Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/OSqJl3wERp4mglE839HK_aw8Rn4.roa
File: OSqJl3wERp4mglE839HK_aw8Rn4.roa (raw, json)
Hash identifier: vg1WbclxgKHTGC1JrYuCyS2Up7h+AsJ4Q2dn/bmKbtE=
Subject key identifier: 39:2A:89:97:7C:04:46:9E:26:82:51:3C:DF:D1:CA:FD:AC:3C:46:7E
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 01843E2F2DA25C1890FCA40AA3EA7867440A
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/OSqJl3wERp4mglE839HK_aw8Rn4.roa
Signing time: Thu 03 Nov 2022 15:49:50 +0000
ROA not before: Thu 03 Nov 2022 15:49:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60602
IP address blocks: 62.182.168.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3e:2f:2d:a2:5c:18:90:fc:a4:0a:a3:ea:78:67:44:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Nov 3 15:49:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=392a89977c04469e2682513cdfd1cafdac3c467e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7f:85:63:79:df:1d:0d:02:cf:87:2c:67:10:
68:4d:ed:43:4c:c7:de:35:8c:8a:cc:9f:62:3c:0c:
78:97:a8:19:46:ec:53:dc:e8:9a:5c:7b:ab:86:80:
b2:f1:6a:5b:84:a1:d6:3e:ad:e6:c2:5c:07:70:50:
2b:4c:ea:d3:24:6c:4c:f0:1e:c5:e1:f5:ce:08:d0:
e7:d2:19:af:0e:23:62:34:5e:35:56:fb:7c:f4:f7:
83:3b:6c:dd:ec:42:a5:ef:4f:fb:53:df:58:d1:7b:
75:70:ef:46:3e:cb:8a:47:52:59:90:4e:02:10:de:
21:bb:e6:d5:6f:bf:e1:0d:61:39:24:43:ee:e6:38:
ca:75:c4:d2:19:be:95:f5:86:5b:c8:9b:21:18:a8:
7a:c2:d1:11:c6:11:02:55:c0:a7:e6:39:c1:da:5b:
34:94:85:37:ef:2c:e1:8e:ff:b2:68:4e:4b:4d:df:
77:eb:f3:03:0c:c1:bd:4b:f9:84:e9:94:2d:9f:ed:
28:73:55:c4:c0:cf:1c:c9:15:7f:49:b1:29:ee:bb:
6d:8b:17:bf:e0:54:cb:c2:0c:06:f2:51:91:ee:7d:
fd:5d:06:a1:0c:b7:03:95:68:bb:99:9b:64:39:20:
ff:26:08:56:1b:27:d5:ca:57:95:18:5c:d7:7f:29:
d6:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:2A:89:97:7C:04:46:9E:26:82:51:3C:DF:D1:CA:FD:AC:3C:46:7E
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/OSqJl3wERp4mglE839HK_aw8Rn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.168.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:05:0b:b4:17:f9:ce:a9:72:f4:01:60:20:b3:a0:43:00:30:
12:8b:53:7b:51:41:ca:d4:d5:0d:21:bf:e2:f8:9f:1a:c3:52:
f5:87:87:99:43:38:e7:77:ad:97:55:06:15:c8:ca:50:72:df:
64:9d:15:93:ab:65:4c:87:c7:72:d2:7e:68:d6:8f:50:0b:ac:
e9:22:76:8e:a7:a7:58:59:74:de:a5:e6:31:79:00:05:99:4a:
f7:58:02:ab:ee:64:f7:d2:0b:83:9e:6c:37:24:ef:30:33:52:
7a:87:53:87:31:53:2d:16:77:02:12:59:9b:a3:7a:a2:8b:5f:
69:dc:04:ae:eb:c4:b7:b1:8b:40:ac:3f:2e:02:34:74:f2:cb:
9e:57:f8:c8:80:1b:14:d2:61:96:e1:ed:85:75:fc:a5:dd:99:
7d:29:bb:42:70:14:ac:16:74:98:d7:22:47:15:83:16:64:d8:
7c:03:19:46:97:84:8d:b4:d9:b0:9f:7b:ef:09:5c:8c:d5:8f:
d0:39:21:8f:c8:f5:91:c8:a0:b7:bb:b4:ea:28:1c:89:fe:35:
7e:61:6a:76:72:ec:54:6d:c9:bf:cc:5e:91:d9:17:4e:38:53:
a1:42:b9:e9:c4:c4:8a:e9:5c:1a:af:c0:0b:5f:8d:e6:44:9b:
ae:bc:c5:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ+Ly2iXBiQ/KQKo+p4Z0QKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjIxMTAzMTU0OTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTJhODk5NzdjMDQ0NjllMjY4MjUxM2NkZmQxY2FmZGFjM2M0NjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3+FY3nfHQ0Cz4csZxBoTe1DTMfe
NYyKzJ9iPAx4l6gZRuxT3OiaXHurhoCy8WpbhKHWPq3mwlwHcFArTOrTJGxM8B7F
4fXOCNDn0hmvDiNiNF41Vvt89PeDO2zd7EKl70/7U99Y0Xt1cO9GPsuKR1JZkE4C
EN4hu+bVb7/hDWE5JEPu5jjKdcTSGb6V9YZbyJshGKh6wtERxhECVcCn5jnB2ls0
lIU37yzhjv+yaE5LTd936/MDDMG9S/mE6ZQtn+0oc1XEwM8cyRV/SbEp7rttixe/
4FTLwgwG8lGR7n39XQahDLcDlWi7mZtkOSD/JghWGyfVyleVGFzXfynW2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDkqiZd8BEaeJoJRPN/Ryv2sPEZ+MB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvT1NxSmwzd0VScDRtZ2xFODM5SEtfYXc4Um40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBPraoMA0G
CSqGSIb3DQEBCwUAA4IBAQAaBQu0F/nOqXL0AWAgs6BDADASi1N7UUHK1NUNIb/i
+J8aw1L1h4eZQzjnd62XVQYVyMpQct9knRWTq2VMh8dy0n5o1o9QC6zpInaOp6dY
WXTepeYxeQAFmUr3WAKr7mT30guDnmw3JO8wM1J6h1OHMVMtFncCElmbo3qii19p
3ASu68S3sYtArD8uAjR08sueV/jIgBsU0mGW4e2Fdfyl3Zl9KbtCcBSsFnSY1yJH
FYMWZNh8AxlGl4SNtNmwn3vvCVyM1Y/QOSGPyPWRyKC3u7TqKByJ/jV+YWp2cuxU
bcm/zF6R2RdOOFOhQrnpxMSK6Vwar8ALX43mRJuuvMX8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:09 2024 by rpki-client on console-ams.rpki-client.org