Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/1-ld6zcu2TC7zbi0q2ys_XlaiH7s.roa
File: 1-ld6zcu2TC7zbi0q2ys_XlaiH7s.roa (raw, json)
Hash identifier: CoLnAz4w56HFqlebbQ8t2EFN0vgwqJ9ip2OcyhtiCZI=
Subject key identifier: FA:57:7A:CD:CB:B6:4C:2E:F3:6E:2D:2A:DB:2B:3F:5E:56:A2:1F:BB
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 01845C1B4D635BE04489B433412C736EF196
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/1-ld6zcu2TC7zbi0q2ys_XlaiH7s.roa
Signing time: Wed 09 Nov 2022 11:16:43 +0000
ROA not before: Wed 09 Nov 2022 11:16:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50225
IP address blocks: 62.182.174.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5c:1b:4d:63:5b:e0:44:89:b4:33:41:2c:73:6e:f1:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Nov 9 11:16:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa577acdcbb64c2ef36e2d2adb2b3f5e56a21fbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6f:3e:a2:8f:f6:61:9b:aa:a5:42:c1:3c:15:
53:29:7e:71:25:60:cb:1b:7c:51:de:d4:42:83:45:
58:7f:d0:de:4e:d1:d2:20:09:03:fd:dd:60:0a:5c:
b4:c2:77:bd:64:0b:6c:d8:99:a8:01:7a:f9:5d:16:
eb:fe:6c:7c:a2:65:bc:f4:ac:d4:36:9e:7d:94:34:
5c:ec:da:65:9e:66:95:92:d6:2d:6c:6d:e4:30:10:
3e:a2:9c:9f:8c:21:51:e7:6c:42:28:30:13:b4:cd:
4a:fa:12:b9:f5:16:aa:2d:ff:ab:37:67:3a:39:58:
84:9a:66:c9:2c:f8:6b:2a:d3:75:c9:8f:e3:9b:8d:
b7:88:3b:6c:63:24:22:1f:57:f3:53:ba:f1:44:36:
c2:44:d9:67:43:69:53:25:98:8e:8c:14:ec:66:9a:
04:80:28:ed:c8:d0:39:60:08:6d:6c:2b:23:ef:5e:
3b:f2:43:ce:0c:c4:03:82:ba:63:f1:60:5e:15:82:
6e:e1:fd:a0:c0:19:0c:8c:4f:fb:de:49:4e:97:21:
c3:23:0d:d9:22:97:ee:cc:b0:5a:72:7b:0d:8c:1a:
8a:8e:44:22:a3:82:87:ca:eb:5e:09:9f:8f:22:47:
15:53:cc:c6:f0:4e:15:73:4b:18:f5:1f:9c:7e:26:
cd:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:57:7A:CD:CB:B6:4C:2E:F3:6E:2D:2A:DB:2B:3F:5E:56:A2:1F:BB
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/1-ld6zcu2TC7zbi0q2ys_XlaiH7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.174.0/24
Signature Algorithm: sha256WithRSAEncryption
58:76:80:4d:15:3b:bc:80:cb:84:fe:8f:01:41:95:d8:02:0b:
de:3a:9f:be:27:48:08:f9:f0:7c:eb:54:fc:ee:1f:4e:4d:9e:
ee:59:fe:6a:aa:03:f3:b8:8e:f8:d3:bf:87:7c:18:f4:ea:3d:
38:38:c4:bd:f6:03:06:0c:1b:fc:1e:cd:3f:3e:8a:c9:20:c3:
57:61:db:21:c7:3f:8e:64:af:48:f7:9e:80:c8:ee:e7:22:c1:
0b:70:09:50:1c:b0:44:c9:26:e5:9f:50:50:7b:41:cd:4d:13:
5e:a0:dd:a2:e9:80:61:cc:9b:68:77:78:b2:e5:6b:46:84:55:
fd:78:66:32:6b:71:b4:d3:77:47:57:91:50:35:30:d6:cc:45:
b5:76:dd:5d:60:1f:9e:95:fa:78:59:d8:11:70:2d:0e:72:7a:
53:05:51:06:bb:82:89:94:91:7e:95:e4:f0:90:1b:9f:ea:cd:
d6:a1:38:98:fd:3e:e3:2a:99:a0:8c:04:42:90:db:31:e0:e2:
2f:87:20:71:24:e4:00:be:04:41:07:da:e9:84:0c:11:4b:ee:
37:54:4b:b7:f4:e1:f9:ad:b6:70:f9:7d:9d:b8:ed:07:40:ec:
bb:1a:55:f5:5b:80:69:d5:58:a7:0d:48:c5:ec:74:ef:af:33:
cb:55:eb:f8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYRcG01jW+BEibQzQSxzbvGWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjIxMTA5MTExNjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTU3N2FjZGNiYjY0YzJlZjM2ZTJkMmFkYjJiM2Y1ZTU2YTIxZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo28+oo/2YZuqpULBPBVTKX5xJWDL
G3xR3tRCg0VYf9DeTtHSIAkD/d1gCly0wne9ZAts2JmoAXr5XRbr/mx8omW89KzU
Np59lDRc7NplnmaVktYtbG3kMBA+opyfjCFR52xCKDATtM1K+hK59RaqLf+rN2c6
OViEmmbJLPhrKtN1yY/jm423iDtsYyQiH1fzU7rxRDbCRNlnQ2lTJZiOjBTsZpoE
gCjtyNA5YAhtbCsj71478kPODMQDgrpj8WBeFYJu4f2gwBkMjE/73klOlyHDIw3Z
IpfuzLBacnsNjBqKjkQio4KHyuteCZ+PIkcVU8zG8E4Vc0sY9R+cfibN2wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpXes3Ltkwu824tKtsrP15Woh+7MB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvMS1sZDZ6Y3UyVEM3emJpMHEyeXNfWGxhaUg3cy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjYvMWJiNDVhLTU1MWMtNDk2Ny05NWNhLTc3MzQ0YmNjOTE5
MS8xL1BFN1pRdVhIUXVkNy01dnJsVS1ISlRUMUtFZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD62rjAN
BgkqhkiG9w0BAQsFAAOCAQEAWHaATRU7vIDLhP6PAUGV2AIL3jqfvidICPnwfOtU
/O4fTk2e7ln+aqoD87iO+NO/h3wY9Oo9ODjEvfYDBgwb/B7NPz6KySDDV2HbIcc/
jmSvSPeegMju5yLBC3AJUBywRMkm5Z9QUHtBzU0TXqDdoumAYcybaHd4suVrRoRV
/XhmMmtxtNN3R1eRUDUw1sxFtXbdXWAfnpX6eFnYEXAtDnJ6UwVRBruCiZSRfpXk
8JAbn+rN1qE4mP0+4yqZoIwEQpDbMeDiL4cgcSTkAL4EQQfa6YQMEUvuN1RLt/Th
+a22cPl9nbjtB0DsuxpV9VuAadVYpw1Ixex0768zy1Xr+A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:45 2025 by rpki-client