Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/1YkbAYopfRcUCrWSlY6qhN9aygk.roa
File: 1YkbAYopfRcUCrWSlY6qhN9aygk.roa (raw, json)
Hash identifier: 4Uc8NVcRZViu9z0VVe0PLbQg55tp14wj7aHimczzUVU=
Subject key identifier: D5:89:1B:01:8A:29:7D:17:14:0A:B5:92:95:8E:AA:84:DF:5A:CA:09
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 018B6B4052C6CC57168839AB4773A77DDAAF
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/1YkbAYopfRcUCrWSlY6qhN9aygk.roa
Signing time: Thu 26 Oct 2023 09:10:59 +0000
ROA not before: Thu 26 Oct 2023 09:10:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207841
IP address blocks: 62.182.173.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6b:40:52:c6:cc:57:16:88:39:ab:47:73:a7:7d:da:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Oct 26 09:10:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5891b018a297d17140ab592958eaa84df5aca09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ee:21:86:32:19:8d:2f:36:59:9a:a0:25:e7:
1a:54:93:42:cb:8c:15:53:ce:ff:15:04:91:85:d7:
45:49:21:46:c0:3e:87:70:ac:6b:83:3d:f7:e7:42:
1a:b8:ca:0e:cc:db:8f:4a:7b:2c:b4:a4:de:b9:33:
7c:97:95:4d:78:65:16:02:08:2d:7e:4e:54:a4:e9:
c9:d1:34:21:cb:8c:2d:ae:4b:2a:be:7c:b4:11:54:
fc:5c:8c:88:60:4b:1c:ed:0d:ae:23:94:de:bc:96:
92:15:30:cb:55:a8:78:a5:6a:f6:d7:c0:fa:de:b0:
de:b1:77:07:73:9b:bc:e8:12:19:71:3b:e5:1e:52:
be:9b:6b:2e:c0:b1:3e:5a:25:a5:82:73:a2:a9:69:
3e:5d:ae:de:73:83:30:81:2d:84:7c:c9:49:74:7a:
c7:bb:72:c8:67:df:ca:62:66:9d:48:69:ea:93:ef:
5b:70:2b:f5:fb:ed:7c:36:f6:48:32:5b:36:51:8b:
2e:ba:b2:f4:fb:22:de:00:ed:5e:de:2c:3a:a7:61:
d9:a9:83:34:c4:37:3c:72:9f:2f:f5:f7:c5:5e:70:
bc:9e:76:69:ac:ea:55:f5:3c:f3:38:3e:c7:fc:25:
c2:82:b4:e9:42:03:08:c7:3d:88:69:07:4e:94:7a:
b8:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:89:1B:01:8A:29:7D:17:14:0A:B5:92:95:8E:AA:84:DF:5A:CA:09
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/1YkbAYopfRcUCrWSlY6qhN9aygk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.173.0/24
Signature Algorithm: sha256WithRSAEncryption
84:49:50:3d:73:09:0f:e1:05:ca:f3:cb:25:b0:d4:14:c1:7c:
1d:24:bf:0b:a7:a9:58:bd:49:d8:26:ca:41:31:e0:7a:72:3b:
bc:85:82:b3:d9:14:dd:f8:ab:74:09:d6:11:fa:d4:38:02:88:
37:dc:19:8e:26:91:4f:e1:cf:94:a2:3f:d1:d3:ac:71:1f:24:
a7:fa:9d:78:11:ff:f2:44:d9:2a:6b:80:f4:e2:ad:e1:fb:5b:
2f:1d:3e:93:95:8c:2b:c4:76:cf:7b:b4:46:69:48:15:47:b8:
8d:7d:89:22:12:82:6d:bc:45:38:ea:c0:bc:c4:88:36:bf:cc:
a9:51:16:c1:81:3f:3b:39:33:37:89:9f:3f:a9:37:32:4a:fe:
9a:2e:b1:a7:36:2b:d9:f2:22:00:41:da:a6:6b:72:34:65:23:
5e:b5:ed:a6:58:b0:07:db:92:80:d7:82:aa:b5:32:6e:36:c7:
b8:ad:ff:71:81:46:25:03:c7:24:fd:0d:16:6e:8e:12:53:ed:
1d:00:c2:6b:aa:7f:24:3a:8d:09:c9:da:8f:8f:96:b1:67:d4:
4d:c5:84:85:40:86:54:e8:cb:65:28:44:32:cc:01:0c:dd:21:
8b:4f:29:30:54:9a:71:31:cf:b1:5d:a5:89:17:26:99:d9:65:
bd:38:4b:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtrQFLGzFcWiDmrR3OnfdqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMxMDI2MDkxMDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTg5MWIwMThhMjk3ZDE3MTQwYWI1OTI5NThlYWE4NGRmNWFjYTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhO4hhjIZjS82WZqgJecaVJNCy4wV
U87/FQSRhddFSSFGwD6HcKxrgz3350IauMoOzNuPSnsstKTeuTN8l5VNeGUWAggt
fk5UpOnJ0TQhy4wtrksqvny0EVT8XIyIYEsc7Q2uI5TevJaSFTDLVah4pWr218D6
3rDesXcHc5u86BIZcTvlHlK+m2suwLE+WiWlgnOiqWk+Xa7ec4MwgS2EfMlJdHrH
u3LIZ9/KYmadSGnqk+9bcCv1++18NvZIMls2UYsuurL0+yLeAO1e3iw6p2HZqYM0
xDc8cp8v9ffFXnC8nnZprOpV9TzzOD7H/CXCgrTpQgMIxz2IaQdOlHq4tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNWJGwGKKX0XFAq1kpWOqoTfWsoJMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvMVlrYkFZb3BmUmNVQ3JXU2xZNnFoTjlheWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPratMA0G
CSqGSIb3DQEBCwUAA4IBAQCESVA9cwkP4QXK88slsNQUwXwdJL8Lp6lYvUnYJspB
MeB6cju8hYKz2RTd+Kt0CdYR+tQ4Aog33BmOJpFP4c+Uoj/R06xxHySn+p14Ef/y
RNkqa4D04q3h+1svHT6TlYwrxHbPe7RGaUgVR7iNfYkiEoJtvEU46sC8xIg2v8yp
URbBgT87OTM3iZ8/qTcySv6aLrGnNivZ8iIAQdqma3I0ZSNete2mWLAH25KA14Kq
tTJuNse4rf9xgUYlA8ck/Q0Wbo4SU+0dAMJrqn8kOo0JydqPj5axZ9RNxYSFQIZU
6MtlKEQyzAEM3SGLTykwVJpxMc+xXaWJFyaZ2WW9OEvR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:04 2024 by rpki-client on console-fra.rpki-client.org