Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/d8gtO15830ZoA6TBIxrnzSgv-gA.roa
File: d8gtO15830ZoA6TBIxrnzSgv-gA.roa (raw, json)
Hash identifier: eIWVV6VuqJgXc6lAJ84XKH+BEq+Si2s16bm1SEOYCbc=
Subject key identifier: 77:C8:2D:3B:5E:7C:DF:46:68:03:A4:C1:23:1A:E7:CD:28:2F:FA:00
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 01852FCD0FD24C76CB28CC3764EAADF554D0
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/d8gtO15830ZoA6TBIxrnzSgv-gA.roa
Signing time: Tue 20 Dec 2022 13:50:46 +0000
ROA not before: Tue 20 Dec 2022 13:50:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211432
IP address blocks: 62.182.174.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:cd:0f:d2:4c:76:cb:28:cc:37:64:ea:ad:f5:54:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Dec 20 13:50:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=77c82d3b5e7cdf466803a4c1231ae7cd282ffa00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:30:b1:ea:d7:f1:bd:dd:ef:32:66:ed:22:d9:
f6:9a:5b:af:9c:1c:32:25:b0:12:d2:5b:9c:9b:59:
a1:3c:e9:75:24:a8:e3:19:3c:30:21:79:38:ea:b4:
2d:74:2a:76:01:a5:ae:c0:55:f8:d1:92:f2:71:b9:
1c:61:b0:8c:71:4a:e5:17:68:bf:b7:6d:b7:d1:8b:
60:0e:c5:9f:4e:21:53:ff:6f:9a:36:46:c3:93:0f:
e0:f0:69:cf:b8:c5:33:8b:c0:19:2e:49:18:58:fa:
25:c0:e6:00:bc:65:26:e8:8c:2b:02:f1:01:78:70:
c9:3a:f3:2e:2a:b2:da:c3:5a:5e:a2:0b:10:a1:d7:
7c:cb:7d:fa:a2:20:a2:5e:1e:62:1c:69:47:1e:73:
a2:20:7a:e4:c7:31:9a:25:13:f6:5c:80:b4:5f:1a:
b5:f9:55:16:57:ba:79:e1:5c:07:ab:e9:db:07:37:
91:c6:fd:5a:2d:ff:b3:93:fa:4b:72:66:38:76:a1:
2a:67:13:79:f3:6e:95:35:3c:52:f7:fb:79:32:98:
52:a2:0e:04:0e:0f:0e:d9:01:01:a7:ae:99:fc:88:
07:cd:f6:54:e3:bc:e6:cb:c4:93:e4:4f:41:bb:8b:
7f:28:e0:65:20:cb:26:3c:8d:7f:12:23:2c:24:5d:
12:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:C8:2D:3B:5E:7C:DF:46:68:03:A4:C1:23:1A:E7:CD:28:2F:FA:00
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/d8gtO15830ZoA6TBIxrnzSgv-gA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.174.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:8b:ab:57:a2:6b:0e:7a:8f:1e:14:4c:79:93:5e:cf:b9:26:
83:a4:2d:d4:b9:e6:39:bf:13:89:8c:0a:ef:e1:b6:1d:c5:6a:
ce:ff:b3:d4:2c:ae:fc:e0:43:d4:c7:5a:69:30:a9:5d:2c:14:
ae:f0:05:7d:d1:b2:b9:46:cf:f2:46:f7:4c:77:c8:df:eb:eb:
95:7a:12:9c:19:4b:c6:0d:a5:19:26:86:4c:f9:0a:4d:14:37:
f3:34:1f:d1:06:99:3a:cb:9d:fe:88:5e:71:3e:77:0d:8b:03:
a7:4e:2a:a0:bb:87:d5:e3:81:28:f0:cc:de:b3:3e:3c:84:7f:
cb:db:54:40:5f:dc:87:4a:06:43:11:11:a7:74:04:39:3d:4c:
dc:10:1e:c3:a5:85:c1:07:af:5e:3c:3f:23:fb:a4:ca:8e:9e:
e8:b0:0d:3f:bd:ad:d9:c3:c3:0c:a8:ad:d5:67:05:e0:f6:16:
a2:1d:04:5a:04:bb:ba:e8:e8:9d:87:71:fb:81:2d:29:50:b4:
ba:6e:cf:04:8b:25:02:37:ce:ed:c6:23:6d:59:ad:31:69:a4:
6f:92:2f:9d:4a:2f:80:36:5b:65:59:fb:60:7f:70:c5:b9:41:
5e:8f:5c:29:c5:cd:39:50:cf:34:6d:5c:79:11:bd:ac:f3:ff:
e9:85:f0:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUvzQ/STHbLKMw3ZOqt9VTQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjIxMjIwMTM1MDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2M4MmQzYjVlN2NkZjQ2NjgwM2E0YzEyMzFhZTdjZDI4MmZmYTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTCx6tfxvd3vMmbtItn2mluvnBwy
JbAS0lucm1mhPOl1JKjjGTwwIXk46rQtdCp2AaWuwFX40ZLycbkcYbCMcUrlF2i/
t2230YtgDsWfTiFT/2+aNkbDkw/g8GnPuMUzi8AZLkkYWPolwOYAvGUm6IwrAvEB
eHDJOvMuKrLaw1peogsQodd8y336oiCiXh5iHGlHHnOiIHrkxzGaJRP2XIC0Xxq1
+VUWV7p54VwHq+nbBzeRxv1aLf+zk/pLcmY4dqEqZxN5826VNTxS9/t5MphSog4E
Dg8O2QEBp66Z/IgHzfZU47zmy8ST5E9Bu4t/KOBlIMsmPI1/EiMsJF0STwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHfILTtefN9GaAOkwSMa580oL/oAMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvZDhndE8xNTgzMFpvQTZUQkl4cm56U2d2LWdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPrauMA0G
CSqGSIb3DQEBCwUAA4IBAQCai6tXomsOeo8eFEx5k17PuSaDpC3UueY5vxOJjArv
4bYdxWrO/7PULK784EPUx1ppMKldLBSu8AV90bK5Rs/yRvdMd8jf6+uVehKcGUvG
DaUZJoZM+QpNFDfzNB/RBpk6y53+iF5xPncNiwOnTiqgu4fV44Eo8Mzesz48hH/L
21RAX9yHSgZDERGndAQ5PUzcEB7DpYXBB69ePD8j+6TKjp7osA0/va3Zw8MMqK3V
ZwXg9haiHQRaBLu66Oidh3H7gS0pULS6bs8EiyUCN87txiNtWa0xaaRvki+dSi+A
NltlWftgf3DFuUFej1wpxc05UM80bVx5Eb2s8//phfAu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:09 2024 by rpki-client on console-ams.rpki-client.org