Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/bMzqr0zgVb80B6TS7k6Es4O5Oxw.roa
File: bMzqr0zgVb80B6TS7k6Es4O5Oxw.roa (raw, json)
Hash identifier: kx+8VfJ1d7lx4oK4wqOp2e0UMI61LMWnXS5d9hogjQQ=
Subject key identifier: 6C:CC:EA:AF:4C:E0:55:BF:34:07:A4:D2:EE:4E:84:B3:83:B9:3B:1C
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 0189F7CBB19220F8D290B9C8CE3C812D060F
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/bMzqr0zgVb80B6TS7k6Es4O5Oxw.roa
Signing time: Tue 15 Aug 2023 06:04:28 +0000
ROA not before: Tue 15 Aug 2023 06:04:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 62.182.170.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f7:cb:b1:92:20:f8:d2:90:b9:c8:ce:3c:81:2d:06:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Aug 15 06:04:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ccceaaf4ce055bf3407a4d2ee4e84b383b93b1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:11:ea:03:2e:63:21:f7:79:10:02:55:cb:6c:
b4:e3:d5:8e:49:48:d8:d9:93:50:c1:f9:af:c1:2d:
d3:e3:78:22:0b:87:b9:dd:72:c7:7f:35:c3:31:52:
71:b0:b5:9d:ea:15:76:17:57:0f:20:b7:fd:c2:d2:
a3:cb:05:ab:07:3f:58:4f:d1:1a:72:44:3e:bc:64:
e3:79:1c:e0:2f:e4:60:e0:da:36:f5:65:20:85:74:
b1:e4:7c:79:bd:ab:76:0f:7d:15:1d:e9:2b:1d:a0:
6e:79:76:b3:e2:f1:9c:8e:61:da:d9:4b:da:d6:f2:
14:9f:89:cd:06:66:e4:0a:27:da:70:3b:50:72:8c:
9d:ba:f4:7f:db:30:b5:fd:a5:04:c3:dc:34:3e:b1:
64:19:88:41:76:48:d4:07:4a:80:61:f7:a8:3c:71:
98:a5:9e:0e:fd:42:b6:31:33:95:dd:ec:99:f5:2f:
8f:b1:c4:3a:73:c7:17:dc:25:92:3f:c2:c1:b5:ec:
5a:e6:ab:6f:75:fb:82:d3:73:9b:35:6c:ae:8d:c1:
03:67:b4:d6:f9:a3:49:4d:3c:2b:0d:09:02:4d:f7:
8a:31:39:01:b7:e9:98:0d:0c:16:2a:b7:9f:6f:4e:
38:36:2e:23:c9:fb:51:c2:b9:f9:c2:d7:56:24:f6:
62:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:CC:EA:AF:4C:E0:55:BF:34:07:A4:D2:EE:4E:84:B3:83:B9:3B:1C
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/bMzqr0zgVb80B6TS7k6Es4O5Oxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.170.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:ab:14:a3:8b:9f:67:ca:ba:4e:62:c7:6b:21:f1:f1:69:45:
6e:b2:14:1d:cb:4e:b6:a0:a0:52:82:3a:c0:0d:92:04:06:af:
9a:5c:74:cf:17:b3:11:40:8c:15:54:6c:cc:52:90:ba:c3:8f:
7b:12:4a:a2:b3:9f:65:bb:c1:14:fa:8f:c2:a5:94:b3:90:8c:
55:6e:a8:9f:ad:64:cb:4a:dc:4d:25:b7:58:2d:60:b0:26:28:
5b:c0:f4:55:65:f5:b1:97:d5:10:9d:ab:c5:88:1c:f5:a4:4d:
2e:81:df:8f:a0:24:3f:7b:b8:de:b9:8e:cf:ce:ba:00:dc:d9:
30:2b:85:8a:9c:ac:cb:af:67:7c:cb:d3:72:d6:6a:c2:17:5a:
1c:d2:9f:e1:f0:ae:c2:d0:67:e4:cc:58:7b:fa:80:e0:f3:39:
91:08:9f:d2:f5:19:51:db:3d:bf:24:c3:1b:bf:9c:08:cb:ed:
16:6e:a3:d0:46:1e:42:44:c8:a6:6a:bd:58:83:f7:35:bf:81:
a1:bb:b1:a5:32:02:ec:62:67:2f:23:48:2f:2c:6b:49:f8:57:
76:fa:54:f4:da:26:ee:2c:e7:a4:5f:be:a1:0b:82:95:86:90:
26:1d:be:f2:3c:0b:f3:5f:e4:c5:2a:98:d5:f9:64:98:39:45:
b5:8d:eb:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn3y7GSIPjSkLnIzjyBLQYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwODE1MDYwNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2NjZWFhZjRjZTA1NWJmMzQwN2E0ZDJlZTRlODRiMzgzYjkzYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhHqAy5jIfd5EAJVy2y049WOSUjY
2ZNQwfmvwS3T43giC4e53XLHfzXDMVJxsLWd6hV2F1cPILf9wtKjywWrBz9YT9Ea
ckQ+vGTjeRzgL+Rg4No29WUghXSx5Hx5vat2D30VHekrHaBueXaz4vGcjmHa2Uva
1vIUn4nNBmbkCifacDtQcoyduvR/2zC1/aUEw9w0PrFkGYhBdkjUB0qAYfeoPHGY
pZ4O/UK2MTOV3eyZ9S+PscQ6c8cX3CWSP8LBtexa5qtvdfuC03ObNWyujcEDZ7TW
+aNJTTwrDQkCTfeKMTkBt+mYDQwWKrefb044Ni4jyftRwrn5wtdWJPZiqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGzM6q9M4FW/NAek0u5OhLODuTscMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvYk16cXIwemdWYjgwQjZUUzdrNkVzNE81T3h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPraqMA0G
CSqGSIb3DQEBCwUAA4IBAQBNqxSji59nyrpOYsdrIfHxaUVushQdy062oKBSgjrA
DZIEBq+aXHTPF7MRQIwVVGzMUpC6w497Ekqis59lu8EU+o/CpZSzkIxVbqifrWTL
StxNJbdYLWCwJihbwPRVZfWxl9UQnavFiBz1pE0ugd+PoCQ/e7jeuY7PzroA3Nkw
K4WKnKzLr2d8y9Ny1mrCF1oc0p/h8K7C0GfkzFh7+oDg8zmRCJ/S9RlR2z2/JMMb
v5wIy+0WbqPQRh5CRMimar1Yg/c1v4Ghu7GlMgLsYmcvI0gvLGtJ+Fd2+lT02ibu
LOekX76hC4KVhpAmHb7yPAvzX+TFKpjV+WSYOUW1jev1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:14 2025 by rpki-client