Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/SIt_sfkznqFCwnHDCSTA1rWmBag.roa
File: SIt_sfkznqFCwnHDCSTA1rWmBag.roa (raw, json)
Hash identifier: kQihvmijhWrfdpgkXdHuK7ZFu3TfttFpnL4/bJjZWC8=
Subject key identifier: 48:8B:7F:B1:F9:33:9E:A1:42:C2:71:C3:09:24:C0:D6:B5:A6:05:A8
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 018446B3F5E1693B62D57508449278942F83
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/SIt_sfkznqFCwnHDCSTA1rWmBag.roa
Signing time: Sat 05 Nov 2022 07:31:49 +0000
ROA not before: Sat 05 Nov 2022 07:31:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49581
IP address blocks: 62.182.171.0/24 maxlen: 24
62.182.170.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:46:b3:f5:e1:69:3b:62:d5:75:08:44:92:78:94:2f:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Nov 5 07:31:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=488b7fb1f9339ea142c271c30924c0d6b5a605a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:49:b6:1d:92:cb:1a:57:f5:ff:6c:b0:e8:73:
af:3a:50:65:08:6f:0f:ed:d2:1a:6c:7f:e1:9a:98:
f6:4c:ae:b7:29:92:3e:90:00:aa:78:19:a2:97:7f:
a1:5f:f4:10:28:6c:8f:91:f8:80:b0:89:b7:38:b7:
ef:d7:59:7d:76:09:2e:19:b5:09:7f:a9:10:9a:08:
4a:b1:0b:60:0c:34:1f:f2:1b:03:dc:46:4c:d9:5e:
19:24:65:62:cb:e0:77:af:f4:cf:9a:fb:1c:13:73:
3d:a6:fd:fa:03:6f:c2:fb:74:80:65:b9:61:f8:df:
2b:6a:0d:de:18:e9:d1:41:07:04:e4:bb:c6:e5:3c:
fa:b1:ca:64:7a:a6:de:f0:4e:ba:84:14:f2:a8:06:
82:98:79:84:d6:c0:b6:a8:ed:db:fb:4e:31:0b:b1:
1f:6d:69:b5:37:3f:c5:f8:b5:1c:76:b4:f9:bd:10:
0a:87:32:47:db:6f:a0:c1:9c:e3:b8:74:4b:da:be:
3b:4b:70:42:0f:96:ce:dc:6d:44:4c:e7:0b:51:9b:
01:bf:07:cd:8d:77:5a:e3:ed:44:85:4d:d5:65:6e:
c9:e6:6a:a6:2d:e5:33:f7:a4:11:d9:30:a4:62:69:
2a:26:a4:10:19:19:38:da:cb:9d:3d:10:81:1d:46:
7b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:8B:7F:B1:F9:33:9E:A1:42:C2:71:C3:09:24:C0:D6:B5:A6:05:A8
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/SIt_sfkznqFCwnHDCSTA1rWmBag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.170.0/23
Signature Algorithm: sha256WithRSAEncryption
04:87:34:a1:4a:0d:58:d4:02:89:e2:d9:3d:69:0e:a2:fa:84:
a7:b6:46:f8:07:2d:f1:d6:d8:83:79:83:02:8b:81:2a:ed:e9:
27:56:22:53:8a:a0:a2:65:8b:7a:0e:bc:ff:ed:78:e4:28:44:
94:4a:b9:0a:92:2e:b4:a6:e5:cc:60:e0:8d:1f:ce:53:0a:ac:
e5:07:4c:f5:74:b9:24:7b:91:68:9c:ba:a9:f0:67:4b:d6:eb:
b6:67:27:c2:74:ca:ab:14:29:2b:ad:16:14:eb:07:bf:e0:2c:
50:3a:59:5e:0b:26:31:20:79:cd:4c:77:62:0d:a5:81:a9:e4:
ca:06:3e:44:66:ab:5f:4f:da:08:6c:13:86:4e:e8:4f:89:7e:
f8:87:a9:43:1b:94:87:b0:81:c6:fd:ab:d6:a9:00:97:e4:6d:
88:73:be:40:9b:3a:6f:ae:cc:c5:3a:71:d5:6a:ae:9e:a2:e3:
16:cc:de:66:4a:4e:b2:c3:27:46:6f:21:42:a9:8e:ec:de:42:
cb:d5:92:ab:92:7c:24:db:59:3b:28:4c:91:69:45:d8:dd:69:
c8:d2:bc:c9:ee:02:e2:c3:fe:ff:e1:5a:ff:25:41:17:82:c0:
54:4e:41:d6:97:42:68:4f:3d:b3:dc:e9:82:e3:78:c5:32:72:
d6:7c:04:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRGs/XhaTti1XUIRJJ4lC+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjIxMTA1MDczMTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODhiN2ZiMWY5MzM5ZWExNDJjMjcxYzMwOTI0YzBkNmI1YTYwNWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkm2HZLLGlf1/2yw6HOvOlBlCG8P
7dIabH/hmpj2TK63KZI+kACqeBmil3+hX/QQKGyPkfiAsIm3OLfv11l9dgkuGbUJ
f6kQmghKsQtgDDQf8hsD3EZM2V4ZJGViy+B3r/TPmvscE3M9pv36A2/C+3SAZblh
+N8rag3eGOnRQQcE5LvG5Tz6scpkeqbe8E66hBTyqAaCmHmE1sC2qO3b+04xC7Ef
bWm1Nz/F+LUcdrT5vRAKhzJH22+gwZzjuHRL2r47S3BCD5bO3G1ETOcLUZsBvwfN
jXda4+1EhU3VZW7J5mqmLeUz96QR2TCkYmkqJqQQGRk42sudPRCBHUZ7+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEiLf7H5M56hQsJxwwkkwNa1pgWoMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvU0l0X3Nma3pucUZDd25IRENTVEExcldtQmFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBPraqMA0G
CSqGSIb3DQEBCwUAA4IBAQAEhzShSg1Y1AKJ4tk9aQ6i+oSntkb4By3x1tiDeYMC
i4Eq7eknViJTiqCiZYt6Drz/7XjkKESUSrkKki60puXMYOCNH85TCqzlB0z1dLkk
e5FonLqp8GdL1uu2ZyfCdMqrFCkrrRYU6we/4CxQOlleCyYxIHnNTHdiDaWBqeTK
Bj5EZqtfT9oIbBOGTuhPiX74h6lDG5SHsIHG/avWqQCX5G2Ic75AmzpvrszFOnHV
aq6eouMWzN5mSk6ywydGbyFCqY7s3kLL1ZKrknwk21k7KEyRaUXY3WnI0rzJ7gLi
w/7/4Vr/JUEXgsBUTkHWl0JoTz2z3OmC43jFMnLWfARS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:04 2024 by rpki-client on console-fra.rpki-client.org