Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/DayfWvJO1hldm1BpucACBpU9RMM.roa
File: DayfWvJO1hldm1BpucACBpU9RMM.roa (raw, json)
Hash identifier: S61k5qboL6qB0qqc7g2hsxJhmFedIHCLEqihtwPmS5M=
Subject key identifier: 0D:AC:9F:5A:F2:4E:D6:19:5D:9B:50:69:B9:C0:02:06:95:3D:44:C3
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 0189DAE96DFD8B7E4B3DAAE1F391669BBB7A
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/DayfWvJO1hldm1BpucACBpU9RMM.roa
Signing time: Wed 09 Aug 2023 15:27:58 +0000
ROA not before: Wed 09 Aug 2023 15:27:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 62.182.169.0/24 maxlen: 24
194.15.152.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:da:e9:6d:fd:8b:7e:4b:3d:aa:e1:f3:91:66:9b:bb:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Aug 9 15:27:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0dac9f5af24ed6195d9b5069b9c00206953d44c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d2:8f:4f:91:73:49:27:76:31:7d:0f:3c:e0:
1d:ab:e4:65:c6:26:76:0d:27:4a:4f:6d:58:91:ab:
39:17:73:16:f7:2d:d3:ac:e3:ed:65:7c:54:9e:81:
8b:68:c0:f9:bf:6b:27:1f:93:e8:05:8c:c5:63:9e:
18:68:a3:fe:bd:25:73:4c:d1:7f:e6:04:31:d3:2f:
38:20:28:5c:15:8a:76:b2:e9:05:eb:2f:cb:40:a0:
3d:15:b5:98:3f:45:96:84:5f:87:76:df:05:2e:d4:
31:11:d3:ad:fa:c4:66:f5:b0:9d:99:58:51:de:1e:
a7:2e:af:e8:f4:3d:d0:26:78:e3:7e:24:30:6a:eb:
0c:02:ef:95:c9:d5:6d:c9:fa:fc:a9:d1:f0:65:54:
42:cd:5d:e9:58:40:2f:e1:5a:74:0c:9a:d2:4b:22:
fe:9f:da:5f:d9:51:25:bd:d6:9b:0b:55:7a:c2:53:
f8:00:16:81:89:a5:a0:28:79:bd:7e:00:6b:0b:a0:
6e:5a:3c:a7:1b:07:cc:e4:b8:e3:90:7c:93:ff:5d:
46:87:af:9b:b1:12:a2:ef:52:85:2c:66:f3:74:58:
c0:8f:72:ab:7d:fb:4e:ac:a8:cd:23:3d:21:70:5c:
df:b4:01:9a:45:40:b4:89:32:fa:ce:79:55:71:2f:
ff:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:AC:9F:5A:F2:4E:D6:19:5D:9B:50:69:B9:C0:02:06:95:3D:44:C3
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/DayfWvJO1hldm1BpucACBpU9RMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.169.0/24
194.15.152.0/24
Signature Algorithm: sha256WithRSAEncryption
06:c4:bf:e8:a9:d7:95:de:91:63:af:6d:23:e2:8c:99:73:64:
6c:63:cc:c7:c8:68:61:f4:38:b6:68:8d:01:c0:27:c0:d6:b9:
ac:71:b1:9a:ad:9f:f0:f6:21:65:84:7e:10:fe:72:39:4b:4e:
dc:65:64:71:e4:a7:33:47:1e:da:7a:32:c2:68:19:d6:4a:5b:
fa:c3:10:ec:73:0a:89:ff:35:8c:ab:22:03:2c:e5:a0:3b:0f:
14:8a:c8:8b:6f:dd:f6:d9:b5:6a:62:82:01:d1:d7:e9:6e:48:
a2:07:0c:f6:a8:68:1e:54:93:7c:d0:26:77:92:2b:4a:0a:a6:
a9:47:48:af:b8:8e:5a:16:4b:de:4b:6d:cc:53:36:5a:64:f4:
32:7b:d8:e2:34:a6:c2:4e:90:e5:53:67:eb:c3:41:e2:a1:9a:
b1:63:22:c1:dc:9a:a1:72:d8:38:d1:6b:ec:6b:c9:a9:79:f7:
ef:5d:55:b3:e2:60:a1:cc:ec:48:91:e7:c8:35:9b:84:28:9b:
20:44:ed:da:91:09:b2:58:12:87:07:17:ab:f2:28:69:28:f1:
e7:d9:55:5a:4c:c3:83:41:89:b9:14:bc:d2:c9:92:8d:80:8c:
64:f0:bc:e3:44:40:93:de:ae:09:1b:ec:58:78:d2:36:21:b1:
55:05:47:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYna6W39i35LParh85Fmm7t6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwODA5MTUyNzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGFjOWY1YWYyNGVkNjE5NWQ5YjUwNjliOWMwMDIwNjk1M2Q0NGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtKPT5FzSSd2MX0PPOAdq+RlxiZ2
DSdKT21Ykas5F3MW9y3TrOPtZXxUnoGLaMD5v2snH5PoBYzFY54YaKP+vSVzTNF/
5gQx0y84IChcFYp2sukF6y/LQKA9FbWYP0WWhF+Hdt8FLtQxEdOt+sRm9bCdmVhR
3h6nLq/o9D3QJnjjfiQwausMAu+VydVtyfr8qdHwZVRCzV3pWEAv4Vp0DJrSSyL+
n9pf2VElvdabC1V6wlP4ABaBiaWgKHm9fgBrC6BuWjynGwfM5LjjkHyT/11Gh6+b
sRKi71KFLGbzdFjAj3KrfftOrKjNIz0hcFzftAGaRUC0iTL6znlVcS//gwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA2sn1ryTtYZXZtQabnAAgaVPUTDMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvRGF5Zld2Sk8xaGxkbTFCcHVjQUNCcFU5Uk1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPrapAwQA
wg+YMA0GCSqGSIb3DQEBCwUAA4IBAQAGxL/oqdeV3pFjr20j4oyZc2RsY8zHyGhh
9Di2aI0BwCfA1rmscbGarZ/w9iFlhH4Q/nI5S07cZWRx5KczRx7aejLCaBnWSlv6
wxDscwqJ/zWMqyIDLOWgOw8UisiLb9322bVqYoIB0dfpbkiiBwz2qGgeVJN80CZ3
kitKCqapR0ivuI5aFkveS23MUzZaZPQye9jiNKbCTpDlU2frw0HioZqxYyLB3Jqh
ctg40Wvsa8mpeffvXVWz4mChzOxIkefINZuEKJsgRO3akQmyWBKHBxer8ihpKPHn
2VVaTMODQYm5FLzSyZKNgIxk8LzjRECT3q4JG+xYeNI2IbFVBUfJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:09 2024 by rpki-client on console-ams.rpki-client.org