Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/01u7XRVnN-e0-MofNH5FXpKe5aw.roa
File: 01u7XRVnN-e0-MofNH5FXpKe5aw.roa (raw, json)
Hash identifier: JsvTq+kzNyS6j1fh5aVWyf/vSGTOGiK7+kpH0ioNqPA=
Subject key identifier: D3:5B:BB:5D:15:67:37:E7:B4:F8:CA:1F:34:7E:45:5E:92:9E:E5:AC
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 01843E301832D79F1C4C3F8702C27EC78B2F
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/01u7XRVnN-e0-MofNH5FXpKe5aw.roa
Signing time: Thu 03 Nov 2022 15:50:50 +0000
ROA not before: Thu 03 Nov 2022 15:50:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 62.182.172.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3e:30:18:32:d7:9f:1c:4c:3f:87:02:c2:7e:c7:8b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Nov 3 15:50:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d35bbb5d156737e7b4f8ca1f347e455e929ee5ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ce:89:bb:21:f4:cd:98:ab:8c:32:51:36:98:
6b:e1:4b:7f:55:2d:6a:4f:3b:01:6a:79:aa:22:41:
c4:54:8d:c5:3c:33:88:18:00:d3:fe:bb:68:db:60:
55:06:92:fb:8f:75:8c:97:99:25:38:f6:9c:8c:cb:
54:5c:9f:74:40:97:fc:5d:a4:47:cf:82:3f:96:8b:
af:ba:07:5c:67:58:e6:a3:8e:0c:6b:c0:8d:ed:32:
ba:aa:13:5b:d1:43:72:00:97:ee:82:95:73:e0:4b:
61:f2:c3:63:c9:06:95:5a:2f:c5:dd:73:ea:a4:a1:
d1:ac:f6:72:23:3f:1e:7c:c7:9f:11:b6:cb:8c:3d:
fc:47:e0:5f:db:b9:b7:44:03:1d:27:59:20:83:5a:
75:4f:86:cb:58:b5:f8:6f:c7:74:18:9f:fe:3e:e1:
da:b1:ca:de:37:a4:2b:f3:cf:b1:a0:3f:0c:de:c9:
55:10:81:8f:a0:cc:e4:13:1b:8f:f3:c2:7f:5d:80:
a7:f9:51:9c:15:44:d8:9a:e2:e4:a3:8c:b5:c1:33:
7b:e9:f3:40:ed:f9:c4:4e:71:69:95:93:e5:74:6e:
4b:ef:df:c7:a9:5a:69:24:d6:38:21:22:a7:95:61:
24:34:fa:c9:65:fd:7f:40:cf:cc:ef:5c:7e:bd:4a:
39:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:5B:BB:5D:15:67:37:E7:B4:F8:CA:1F:34:7E:45:5E:92:9E:E5:AC
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/01u7XRVnN-e0-MofNH5FXpKe5aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.172.0/22
Signature Algorithm: sha256WithRSAEncryption
64:f2:a0:32:d7:81:2c:03:25:53:69:fb:2a:1d:9e:bc:44:c1:
37:a6:da:d0:1f:f0:c7:65:3b:f8:76:77:f7:53:29:aa:c2:e8:
bc:b4:f5:d5:c7:87:5d:26:3a:3f:a3:81:24:0e:23:a8:bb:77:
b6:da:ef:2f:1a:70:0f:cd:6b:95:f0:45:c3:80:18:73:f0:d7:
40:a3:f7:38:da:b0:65:fb:83:0a:0e:42:fd:2d:93:82:03:71:
70:69:d0:5f:10:f0:72:44:6f:d6:fa:b4:ac:47:cf:38:aa:8a:
44:18:71:77:b4:96:72:7f:c2:48:51:e7:54:00:bb:65:9e:4a:
c0:c4:af:a2:fb:a0:41:4b:bf:88:42:cc:a9:5e:bc:a9:57:a7:
ba:58:3e:1d:2b:79:73:2f:6d:69:19:40:06:7f:03:82:fe:b5:
6e:2a:4b:55:e6:ae:9f:8d:6c:a5:33:82:38:c6:02:58:14:a7:
df:f3:9e:e7:25:fe:2d:80:ba:a5:74:c8:aa:64:99:04:2d:28:
ae:96:8a:34:5d:01:cc:d5:99:8f:3d:0e:62:15:ca:b0:d2:2f:
2d:08:86:24:b5:b7:4d:11:a6:f5:2b:a8:52:e4:d5:e6:02:cc:
4a:95:65:69:cf:14:67:92:ae:f7:00:2b:c1:39:4d:f5:d0:b6:
ba:79:75:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ+MBgy158cTD+HAsJ+x4svMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjIxMTAzMTU1MDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzViYmI1ZDE1NjczN2U3YjRmOGNhMWYzNDdlNDU1ZTkyOWVlNWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhM6JuyH0zZirjDJRNphr4Ut/VS1q
TzsBanmqIkHEVI3FPDOIGADT/rto22BVBpL7j3WMl5klOPacjMtUXJ90QJf8XaRH
z4I/louvugdcZ1jmo44Ma8CN7TK6qhNb0UNyAJfugpVz4Eth8sNjyQaVWi/F3XPq
pKHRrPZyIz8efMefEbbLjD38R+Bf27m3RAMdJ1kgg1p1T4bLWLX4b8d0GJ/+PuHa
screN6Qr88+xoD8M3slVEIGPoMzkExuP88J/XYCn+VGcFUTYmuLko4y1wTN76fNA
7fnETnFplZPldG5L79/HqVppJNY4ISKnlWEkNPrJZf1/QM/M71x+vUo5CwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNNbu10VZzfntPjKHzR+RV6SnuWsMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvMDF1N1hSVm5OLWUwLU1vZk5INUZYcEtlNWF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCPrasMA0G
CSqGSIb3DQEBCwUAA4IBAQBk8qAy14EsAyVTafsqHZ68RME3ptrQH/DHZTv4dnf3
Uymqwui8tPXVx4ddJjo/o4EkDiOou3e22u8vGnAPzWuV8EXDgBhz8NdAo/c42rBl
+4MKDkL9LZOCA3FwadBfEPByRG/W+rSsR884qopEGHF3tJZyf8JIUedUALtlnkrA
xK+i+6BBS7+IQsypXrypV6e6WD4dK3lzL21pGUAGfwOC/rVuKktV5q6fjWylM4I4
xgJYFKff857nJf4tgLqldMiqZJkELSiuloo0XQHM1ZmPPQ5iFcqw0i8tCIYktbdN
Eab1K6hS5NXmAsxKlWVpzxRnkq73ACvBOU310La6eXXi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:04 2024 by rpki-client on console-fra.rpki-client.org