Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/U9VrGlm7fWPY84E2QnuDru6OGlc.roa
File: U9VrGlm7fWPY84E2QnuDru6OGlc.roa (raw, json)
Hash identifier: yKNiJ4i5aNrdA2Ev6a4R26DAA3NVajnYKFfjOnQKbUw=
Subject key identifier: 53:D5:6B:1A:59:BB:7D:63:D8:F3:81:36:42:7B:83:AE:EE:8E:1A:57
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 01855E54EBB84A3FE17EA1C53AB64F5B9496
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/U9VrGlm7fWPY84E2QnuDru6OGlc.roa
Signing time: Thu 29 Dec 2022 14:41:41 +0000
ROA not before: Thu 29 Dec 2022 14:41:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 62.182.175.0/24 maxlen: 24
194.15.152.0/22 maxlen: 24
194.15.153.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5e:54:eb:b8:4a:3f:e1:7e:a1:c5:3a:b6:4f:5b:94:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Dec 29 14:41:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53d56b1a59bb7d63d8f38136427b83aeee8e1a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0d:2c:7f:a0:29:c3:dc:06:3c:dd:4c:4a:ff:
60:be:33:94:20:cf:47:54:60:3a:9d:c9:95:36:ef:
1a:da:1c:16:66:14:8d:84:b9:e8:f7:01:0d:5f:84:
b3:41:e5:f8:79:2e:06:72:d3:c6:8d:ae:ff:7d:5d:
5d:ac:d8:ca:60:08:ae:89:cd:bf:58:f2:59:23:8a:
69:e6:33:3c:65:cf:0a:6a:1b:e1:39:6a:01:c3:2e:
b4:1d:7d:37:f3:e9:05:fc:63:c6:29:94:03:75:8e:
f2:55:41:47:44:c7:70:fa:98:62:a9:09:a1:50:56:
20:fc:54:cf:6f:c8:92:c4:a8:ab:bf:49:19:36:1e:
35:ba:67:fb:30:ea:e9:56:08:b8:cd:18:e1:62:90:
58:e9:47:25:06:51:46:88:a1:72:b7:23:95:12:3e:
b1:b5:ef:cc:12:25:3f:96:63:3f:a9:05:48:59:ef:
ed:ca:e3:11:50:03:4d:a1:2d:de:42:64:4f:04:20:
16:3a:14:c5:8e:b9:b0:1a:64:60:3b:9d:df:01:9e:
28:82:e5:b8:52:08:6a:9c:62:21:72:56:02:d7:25:
59:0a:da:db:eb:39:6c:e4:14:fd:a2:3a:cd:47:ce:
a5:d0:a4:3a:3f:c4:4a:e6:50:c6:1e:5a:1b:23:68:
a9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D5:6B:1A:59:BB:7D:63:D8:F3:81:36:42:7B:83:AE:EE:8E:1A:57
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/U9VrGlm7fWPY84E2QnuDru6OGlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.175.0/24
194.15.152.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:f9:b4:d5:aa:b5:b5:cc:3f:fc:6c:6f:f0:cc:7e:4a:97:db:
e7:c4:7c:fd:23:e4:6f:41:28:a8:62:31:5b:e8:08:1b:b1:0f:
e6:0c:5b:54:c5:83:2a:d2:30:96:95:cb:66:23:27:b5:23:c1:
9e:99:ca:77:37:55:2f:ee:68:ad:8c:59:f6:7f:31:b8:2b:cc:
5e:66:75:ab:c3:05:9e:a1:53:61:0e:01:c1:29:c6:5f:8a:67:
73:6e:7d:8c:ae:95:d4:ff:ab:52:c7:40:9f:c7:53:28:d3:64:
36:a3:4e:10:e7:89:d7:1a:97:31:8d:de:19:4a:75:14:a8:18:
d2:93:f3:1c:7e:88:db:79:2e:68:a7:31:be:92:4d:65:01:ef:
1e:4c:79:c0:e9:d0:8e:f2:d5:9d:a2:18:30:5e:57:05:47:bb:
15:88:d7:1e:89:a3:dc:ff:a8:1a:68:da:8e:ef:85:bb:04:10:
57:58:8f:90:a9:49:6d:91:a2:e2:d8:0a:ff:be:bf:25:d6:8e:
5f:63:75:67:2f:1e:4d:a9:5c:14:42:8b:a0:a5:c6:4d:b1:d6:
13:66:10:73:fc:bb:b6:c5:bc:07:f1:a4:68:2c:a4:f1:4b:87:
ac:89:99:9f:17:20:20:a7:43:f2:05:98:c4:b2:7b:9e:01:cc:
40:e2:83:c4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVeVOu4Sj/hfqHFOrZPW5SWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjIxMjI5MTQ0MTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2Q1NmIxYTU5YmI3ZDYzZDhmMzgxMzY0MjdiODNhZWVlOGUxYTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQ0sf6Apw9wGPN1MSv9gvjOUIM9H
VGA6ncmVNu8a2hwWZhSNhLno9wENX4SzQeX4eS4GctPGja7/fV1drNjKYAiuic2/
WPJZI4pp5jM8Zc8KahvhOWoBwy60HX038+kF/GPGKZQDdY7yVUFHRMdw+phiqQmh
UFYg/FTPb8iSxKirv0kZNh41umf7MOrpVgi4zRjhYpBY6UclBlFGiKFytyOVEj6x
te/MEiU/lmM/qQVIWe/tyuMRUANNoS3eQmRPBCAWOhTFjrmwGmRgO53fAZ4oguW4
UghqnGIhclYC1yVZCtrb6zls5BT9ojrNR86l0KQ6P8RK5lDGHlobI2ipNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFPVaxpZu31j2POBNkJ7g67ujhpXMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvVTlWckdsbTdmV1BZODRFMlFudURydTZPR2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPravAwQC
wg+YMA0GCSqGSIb3DQEBCwUAA4IBAQCg+bTVqrW1zD/8bG/wzH5Kl9vnxHz9I+Rv
QSioYjFb6AgbsQ/mDFtUxYMq0jCWlctmIye1I8Gemcp3N1Uv7mitjFn2fzG4K8xe
ZnWrwwWeoVNhDgHBKcZfimdzbn2MrpXU/6tSx0Cfx1Mo02Q2o04Q54nXGpcxjd4Z
SnUUqBjSk/McfojbeS5opzG+kk1lAe8eTHnA6dCO8tWdohgwXlcFR7sViNceiaPc
/6gaaNqO74W7BBBXWI+QqUltkaLi2Ar/vr8l1o5fY3VnLx5NqVwUQougpcZNsdYT
ZhBz/Lu2xbwH8aRoLKTxS4esiZmfFyAgp0PyBZjEsnueAcxA4oPE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:09 2024 by rpki-client on console-ams.rpki-client.org