfKb+8g1oS+v+cQhUcysr9ScI7gAWV/a1ysu7lNA
1pGXLyLnSyjm8ZgZM8MSbCbmjmUfXK9CtbuRKAECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTFjKXOTdGV3TfiF/LhscuSlWXujjAfBgNVHSMEGDAWgBTM12FZv9njN1I+
6TDz3xEda65zBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8x
L3hZeWx6azNSbGQwMzRoZnk0YkhMa3BWbDdvNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTAv
ZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5MS8xL3pOZGhXYl9aNHpk
U1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAj6FNDANBgkqhkiG9w0BAQsFAAOC
AQEAXhNvd8/sPy14CRv/dbPY8abF4GROEauMUk9qLhG9y5xUP6lcsiz8GUvXIqNG
K5CkXE/RBweHBuSciSQtxyTOSOLCK9kC+KY2rTInjQoBLASwaZa73Z5AwWAKc0pM
jR4rhXFMrjFerVoULHRb26VBHRJm27tFTTAIZRf2u91gXBsX899iJrvt8vyeXp9J
jlzvURnXA9ThIy4AoXQFKjeTdW3DaQEacGK96RIwIy9e6M4MYVs4Zjwh9p8dqBwT
GdnvDior1BgqDoc/rWMJOLYsp7KKbZCreg+rpXnCPL6b2Biza1gt2/7QLZwt4sUH
l6Ge4YFEuNE1FC6mX12zIEUCoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org