Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/f4f897-82a7-4a27-b1f1-784db9b1da2b/1/u0aX4wzFKRNHs9eDcL1EhaHJq50.roa
File: u0aX4wzFKRNHs9eDcL1EhaHJq50.roa (raw, json)
Hash identifier: ly2iPVJlfp+7ypnuLP5D8aa0EsK3Svtcr7BYz9bpEaw=
Subject key identifier: BB:46:97:E3:0C:C5:29:13:47:B3:D7:83:70:BD:44:85:A1:C9:AB:9D
Certificate issuer: /CN=6fedf0b7615290aefacc5f6aa6b41d9d1843f1b6
Certificate serial: 01856DD43557AC6524471E669F9AC6DBA91C
Authority key identifier: 6F:ED:F0:B7:61:52:90:AE:FA:CC:5F:6A:A6:B4:1D:9D:18:43:F1:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b-3wt2FSkK76zF9qprQdnRhD8bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/f4f897-82a7-4a27-b1f1-784db9b1da2b/1/u0aX4wzFKRNHs9eDcL1EhaHJq50.roa
Signing time: Sun 01 Jan 2023 14:55:01 +0000
ROA not before: Sun 01 Jan 2023 14:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61146
IP address blocks: 62.108.216.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:35:57:ac:65:24:47:1e:66:9f:9a:c6:db:a9:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fedf0b7615290aefacc5f6aa6b41d9d1843f1b6
Validity
Not Before: Jan 1 14:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb4697e30cc5291347b3d78370bd4485a1c9ab9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:31:1e:bb:22:64:f0:50:20:24:cb:3a:49:48:
18:8e:07:da:41:5a:a4:f4:1d:0a:7a:8e:df:30:08:
e3:30:a1:b7:b2:34:6e:da:32:8f:05:48:fd:7a:62:
7c:f0:4b:51:ac:31:19:b8:07:f1:0e:8b:ff:f9:b5:
d6:31:8d:4b:2c:f7:0f:fe:0a:c2:c8:ab:71:4f:34:
c8:f5:19:08:0d:da:96:6f:f2:ca:c5:f5:29:d1:36:
39:31:89:6b:ab:90:80:de:20:a8:a0:91:ae:d4:61:
c0:ec:c3:9a:e2:96:40:81:cb:14:d3:0e:1e:78:de:
37:25:f9:76:fe:c9:94:16:af:38:a3:78:94:1a:bf:
20:1e:7b:d5:30:86:b0:5e:24:97:a2:ae:8a:d3:b3:
b4:13:90:b6:eb:22:62:c5:59:68:05:fa:55:d7:51:
5c:71:a9:0a:57:3d:fb:7a:c6:99:d5:a2:53:63:d3:
90:41:e8:0f:05:87:5a:9c:cc:d0:5b:33:23:4a:e8:
39:d5:d2:7a:49:32:a7:1b:30:2c:ed:08:63:a3:57:
84:a6:88:51:c0:20:24:a1:c0:f9:12:bd:4a:e8:8e:
25:d1:09:38:a8:43:66:f5:12:a1:92:d0:f4:bc:11:
80:71:1b:96:64:97:6a:a8:46:9e:af:68:89:61:87:
3b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:46:97:E3:0C:C5:29:13:47:B3:D7:83:70:BD:44:85:A1:C9:AB:9D
X509v3 Authority Key Identifier:
keyid:6F:ED:F0:B7:61:52:90:AE:FA:CC:5F:6A:A6:B4:1D:9D:18:43:F1:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b-3wt2FSkK76zF9qprQdnRhD8bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/f4f897-82a7-4a27-b1f1-784db9b1da2b/1/u0aX4wzFKRNHs9eDcL1EhaHJq50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/f4f897-82a7-4a27-b1f1-784db9b1da2b/1/b-3wt2FSkK76zF9qprQdnRhD8bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.108.216.0/21
Signature Algorithm: sha256WithRSAEncryption
13:7b:cb:7a:3f:44:20:75:63:2b:56:1d:6f:71:20:b6:35:7f:
9b:32:55:48:f6:77:9d:8e:dc:0e:ce:42:a3:83:c4:4b:d9:79:
32:5f:58:78:ac:9d:17:81:b3:4e:8f:57:53:20:6e:cb:9a:35:
b8:d5:cb:b9:e7:cd:5a:d0:af:02:bd:64:67:10:e5:55:1f:6a:
38:85:e8:3c:e1:fc:1c:c1:c9:47:a9:50:18:22:a7:71:44:74:
a6:66:b9:14:f6:1c:cb:18:a4:fa:5c:ec:ea:5e:57:6a:17:a0:
e0:9d:67:19:3c:72:0d:7c:7c:9c:72:80:a5:18:92:1d:d8:92:
77:36:c3:c3:01:63:46:8f:34:cb:39:a9:b0:70:a2:95:75:d3:
bc:c8:38:27:32:48:0d:db:ce:b9:4d:33:ae:96:eb:74:ce:86:
9c:cb:df:51:b6:db:1a:db:73:ba:de:14:10:eb:d7:2c:4e:3c:
b1:83:c3:51:86:91:d9:94:f7:4f:68:fe:75:a0:2c:03:82:3c:
93:aa:84:3f:1c:a6:61:3d:02:9b:a9:ba:14:86:49:45:99:c1:
50:c9:c5:bb:eb:9c:2b:c4:43:1e:50:81:84:a7:e6:7a:7d:d8:
0e:67:2b:80:63:0e:39:c8:3d:a7:49:c4:2e:c9:14:4c:e6:f7:
c8:14:d8:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1DVXrGUkRx5mn5rG26kcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZWRmMGI3NjE1MjkwYWVmYWNjNWY2YWE2YjQxZDlkMTg0
M2YxYjYwHhcNMjMwMTAxMTQ1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjQ2OTdlMzBjYzUyOTEzNDdiM2Q3ODM3MGJkNDQ4NWExYzlhYjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDEeuyJk8FAgJMs6SUgYjgfaQVqk
9B0Keo7fMAjjMKG3sjRu2jKPBUj9emJ88EtRrDEZuAfxDov/+bXWMY1LLPcP/grC
yKtxTzTI9RkIDdqWb/LKxfUp0TY5MYlrq5CA3iCooJGu1GHA7MOa4pZAgcsU0w4e
eN43Jfl2/smUFq84o3iUGr8gHnvVMIawXiSXoq6K07O0E5C26yJixVloBfpV11Fc
cakKVz37esaZ1aJTY9OQQegPBYdanMzQWzMjSug51dJ6STKnGzAs7Qhjo1eEpohR
wCAkocD5Er1K6I4l0Qk4qENm9RKhktD0vBGAcRuWZJdqqEaer2iJYYc7BQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtGl+MMxSkTR7PXg3C9RIWhyaudMB8GA1UdIwQY
MBaAFG/t8LdhUpCu+sxfaqa0HZ0YQ/G2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYi0zd3QyRlNrSzc2ekY5cXByUWRuUmhEOGJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9mNGY4OTctODJhNy00YTI3LWIxZjEt
Nzg0ZGI5YjFkYTJiLzEvdTBhWDR3ekZLUk5IczllRGNMMUVoYUhKcTUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9mNGY4OTctODJhNy00YTI3LWIxZjEtNzg0ZGI5YjFkYTJi
LzEvYi0zd3QyRlNrSzc2ekY5cXByUWRuUmhEOGJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPmzYMA0G
CSqGSIb3DQEBCwUAA4IBAQATe8t6P0QgdWMrVh1vcSC2NX+bMlVI9nedjtwOzkKj
g8RL2XkyX1h4rJ0XgbNOj1dTIG7LmjW41cu5581a0K8CvWRnEOVVH2o4heg84fwc
wclHqVAYIqdxRHSmZrkU9hzLGKT6XOzqXldqF6DgnWcZPHINfHyccoClGJId2JJ3
NsPDAWNGjzTLOamwcKKVddO8yDgnMkgN2865TTOulut0zoacy99Rttsa23O63hQQ
69csTjyxg8NRhpHZlPdPaP51oCwDgjyTqoQ/HKZhPQKbqboUhklFmcFQycW765wr
xEMeUIGEp+Z6fdgOZyuAYw45yD2nScQuyRRM5vfIFNjx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:08 2025 by rpki-client