Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/0IIRtXix1QomSFLxgRBRFnlKANI.roa
File: 0IIRtXix1QomSFLxgRBRFnlKANI.roa (raw, json)
Hash identifier: hG/HVMcrAzE3YbW5yrn4I+UJGgsnpcXzDnmZF/w12iU=
Subject key identifier: D0:82:11:B5:78:B1:D5:0A:26:48:52:F1:81:10:51:16:79:4A:00:D2
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 0185719540AB8F4894167B06C0A1A785F132
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/0IIRtXix1QomSFLxgRBRFnlKANI.roa
Signing time: Mon 02 Jan 2023 08:24:44 +0000
ROA not before: Mon 02 Jan 2023 08:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 62.182.170.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:40:ab:8f:48:94:16:7b:06:c0:a1:a7:85:f1:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Jan 2 08:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d08211b578b1d50a264852f181105116794a00d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:32:e8:da:5e:56:25:8e:eb:03:5b:1a:b8:f4:
43:66:dc:f8:6e:58:b1:f7:ca:58:9b:03:12:23:81:
16:f9:c9:6b:6d:88:18:88:c3:fa:be:9e:d6:b2:49:
c5:83:2e:1a:95:10:25:06:eb:9e:63:54:61:2c:c4:
ed:9e:11:59:b5:15:0c:9f:07:82:4c:fe:9f:b3:b2:
b2:77:94:8a:92:9d:1a:1a:dc:71:2b:de:ae:c6:f3:
21:0c:e0:3e:c6:79:0c:e9:f6:89:74:e2:16:63:85:
96:d8:f9:20:b5:c4:a0:9b:09:1b:61:6c:bd:00:97:
63:d9:b5:f7:31:01:02:4c:fd:7e:7f:a9:e7:8e:d2:
51:ce:20:f8:6a:46:98:dc:e5:84:f8:2a:6d:ae:7a:
ef:a8:50:8e:6d:ae:99:1a:d1:58:b5:1a:25:d5:f8:
73:57:61:5e:a8:e9:6a:96:37:8f:7f:27:0d:83:1b:
32:a8:57:23:e9:ee:6f:88:55:61:98:67:9f:bb:f0:
84:f5:87:ac:59:47:44:fe:37:08:ca:f3:80:1e:5d:
0f:4a:1c:58:7e:7f:a7:b3:21:bd:b5:da:14:b8:63:
fe:21:fd:f6:bb:35:9f:7d:e6:e4:48:44:c0:0b:d7:
4e:22:c9:2d:39:b3:1c:e9:f0:69:47:c4:88:7f:31:
4a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:82:11:B5:78:B1:D5:0A:26:48:52:F1:81:10:51:16:79:4A:00:D2
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/0IIRtXix1QomSFLxgRBRFnlKANI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.170.0/24
Signature Algorithm: sha256WithRSAEncryption
47:6a:aa:c2:60:51:7f:a7:ec:9d:86:fe:cb:8f:ac:e6:58:41:
44:e7:13:35:8c:96:80:68:82:7e:b4:56:9a:07:77:88:e7:29:
14:8f:73:8c:a4:2c:7c:be:29:fe:a2:e2:ce:20:8a:c8:4b:1c:
b5:3e:8b:75:67:e1:a3:6b:fd:b4:f0:c3:15:40:a7:6a:53:98:
56:c4:bc:ec:28:65:3e:da:fe:b1:08:2c:b5:01:92:97:bb:e9:
f6:e9:80:a8:65:b3:9e:85:bb:09:09:63:6b:be:63:17:27:ce:
38:81:77:a2:e6:58:a9:f2:01:fc:9d:8e:9d:97:ab:6a:cd:b8:
03:49:51:9c:89:98:38:5c:63:db:be:68:13:0a:e7:4f:66:2a:
d6:a5:9c:25:67:7c:80:ca:38:f1:fb:18:72:d3:42:b2:e9:ad:
b2:8b:2a:90:1a:69:4d:94:c8:4a:00:24:82:8e:8b:e3:91:5a:
5b:f2:1b:57:8d:20:a0:97:6e:65:e8:47:62:64:0c:73:dd:ed:
34:31:0b:8f:ce:54:c9:29:02:1b:50:f7:64:36:64:91:5e:a5:
f8:eb:c4:fd:09:8d:8c:13:db:e5:a8:60:1f:03:83:03:4b:5c:
0c:16:82:3b:b8:58:b4:f1:83:39:04:ad:64:28:da:47:26:fc:
0d:1f:e6:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlUCrj0iUFnsGwKGnhfEyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwMTAyMDgyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDgyMTFiNTc4YjFkNTBhMjY0ODUyZjE4MTEwNTExNjc5NGEwMGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjLo2l5WJY7rA1sauPRDZtz4blix
98pYmwMSI4EW+clrbYgYiMP6vp7WsknFgy4alRAlBuueY1RhLMTtnhFZtRUMnweC
TP6fs7Kyd5SKkp0aGtxxK96uxvMhDOA+xnkM6faJdOIWY4WW2PkgtcSgmwkbYWy9
AJdj2bX3MQECTP1+f6nnjtJRziD4akaY3OWE+CptrnrvqFCOba6ZGtFYtRol1fhz
V2FeqOlqljePfycNgxsyqFcj6e5viFVhmGefu/CE9YesWUdE/jcIyvOAHl0PShxY
fn+nsyG9tdoUuGP+If32uzWffebkSETAC9dOIsktObMc6fBpR8SIfzFK+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNCCEbV4sdUKJkhS8YEQURZ5SgDSMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvMElJUnRYaXgxUW9tU0ZMeGdSQlJGbmxLQU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPraqMA0G
CSqGSIb3DQEBCwUAA4IBAQBHaqrCYFF/p+ydhv7Lj6zmWEFE5xM1jJaAaIJ+tFaa
B3eI5ykUj3OMpCx8vin+ouLOIIrISxy1Pot1Z+Gja/208MMVQKdqU5hWxLzsKGU+
2v6xCCy1AZKXu+n26YCoZbOehbsJCWNrvmMXJ844gXei5lip8gH8nY6dl6tqzbgD
SVGciZg4XGPbvmgTCudPZirWpZwlZ3yAyjjx+xhy00Ky6a2yiyqQGmlNlMhKACSC
jovjkVpb8htXjSCgl25l6EdiZAxz3e00MQuPzlTJKQIbUPdkNmSRXqX468T9CY2M
E9vlqGAfA4MDS1wMFoI7uFi08YM5BK1kKNpHJvwNH+bh
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:51:25 2025 by rpki-client