Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/G3VMS3eQXM9d5rsF2zgti2leTxo.roa
File: G3VMS3eQXM9d5rsF2zgti2leTxo.roa (raw, json)
Hash identifier: 3eqMRfTJomHjIJsFm82y/Xh/8DfXU8zxFYwRRCee/Bs=
Subject key identifier: 1B:75:4C:4B:77:90:5C:CF:5D:E6:BB:05:DB:38:2D:8B:69:5E:4F:1A
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 01DF7F1E
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/G3VMS3eQXM9d5rsF2zgti2leTxo.roa
Signing time: Sun 23 Jan 2022 12:45:46 +0000
ROA not before: Sun 23 Jan 2022 12:45:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 62.182.172.0/22 maxlen: 22
62.182.168.0/22 maxlen: 22
83.97.100.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31424286 (0x1df7f1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Jan 23 12:45:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b754c4b77905ccf5de6bb05db382d8b695e4f1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a3:09:e6:06:30:ee:a7:d2:45:16:c7:57:b9:
a0:b5:88:0b:37:fb:34:b5:b1:43:c5:a5:c7:ba:82:
e5:ea:5d:fb:d5:46:eb:c9:5a:e4:b7:53:3a:fb:30:
4f:2a:f9:65:da:8d:7c:a2:07:cf:0e:ea:5c:81:26:
2c:2f:39:fe:91:2e:65:a8:54:cf:11:bd:0d:09:69:
30:ca:72:44:2a:c7:69:03:39:07:29:c1:ca:86:1e:
e0:96:12:81:a7:c6:2a:d5:c2:90:44:a5:97:f0:26:
2d:31:41:18:bd:17:58:6e:83:61:9a:b0:15:a2:ca:
fe:c4:50:88:30:71:76:04:6b:48:5f:c9:9a:d2:45:
b6:04:77:50:d0:b7:23:0f:41:c7:70:62:3b:60:10:
d5:2c:8a:22:41:66:22:75:03:2d:6d:08:21:1e:22:
dd:d7:c3:36:85:0d:2b:4a:c6:6f:00:19:82:c4:59:
28:32:c3:dc:27:eb:cd:a3:fb:d9:03:1c:53:b2:7a:
4a:ad:1e:17:26:70:0e:dd:2c:7e:db:dd:28:cc:a1:
6a:b7:f4:2b:51:e5:4b:0e:1d:a5:8c:b8:e2:06:af:
70:40:fe:0a:11:2f:03:5a:f2:ad:eb:8e:d6:43:4f:
ae:56:26:e3:96:32:42:e1:40:ba:f6:44:6b:56:2e:
17:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:75:4C:4B:77:90:5C:CF:5D:E6:BB:05:DB:38:2D:8B:69:5E:4F:1A
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/G3VMS3eQXM9d5rsF2zgti2leTxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.168.0/21
83.97.100.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:1f:6a:53:71:56:0f:ef:a6:b0:0f:1d:93:9e:71:6d:b9:3f:
16:c8:a5:40:d5:6d:c3:4d:e6:27:90:9e:54:5e:f0:3f:13:25:
64:d9:e8:11:8d:36:f1:78:1f:bc:6e:03:32:9c:e6:b2:62:26:
18:2e:e3:08:25:bc:d5:ac:a1:cc:20:54:6b:5a:66:aa:7c:46:
5c:6e:87:af:17:ac:29:cb:6c:37:c7:3f:f9:8b:82:30:14:58:
43:24:c8:85:be:14:10:18:44:ff:5a:b5:06:cc:bd:f3:5c:6e:
b3:b7:61:a8:c6:55:f8:6f:0f:9f:3f:17:6b:c4:45:73:68:bf:
bd:a1:94:5c:11:40:fa:18:e0:50:18:bf:68:03:84:83:d0:3d:
83:2e:55:95:33:c0:e8:eb:9b:af:57:27:bb:ad:10:ac:e1:52:
ef:53:4b:e7:a3:5d:7f:16:4b:f4:60:4a:b7:98:ac:0a:78:74:
29:0b:f3:73:82:63:5d:1b:bc:29:77:8f:f9:59:a6:24:4d:0d:
fa:be:af:d9:45:d9:a3:df:50:43:03:b3:94:d3:ca:f8:25:94:
25:f9:78:56:1b:27:e6:9f:a1:51:96:66:e8:71:33:51:55:90:
63:1e:bd:ec:33:88:0f:92:16:ac:ca:90:c8:0d:db:fb:1b:71:
a9:2d:b6:89
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAd9/HjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YzRlZDk0MmU1Yzc0MmU3N2JmYjliZWI5NTRmODcyNTM0ZjUyODQ4MB4XDTIyMDEy
MzEyNDU0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWI3NTRjNGI3Nzkw
NWNjZjVkZTZiYjA1ZGIzODJkOGI2OTVlNGYxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIOjCeYGMO6n0kUWx1e5oLWICzf7NLWxQ8Wlx7qC5epd+9VG
68la5LdTOvswTyr5ZdqNfKIHzw7qXIEmLC85/pEuZahUzxG9DQlpMMpyRCrHaQM5
BynByoYe4JYSgafGKtXCkESll/AmLTFBGL0XWG6DYZqwFaLK/sRQiDBxdgRrSF/J
mtJFtgR3UNC3Iw9Bx3BiO2AQ1SyKIkFmInUDLW0IIR4i3dfDNoUNK0rGbwAZgsRZ
KDLD3CfrzaP72QMcU7J6Sq0eFyZwDt0sftvdKMyharf0K1HlSw4dpYy44gavcED+
ChEvA1ryreuO1kNPrlYm45YyQuFAuvZEa1YuFyMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQbdUxLd5Bcz13muwXbOC2LaV5PGjAfBgNVHSMEGDAWgBQ8TtlC5cdC53v7
m+uVT4clNPUoSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BFN1pRdVhIUXVkNy01dnJsVS1ISlRUMUtFZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvMWJiNDVhLTU1MWMtNDk2Ny05NWNhLTc3MzQ0YmNjOTE5MS8x
L0czVk1TM2VRWE05ZDVyc0Yyemd0aTJsZVR4by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
MWJiNDVhLTU1MWMtNDk2Ny05NWNhLTc3MzQ0YmNjOTE5MS8xL1BFN1pRdVhIUXVk
Ny01dnJsVS1ISlRUMUtFZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAz62qAMEAlNhZDANBgkqhkiG9w0B
AQsFAAOCAQEAbx9qU3FWD++msA8dk55xbbk/FsilQNVtw03mJ5CeVF7wPxMlZNno
EY028XgfvG4DMpzmsmImGC7jCCW81ayhzCBUa1pmqnxGXG6HrxesKctsN8c/+YuC
MBRYQyTIhb4UEBhE/1q1Bsy981xus7dhqMZV+G8Pnz8Xa8RFc2i/vaGUXBFA+hjg
UBi/aAOEg9A9gy5VlTPA6Oubr1cnu60QrOFS71NL56NdfxZL9GBKt5isCnh0KQvz
c4JjXRu8KXeP+VmmJE0N+r6v2UXZo99QQwOzlNPK+CWUJfl4Vhsn5p+hUZZm6HEz
UVWQYx697DOID5IWrMqQyA3b+xtxqS22iQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:38 2025 by rpki-client