Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/YbFKYJ07C0oLidbbsJnmOFuv7vk.roa
File: YbFKYJ07C0oLidbbsJnmOFuv7vk.roa (raw, json)
Hash identifier: uIPojQwgPE/LpSllR/SnzKn8FgbKjXgPTBLwQsfSgRY=
Subject key identifier: 61:B1:4A:60:9D:3B:0B:4A:0B:89:D6:DB:B0:99:E6:38:5B:AF:EE:F9
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 018571954BABAAB275297FEF6C73EE19853B
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/YbFKYJ07C0oLidbbsJnmOFuv7vk.roa
Signing time: Mon 02 Jan 2023 08:24:47 +0000
ROA not before: Mon 02 Jan 2023 08:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211432
IP address blocks: 62.182.174.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:4b:ab:aa:b2:75:29:7f:ef:6c:73:ee:19:85:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Jan 2 08:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61b14a609d3b0b4a0b89d6dbb099e6385bafeef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b2:00:dc:82:d2:a3:e7:64:71:86:6e:cb:66:
65:a8:e4:4b:f8:82:7e:66:85:e2:ba:c3:32:6b:ac:
93:0b:d2:2d:34:c4:77:97:06:8f:69:b0:5b:ee:10:
5d:c7:fd:c4:64:04:7c:41:02:b1:79:82:fa:06:e6:
b8:90:2a:bf:af:f4:52:8e:c7:d8:38:df:8d:13:17:
10:c9:35:ac:ad:0c:56:f1:7c:75:0d:8e:b9:b1:11:
71:70:fa:f4:2b:e5:f4:01:2c:91:3b:96:76:bc:a9:
46:d7:e2:84:bc:9f:b4:fd:2a:e1:17:5f:42:c2:d3:
6d:1f:49:69:47:08:11:39:d3:b6:b6:a6:6d:02:0f:
d0:bc:3a:95:7d:1c:74:fa:58:97:e3:2c:af:13:30:
89:33:3c:75:8a:2a:47:6f:67:4b:33:7e:cd:01:23:
78:0e:6c:9c:0c:3d:44:16:b0:db:26:07:26:48:a0:
54:11:06:a5:f5:d5:b7:ab:ac:dc:19:6f:93:14:45:
d7:6f:b0:e7:65:39:2d:b8:6d:2d:01:ed:46:7c:52:
e1:fd:65:8d:dd:5c:cf:19:4e:4e:ff:05:90:07:e4:
c2:f8:db:0b:a1:e3:ae:0f:5d:b7:5c:4f:7e:49:50:
fd:db:a4:b3:7c:92:b1:25:2b:d5:df:0b:3a:99:37:
17:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B1:4A:60:9D:3B:0B:4A:0B:89:D6:DB:B0:99:E6:38:5B:AF:EE:F9
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/YbFKYJ07C0oLidbbsJnmOFuv7vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.174.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:9b:40:f0:03:54:34:91:c9:53:e4:bc:27:c6:fe:a6:61:0c:
b4:7d:47:94:10:1f:20:e5:6a:58:25:2c:1c:0f:35:40:95:0e:
6a:f9:5b:23:db:0a:94:2c:73:cf:3d:98:37:6e:73:30:af:34:
c4:6d:67:48:27:36:01:29:b7:08:b8:3a:d6:fa:89:47:89:f6:
f6:86:39:46:94:1e:9e:d4:83:e2:f2:8b:bd:32:0e:e9:42:08:
c3:eb:1a:a1:90:f3:4b:64:a5:33:f0:5b:4d:e6:30:30:99:c3:
64:0a:73:9b:e6:e2:73:19:ae:3b:f6:ea:0e:fc:c2:5f:a8:ec:
a5:3a:42:31:6e:1f:24:62:9a:fb:fc:da:a6:f7:2d:09:0f:2d:
95:60:be:2b:4b:2a:64:bb:71:1e:62:85:c6:82:2f:d2:dc:44:
a4:4b:fe:2a:ff:7d:83:8d:68:1d:ca:fa:b8:26:9c:ff:3c:30:
d9:bc:36:2c:24:15:e1:8d:dd:0c:e7:2b:63:fe:b2:f3:0f:47:
11:9e:92:9b:c7:2f:7b:11:27:60:d6:b4:f7:c3:e4:b2:24:31:
f0:e5:60:c8:00:3c:66:ff:95:b4:47:5c:a7:21:c5:5a:ef:48:
f7:80:f0:c8:79:a5:47:64:1a:59:7e:b6:b5:1a:17:05:72:e7:
1a:97:bb:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlUurqrJ1KX/vbHPuGYU7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwMTAyMDgyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWIxNGE2MDlkM2IwYjRhMGI4OWQ2ZGJiMDk5ZTYzODViYWZlZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrIA3ILSo+dkcYZuy2ZlqORL+IJ+
ZoXiusMya6yTC9ItNMR3lwaPabBb7hBdx/3EZAR8QQKxeYL6Bua4kCq/r/RSjsfY
ON+NExcQyTWsrQxW8Xx1DY65sRFxcPr0K+X0ASyRO5Z2vKlG1+KEvJ+0/SrhF19C
wtNtH0lpRwgROdO2tqZtAg/QvDqVfRx0+liX4yyvEzCJMzx1iipHb2dLM37NASN4
DmycDD1EFrDbJgcmSKBUEQal9dW3q6zcGW+TFEXXb7DnZTktuG0tAe1GfFLh/WWN
3VzPGU5O/wWQB+TC+NsLoeOuD123XE9+SVD926SzfJKxJSvV3ws6mTcXNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGGxSmCdOwtKC4nW27CZ5jhbr+75MB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvWWJGS1lKMDdDMG9MaWRiYnNKbm1PRnV2N3ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPrauMA0G
CSqGSIb3DQEBCwUAA4IBAQCem0DwA1Q0kclT5Lwnxv6mYQy0fUeUEB8g5WpYJSwc
DzVAlQ5q+Vsj2wqULHPPPZg3bnMwrzTEbWdIJzYBKbcIuDrW+olHifb2hjlGlB6e
1IPi8ou9Mg7pQgjD6xqhkPNLZKUz8FtN5jAwmcNkCnOb5uJzGa479uoO/MJfqOyl
OkIxbh8kYpr7/Nqm9y0JDy2VYL4rSypku3EeYoXGgi/S3ESkS/4q/32DjWgdyvq4
Jpz/PDDZvDYsJBXhjd0M5ytj/rLzD0cRnpKbxy97ESdg1rT3w+SyJDHw5WDIADxm
/5W0R1ynIcVa70j3gPDIeaVHZBpZfra1GhcFcucal7uO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:04 2024 by rpki-client on console-fra.rpki-client.org