Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/dYq6mjz2ULBGY6U6mqm2L6ZoRXw.roa
File: dYq6mjz2ULBGY6U6mqm2L6ZoRXw.roa (raw, json)
Hash identifier: 3cOMKaxhTx21OQkKBh0UBIi6l/j/1LHXyi5J8ZaWYh4=
Subject key identifier: 75:8A:BA:9A:3C:F6:50:B0:46:63:A5:3A:9A:A9:B6:2F:A6:68:45:7C
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 018CC493A140630B4A279EF021AEAF149CDA
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/dYq6mjz2ULBGY6U6mqm2L6ZoRXw.roa
Signing time: Mon 01 Jan 2024 10:30:58 +0000
ROA not before: Mon 01 Jan 2024 10:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 62.182.172.0/24 maxlen: 24
62.182.175.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:a1:40:63:0b:4a:27:9e:f0:21:ae:af:14:9c:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Jan 1 10:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=758aba9a3cf650b04663a53a9aa9b62fa668457c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8b:2a:71:ba:1c:af:e7:8c:99:40:c9:8d:ca:
6d:11:7b:06:82:3d:5b:5b:c2:ec:ff:4c:0a:09:1b:
c6:70:d9:c7:55:61:73:a1:40:62:6b:e8:b6:13:83:
cf:dd:ec:fd:1a:26:ec:bc:86:69:b6:90:17:12:55:
b2:ef:ec:f3:5e:b3:44:2d:cc:30:1c:34:03:5b:91:
17:f6:5c:cb:f8:bb:ab:c8:66:87:8f:fa:a5:e0:79:
a8:d4:f0:63:32:fd:ad:4c:16:03:3d:f2:6d:b9:02:
ae:ed:2e:76:56:20:74:67:6c:2f:f4:40:bb:34:03:
be:03:43:c6:28:ee:30:20:25:31:15:70:6a:2a:24:
0f:ae:cb:54:82:9b:48:35:6f:ca:a6:04:06:ee:af:
08:fd:3b:fb:f3:81:b9:90:c8:57:e6:66:90:d5:80:
fa:91:2f:ac:54:78:d7:8a:c7:df:06:ef:dd:2d:b2:
3a:1a:9f:2e:60:87:75:f7:d0:b6:55:60:54:2b:d0:
73:96:6e:a5:03:a5:28:a8:63:aa:a6:3f:69:44:1f:
ff:93:60:55:cf:fc:fd:d0:00:71:33:c7:c1:91:19:
c4:4d:a8:4a:00:f3:92:ad:b1:c5:93:30:42:68:2c:
26:3c:65:4e:01:83:ac:3e:30:19:3e:c8:ff:2c:10:
91:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:8A:BA:9A:3C:F6:50:B0:46:63:A5:3A:9A:A9:B6:2F:A6:68:45:7C
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/dYq6mjz2ULBGY6U6mqm2L6ZoRXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.172.0/24
62.182.175.0/24
Signature Algorithm: sha256WithRSAEncryption
67:f0:78:b8:81:b9:b0:58:d4:45:da:16:8b:01:fc:34:b4:f8:
3c:a1:65:62:55:2e:bc:52:c0:3a:f4:c2:74:b0:e6:ea:ea:f7:
14:9a:d4:b5:35:f4:0b:2c:eb:02:59:34:71:a0:04:f3:76:f9:
0a:6d:cc:16:9c:13:8d:7e:04:48:dc:6a:a1:dd:18:6f:4b:45:
81:ba:95:59:20:64:05:f2:77:9c:81:3c:59:54:ad:42:16:f4:
ad:66:c2:43:4f:50:bc:93:21:f8:34:83:23:75:c6:32:79:a0:
81:22:69:6d:bf:32:86:2b:70:5b:3b:a7:08:10:5f:35:d9:f9:
3d:fa:da:87:1e:38:f3:d2:bd:75:a5:25:17:88:38:e2:cb:2d:
28:3e:73:7e:3d:4a:89:98:5e:ae:51:0f:07:e4:e9:3b:03:de:
c3:81:69:83:b7:86:2f:b8:bb:e9:5d:47:dd:12:4e:c7:f5:61:
43:74:fe:30:ca:fb:29:8b:a0:04:65:7a:5b:2b:53:8f:e9:20:
46:94:ef:2a:41:2c:dd:3a:8f:6b:a5:6c:81:f5:cb:c4:37:1e:
dd:eb:83:9e:0f:5c:ad:5c:a5:fb:b4:e9:d0:f3:0f:60:e3:5f:
dd:b5:ef:da:b2:64:91:ab:e4:c9:52:2d:05:b6:4e:73:63:78:
eb:d6:1b:cc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEk6FAYwtKJ57wIa6vFJzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjQwMTAxMTAzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NThhYmE5YTNjZjY1MGIwNDY2M2E1M2E5YWE5YjYyZmE2Njg0NTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIsqcbocr+eMmUDJjcptEXsGgj1b
W8Ls/0wKCRvGcNnHVWFzoUBia+i2E4PP3ez9GibsvIZptpAXElWy7+zzXrNELcww
HDQDW5EX9lzL+LuryGaHj/ql4Hmo1PBjMv2tTBYDPfJtuQKu7S52ViB0Z2wv9EC7
NAO+A0PGKO4wICUxFXBqKiQPrstUgptINW/KpgQG7q8I/Tv784G5kMhX5maQ1YD6
kS+sVHjXisffBu/dLbI6Gp8uYId199C2VWBUK9Bzlm6lA6UoqGOqpj9pRB//k2BV
z/z90ABxM8fBkRnETahKAPOSrbHFkzBCaCwmPGVOAYOsPjAZPsj/LBCRrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHWKupo89lCwRmOlOpqpti+maEV8MB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvZFlxNm1qejJVTEJHWTZVNm1xbTJMNlpvUlh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPrasAwQA
PravMA0GCSqGSIb3DQEBCwUAA4IBAQBn8Hi4gbmwWNRF2haLAfw0tPg8oWViVS68
UsA69MJ0sObq6vcUmtS1NfQLLOsCWTRxoATzdvkKbcwWnBONfgRI3Gqh3RhvS0WB
upVZIGQF8necgTxZVK1CFvStZsJDT1C8kyH4NIMjdcYyeaCBImltvzKGK3BbO6cI
EF812fk9+tqHHjjz0r11pSUXiDjiyy0oPnN+PUqJmF6uUQ8H5Ok7A97DgWmDt4Yv
uLvpXUfdEk7H9WFDdP4wyvspi6AEZXpbK1OP6SBGlO8qQSzdOo9rpWyB9cvENx7d
64OeD1ytXKX7tOnQ8w9g41/dte/asmSRq+TJUi0Ftk5zY3jr1hvM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:04 2024 by rpki-client on console-fra.rpki-client.org