Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/JYPbk3djgALwMbkk_MRfr6CPReU.roa
File: JYPbk3djgALwMbkk_MRfr6CPReU.roa (raw, json)
Hash identifier: Gvmu9V6Fr8aiYs1xeiuDX+tqjY7pA4RJTd99I2Sv0Q0=
Subject key identifier: 25:83:DB:93:77:63:80:02:F0:31:B9:24:FC:C4:5F:AF:A0:8F:45:E5
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 018571954A3939B9868614FF6506C1256A58
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/JYPbk3djgALwMbkk_MRfr6CPReU.roa
Signing time: Mon 02 Jan 2023 08:24:47 +0000
ROA not before: Mon 02 Jan 2023 08:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 62.182.168.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:4a:39:39:b9:86:86:14:ff:65:06:c1:25:6a:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Jan 2 08:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2583db9377638002f031b924fcc45fafa08f45e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:71:ce:e0:27:c9:d6:60:68:44:3b:75:44:4b:
47:82:d7:04:c1:4a:fe:83:10:36:75:97:97:2b:a0:
94:ec:12:4a:84:b9:e4:44:e2:6b:3b:f8:9c:8c:97:
2e:cd:7a:92:00:cd:99:6f:6c:60:94:94:a8:46:9e:
65:18:8d:1c:43:d6:b1:22:65:95:e9:99:55:1a:50:
21:5b:be:5c:9a:d3:a5:bb:51:c4:e6:51:ff:6b:a4:
5a:30:97:7d:40:14:f0:01:96:16:50:f9:21:59:2d:
43:7a:19:ce:47:5a:b2:ef:f8:5a:fd:9c:60:35:c6:
0d:3b:4b:70:d8:fa:83:6f:ce:b3:7b:9f:c5:29:0e:
32:33:47:ba:66:ef:b1:dc:ce:d3:2c:52:09:9b:44:
77:d0:5f:a7:64:14:cc:89:59:13:d8:e9:7f:c8:8a:
68:cf:98:f1:d3:aa:29:e2:f9:06:95:02:17:97:d9:
5a:a1:ec:b5:52:c8:5a:73:6e:1c:71:e7:92:3c:81:
69:f7:a0:e7:75:9f:a7:08:f3:19:8b:f0:3c:90:48:
8e:55:9d:f0:8e:c8:d8:da:95:2e:7b:9d:8f:00:8a:
d5:cf:b2:d4:b5:41:64:33:60:47:5e:f8:04:15:2a:
0c:ab:84:c1:c3:41:1d:92:d9:ed:56:e7:4e:64:cc:
e0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:83:DB:93:77:63:80:02:F0:31:B9:24:FC:C4:5F:AF:A0:8F:45:E5
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/JYPbk3djgALwMbkk_MRfr6CPReU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.168.0/24
Signature Algorithm: sha256WithRSAEncryption
25:ac:8f:95:03:eb:34:75:be:2b:41:7f:cf:9a:2d:d9:9a:52:
af:bf:c7:ec:bd:3b:3a:b1:01:bc:c2:e5:55:47:97:fd:0e:b8:
15:54:4b:88:c5:bd:d9:02:da:22:be:9c:e6:45:89:5d:a7:c4:
e8:d6:39:1d:65:c2:d3:0e:97:b5:62:1e:74:0c:80:e7:54:eb:
75:63:93:3e:7a:96:70:c7:77:7f:e8:7d:63:65:af:94:7c:79:
dd:7c:61:2e:0e:c3:d9:3b:76:83:d2:25:11:2d:8f:ca:ee:cd:
4a:39:f9:3d:5b:92:54:c9:60:2b:da:7c:70:46:79:fa:9d:96:
67:4c:2c:9d:a9:bf:62:58:f2:92:0e:df:e4:c6:c6:e7:6e:b5:
34:2b:f5:65:02:7c:45:28:d1:56:67:ff:a7:e6:35:eb:85:12:
43:0b:53:65:ba:4b:fa:a9:20:02:a6:ed:67:8f:41:af:4c:ca:
98:ce:b5:67:2d:b2:c6:51:0f:1a:7a:40:01:b9:a1:fb:56:80:
bc:9c:6c:02:df:10:b7:36:b3:51:64:74:c5:a3:20:cb:f2:17:
9a:3a:b4:0d:be:0b:b6:cc:2d:b2:31:47:b3:49:34:78:c2:2c:
b0:2c:f5:23:14:0f:aa:d4:c4:0e:15:54:5d:4e:e2:17:81:c2:
ba:29:43:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlUo5ObmGhhT/ZQbBJWpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwMTAyMDgyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTgzZGI5Mzc3NjM4MDAyZjAzMWI5MjRmY2M0NWZhZmEwOGY0NWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnHO4CfJ1mBoRDt1REtHgtcEwUr+
gxA2dZeXK6CU7BJKhLnkROJrO/icjJcuzXqSAM2Zb2xglJSoRp5lGI0cQ9axImWV
6ZlVGlAhW75cmtOlu1HE5lH/a6RaMJd9QBTwAZYWUPkhWS1DehnOR1qy7/ha/Zxg
NcYNO0tw2PqDb86ze5/FKQ4yM0e6Zu+x3M7TLFIJm0R30F+nZBTMiVkT2Ol/yIpo
z5jx06op4vkGlQIXl9laoey1Ushac24cceeSPIFp96DndZ+nCPMZi/A8kEiOVZ3w
jsjY2pUue52PAIrVz7LUtUFkM2BHXvgEFSoMq4TBw0EdktntVudOZMzgHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCWD25N3Y4AC8DG5JPzEX6+gj0XlMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvSllQYmszZGpnQUx3TWJra19NUmZyNkNQUmVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPraoMA0G
CSqGSIb3DQEBCwUAA4IBAQAlrI+VA+s0db4rQX/Pmi3ZmlKvv8fsvTs6sQG8wuVV
R5f9DrgVVEuIxb3ZAtoivpzmRYldp8To1jkdZcLTDpe1Yh50DIDnVOt1Y5M+epZw
x3d/6H1jZa+UfHndfGEuDsPZO3aD0iURLY/K7s1KOfk9W5JUyWAr2nxwRnn6nZZn
TCydqb9iWPKSDt/kxsbnbrU0K/VlAnxFKNFWZ/+n5jXrhRJDC1Nlukv6qSACpu1n
j0GvTMqYzrVnLbLGUQ8aekABuaH7VoC8nGwC3xC3NrNRZHTFoyDL8heaOrQNvgu2
zC2yMUezSTR4wiywLPUjFA+q1MQOFVRdTuIXgcK6KUO+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:09 2025 by rpki-client