Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/TFjOTP91SJx54FUBbfilZpnY3Gg.roa
File: TFjOTP91SJx54FUBbfilZpnY3Gg.roa (raw, json)
Hash identifier: SNRKF/wj7jgP9YDj56UhqPVd2k4hI2g0xdgEV1z1nT0=
Subject key identifier: 4C:58:CE:4C:FF:75:48:9C:79:E0:55:01:6D:F8:A5:66:99:D8:DC:68
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 01889E9BD212922D00488DC5CDCE292D5BE5
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/TFjOTP91SJx54FUBbfilZpnY3Gg.roa
Signing time: Fri 09 Jun 2023 05:23:11 +0000
ROA not before: Fri 09 Jun 2023 05:23:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 62.182.170.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9e:9b:d2:12:92:2d:00:48:8d:c5:cd:ce:29:2d:5b:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Jun 9 05:23:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c58ce4cff75489c79e055016df8a56699d8dc68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c3:72:b8:be:2a:ed:0f:98:32:87:87:a9:64:
10:3f:ec:db:d5:a2:65:a0:d6:6e:3e:cf:96:71:de:
dd:57:12:fe:70:fe:05:42:9c:c6:3d:b3:40:cf:09:
1b:2b:3c:7a:3f:d5:c1:3f:bf:04:6f:f3:20:39:2c:
ea:fe:58:93:2f:46:0e:97:b4:a1:c1:a8:f4:ab:ba:
e2:83:23:eb:8e:a5:64:16:53:6f:54:6a:b9:44:ba:
af:fa:e3:dd:48:f1:22:07:be:d8:bf:2c:3f:99:59:
e7:65:2d:d4:ef:da:ac:6c:ee:55:63:b1:a2:52:f1:
56:84:db:41:03:20:f6:6a:83:dc:7c:81:78:d2:9d:
0d:7a:c4:fc:1a:0d:c8:3b:18:6b:3c:2e:cb:29:0a:
a7:fb:34:70:7f:7a:99:9b:13:05:fc:82:c0:eb:ba:
c8:cc:e8:35:96:21:17:ca:15:93:c5:71:83:b6:d1:
d9:5e:29:00:36:30:6f:99:a2:53:64:61:1a:cd:fc:
24:67:fe:ae:50:09:50:ad:1f:25:80:8b:51:63:0d:
ac:54:2d:68:eb:8f:06:c9:ca:eb:39:f9:a7:71:b7:
8a:10:b0:82:73:b2:5a:90:e3:61:a0:59:27:14:bb:
20:0f:17:ad:aa:a0:22:60:d7:15:54:01:69:0c:a8:
f6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:58:CE:4C:FF:75:48:9C:79:E0:55:01:6D:F8:A5:66:99:D8:DC:68
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/TFjOTP91SJx54FUBbfilZpnY3Gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.170.0/24
Signature Algorithm: sha256WithRSAEncryption
70:d2:6a:da:97:9b:99:93:30:ee:32:fb:98:78:d7:8b:b9:3c:
5a:e6:0f:59:f0:a1:5c:7d:93:4d:d9:cb:83:db:65:bf:1c:83:
1f:73:4d:50:5e:4d:10:13:4f:a0:4b:9e:1a:41:af:bb:fa:d6:
92:ee:e2:29:04:22:48:30:2a:98:bc:15:21:97:4d:ea:94:fc:
e5:68:a5:2a:5e:21:b2:9f:8e:57:dc:7c:36:40:71:4c:ef:62:
39:e8:58:52:b1:b1:70:3e:82:67:30:66:5a:c3:09:cb:c4:73:
7b:3f:10:4d:b4:75:5a:bc:bc:c7:80:bd:be:50:3f:95:4b:9e:
1e:02:64:9d:b3:1e:2f:a1:c0:e0:c1:67:5c:f4:04:32:51:3a:
a5:6b:13:4b:f6:68:cd:75:ab:c6:51:1e:c1:42:4d:ef:cd:8b:
35:2b:d6:fb:02:3b:26:25:57:0b:2d:72:5f:0c:9b:bf:f5:5d:
a6:aa:89:d9:c0:0e:bc:d6:38:0f:d1:4f:2d:a4:a4:f9:85:76:
0f:12:67:50:c3:cb:99:e1:a7:c1:ee:70:8f:55:a6:09:5b:96:
68:46:3e:72:e0:1b:c3:7b:35:76:5e:e5:29:5b:7b:27:15:22:
f2:3d:66:56:9b:23:1c:e6:64:20:b1:e4:9c:ba:17:b7:24:78:
6a:f7:98:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiem9ISki0ASI3Fzc4pLVvlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwNjA5MDUyMzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzU4Y2U0Y2ZmNzU0ODljNzllMDU1MDE2ZGY4YTU2Njk5ZDhkYzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMNyuL4q7Q+YMoeHqWQQP+zb1aJl
oNZuPs+Wcd7dVxL+cP4FQpzGPbNAzwkbKzx6P9XBP78Eb/MgOSzq/liTL0YOl7Sh
waj0q7rigyPrjqVkFlNvVGq5RLqv+uPdSPEiB77Yvyw/mVnnZS3U79qsbO5VY7Gi
UvFWhNtBAyD2aoPcfIF40p0NesT8Gg3IOxhrPC7LKQqn+zRwf3qZmxMF/ILA67rI
zOg1liEXyhWTxXGDttHZXikANjBvmaJTZGEazfwkZ/6uUAlQrR8lgItRYw2sVC1o
648GycrrOfmncbeKELCCc7JakONhoFknFLsgDxetqqAiYNcVVAFpDKj2lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFExYzkz/dUiceeBVAW34pWaZ2NxoMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvVEZqT1RQOTFTSng1NEZVQmJmaWxacG5ZM0dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPraqMA0G
CSqGSIb3DQEBCwUAA4IBAQBw0mral5uZkzDuMvuYeNeLuTxa5g9Z8KFcfZNN2cuD
22W/HIMfc01QXk0QE0+gS54aQa+7+taS7uIpBCJIMCqYvBUhl03qlPzlaKUqXiGy
n45X3Hw2QHFM72I56FhSsbFwPoJnMGZawwnLxHN7PxBNtHVavLzHgL2+UD+VS54e
AmSdsx4vocDgwWdc9AQyUTqlaxNL9mjNdavGUR7BQk3vzYs1K9b7AjsmJVcLLXJf
DJu/9V2mqonZwA681jgP0U8tpKT5hXYPEmdQw8uZ4afB7nCPVaYJW5ZoRj5y4BvD
ezV2XuUpW3snFSLyPWZWmyMc5mQgseScuhe3JHhq95iR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:04 2024 by rpki-client on console-fra.rpki-client.org