Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/8I9bR1_la1Jf4T3XXlzzJ-gcIFI.roa
File: 8I9bR1_la1Jf4T3XXlzzJ-gcIFI.roa (raw, json)
Hash identifier: VMz5Bhw7HkC2YLpepz0fgRuo2sQM6UTyeFyw4oGnFTE=
Subject key identifier: F0:8F:5B:47:5F:E5:6B:52:5F:E1:3D:D7:5E:5C:F3:27:E8:1C:20:52
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 018760AFBBB2A154A178F2430C38F170FC6A
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/8I9bR1_la1Jf4T3XXlzzJ-gcIFI.roa
Signing time: Sat 08 Apr 2023 11:45:42 +0000
ROA not before: Sat 08 Apr 2023 11:45:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 62.182.170.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:60:af:bb:b2:a1:54:a1:78:f2:43:0c:38:f1:70:fc:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Apr 8 11:45:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f08f5b475fe56b525fe13dd75e5cf327e81c2052
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:72:33:e8:f7:a5:59:bc:c4:dc:5e:6b:cd:8b:
9b:3a:9f:58:0d:67:fe:03:33:ef:8a:7d:f9:af:12:
2d:7b:8e:9c:66:53:79:dc:d9:77:dc:1f:81:36:d5:
01:22:21:b2:9d:ae:5d:0d:72:54:a6:9b:ae:a9:c1:
b4:a3:73:43:1b:71:a5:c6:88:49:4f:47:30:46:1d:
a2:88:e7:b6:84:29:60:91:0f:d2:3f:2c:ec:f0:a9:
92:4b:72:4e:37:87:d7:26:86:29:80:5f:61:2c:98:
2b:59:9d:f9:ea:a2:d1:fe:43:42:db:cd:7e:dc:68:
16:34:67:d3:b7:a2:1d:7c:7f:e6:85:57:b9:3a:f0:
b4:50:b9:94:c7:90:9f:50:59:a8:4a:85:51:09:76:
ed:c0:98:41:ad:b9:d1:ca:3c:a0:13:0f:76:04:f3:
ea:61:e9:f5:16:09:a0:63:8f:27:19:17:92:82:4c:
29:0e:4c:3b:cf:44:62:9b:38:55:89:55:89:ee:ac:
52:7a:01:21:98:9c:e2:0a:69:60:02:26:8b:da:db:
ef:d3:2c:bf:58:76:35:d9:37:7d:62:18:7b:9f:00:
c2:51:8d:4c:c5:17:fe:05:48:cd:5b:4c:7f:83:3e:
67:5d:7c:40:bc:a1:20:9a:17:22:be:91:22:bb:e6:
3c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:8F:5B:47:5F:E5:6B:52:5F:E1:3D:D7:5E:5C:F3:27:E8:1C:20:52
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/8I9bR1_la1Jf4T3XXlzzJ-gcIFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.170.0/24
Signature Algorithm: sha256WithRSAEncryption
43:e4:f7:bf:a5:40:55:63:87:c4:d5:5b:22:a3:c1:85:e2:26:
8a:fb:82:ef:89:93:6b:99:5b:1a:00:87:58:02:ac:00:73:c3:
67:76:84:bc:15:01:1e:4a:ae:93:40:a5:7c:b8:2d:fd:5b:59:
36:04:fc:e5:fd:72:2a:36:b3:87:48:4a:ea:b6:90:ea:3e:c1:
53:f1:74:41:9c:f3:9e:20:54:c6:81:e0:1b:8e:57:bb:10:aa:
2f:e2:16:2f:a4:96:a6:9f:17:49:5a:27:88:40:8b:4a:44:6f:
e8:dc:9a:ac:1e:e7:b4:7e:f2:80:6d:3d:c2:41:9b:d7:22:4e:
0b:f7:39:73:c4:29:b2:c6:e9:af:95:8b:6d:97:98:c2:18:5d:
68:cb:e3:a6:3e:b5:64:e6:19:95:2c:cb:00:09:69:a7:aa:f7:
ab:97:d3:cd:13:56:34:21:f0:47:39:80:01:ca:5c:10:4c:53:
4c:ea:24:a8:31:b6:6c:fa:85:c7:94:bc:15:a7:6f:45:cb:17:
77:61:15:da:75:a1:a5:b3:db:1b:03:09:c3:3d:2b:4a:7f:a7:
5f:2d:2e:af:0d:1d:64:0b:d6:0f:0e:10:e2:15:59:33:0b:4e:
06:7e:95:d9:a1:11:4c:e2:5a:ae:5f:3b:f9:cb:cd:d7:00:8a:
92:5d:ea:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdgr7uyoVShePJDDDjxcPxqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwNDA4MTE0NTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDhmNWI0NzVmZTU2YjUyNWZlMTNkZDc1ZTVjZjMyN2U4MWMyMDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HIz6PelWbzE3F5rzYubOp9YDWf+
AzPvin35rxIte46cZlN53Nl33B+BNtUBIiGyna5dDXJUppuuqcG0o3NDG3GlxohJ
T0cwRh2iiOe2hClgkQ/SPyzs8KmSS3JON4fXJoYpgF9hLJgrWZ356qLR/kNC281+
3GgWNGfTt6IdfH/mhVe5OvC0ULmUx5CfUFmoSoVRCXbtwJhBrbnRyjygEw92BPPq
Yen1FgmgY48nGReSgkwpDkw7z0RimzhViVWJ7qxSegEhmJziCmlgAiaL2tvv0yy/
WHY12Td9Yhh7nwDCUY1MxRf+BUjNW0x/gz5nXXxAvKEgmhcivpEiu+Y85wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPCPW0df5WtSX+E9115c8yfoHCBSMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvOEk5YlIxX2xhMUpmNFQzWFhsenpKLWdjSUZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPraqMA0G
CSqGSIb3DQEBCwUAA4IBAQBD5Pe/pUBVY4fE1Vsio8GF4iaK+4LviZNrmVsaAIdY
AqwAc8NndoS8FQEeSq6TQKV8uC39W1k2BPzl/XIqNrOHSErqtpDqPsFT8XRBnPOe
IFTGgeAbjle7EKov4hYvpJamnxdJWieIQItKRG/o3JqsHue0fvKAbT3CQZvXIk4L
9zlzxCmyxumvlYttl5jCGF1oy+OmPrVk5hmVLMsACWmnqverl9PNE1Y0IfBHOYAB
ylwQTFNM6iSoMbZs+oXHlLwVp29Fyxd3YRXadaGls9sbAwnDPStKf6dfLS6vDR1k
C9YPDhDiFVkzC04GfpXZoRFM4lquXzv5y83XAIqSXepj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:29 2025 by rpki-client