Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/fYlo2fcrnpDZQoxMpIgI2zxWCUM.roa
File: fYlo2fcrnpDZQoxMpIgI2zxWCUM.roa (raw, json)
Hash identifier: 9rXqap1m/iueoPZVhpS6DganS/N3QdqKH7MemX40FpA=
Subject key identifier: 7D:89:68:D9:F7:2B:9E:90:D9:42:8C:4C:A4:88:08:DB:3C:56:09:43
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 0188AE6111B200960E45B4A440C4CFE3AB2F
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/fYlo2fcrnpDZQoxMpIgI2zxWCUM.roa
Signing time: Mon 12 Jun 2023 06:52:57 +0000
ROA not before: Mon 12 Jun 2023 06:52:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210576
IP address blocks: 62.182.171.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ae:61:11:b2:00:96:0e:45:b4:a4:40:c4:cf:e3:ab:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Jun 12 06:52:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d8968d9f72b9e90d9428c4ca48808db3c560943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d0:2c:82:6c:c6:36:e6:b2:d3:5c:23:4c:b1:
ba:ea:67:4b:d5:76:3a:68:7a:16:6c:e2:95:4f:8a:
ba:6a:0c:7a:61:18:5c:30:1c:da:5a:fb:d8:8e:fe:
11:e3:a1:77:73:dd:7e:d3:f3:cb:ca:8b:5b:7b:f5:
ce:e5:f1:4c:88:4d:5f:cc:85:08:c1:e1:6a:16:8b:
ab:00:20:eb:d6:28:db:1c:ed:0e:aa:7d:58:b3:f7:
6a:34:5b:57:77:7b:7d:2a:b2:4f:ae:66:a4:fc:1c:
58:66:4c:d7:f9:af:4e:f2:98:83:2f:b9:b4:61:72:
7d:66:b2:a0:ab:69:f0:a0:18:25:16:c5:71:d2:d7:
57:64:6b:c6:a6:6e:e0:d2:4e:8b:5e:b5:5e:f1:b4:
68:85:b2:90:20:39:51:e6:9b:2d:2e:5a:4b:ee:33:
54:2e:ab:a8:6f:32:e4:a7:aa:fb:1f:45:58:88:a2:
a8:03:4e:63:70:87:a6:42:67:a8:75:0c:fc:3c:7d:
c0:e3:e1:37:d0:4f:ab:3f:67:3d:4c:22:4d:46:91:
94:9d:2b:d5:85:c7:f0:91:2f:6c:26:15:a3:9d:3e:
04:49:29:e5:bc:de:0d:78:b1:26:05:4b:4a:8b:d6:
d9:1e:41:50:79:61:4d:52:64:f8:f2:ec:17:a9:da:
e6:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:89:68:D9:F7:2B:9E:90:D9:42:8C:4C:A4:88:08:DB:3C:56:09:43
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/fYlo2fcrnpDZQoxMpIgI2zxWCUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.171.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:88:8c:05:c9:10:da:2f:e4:aa:a4:51:46:e8:0d:f8:92:88:
81:87:f3:59:06:ea:72:52:a1:8f:02:9c:9c:11:49:0c:35:42:
d0:f3:66:05:51:dc:9b:c3:ee:cc:ec:47:45:ca:67:35:cb:4f:
30:6c:73:22:99:24:8c:69:10:68:18:55:ed:6c:d1:c3:71:7a:
25:d9:a9:b1:2d:cf:2d:48:91:03:08:80:a5:6d:ff:a3:2b:04:
d5:e9:24:d7:7f:f6:6d:2e:9f:35:08:a3:f6:80:2f:df:60:7a:
1e:6d:57:e7:3e:56:b9:a7:cc:08:8f:ee:c4:f4:20:bd:f8:5a:
46:40:72:91:bf:7d:85:66:4a:c9:2b:91:1d:ff:72:7f:c3:87:
3f:1c:67:9f:99:c9:83:ca:48:39:d3:4b:02:65:1c:d8:df:5f:
b5:25:ee:5c:98:3c:1e:3c:21:65:c6:f6:44:5c:27:7a:b3:04:
45:31:84:fa:61:86:55:df:f8:65:d6:e4:61:0a:61:1b:ae:a5:
4e:d0:b7:ce:6b:e0:bb:35:c0:8c:fd:f9:04:05:58:a3:99:dc:
a3:ef:fa:f5:1b:4e:1e:59:f1:8b:d9:33:48:2b:d9:d3:59:8b:
08:cc:58:7e:64:21:f9:6e:94:dc:15:14:cf:f7:25:20:d7:7f:
dc:56:9d:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiuYRGyAJYORbSkQMTP46svMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwNjEyMDY1MjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDg5NjhkOWY3MmI5ZTkwZDk0MjhjNGNhNDg4MDhkYjNjNTYwOTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNAsgmzGNuay01wjTLG66mdL1XY6
aHoWbOKVT4q6agx6YRhcMBzaWvvYjv4R46F3c91+0/PLyotbe/XO5fFMiE1fzIUI
weFqFourACDr1ijbHO0Oqn1Ys/dqNFtXd3t9KrJPrmak/BxYZkzX+a9O8piDL7m0
YXJ9ZrKgq2nwoBglFsVx0tdXZGvGpm7g0k6LXrVe8bRohbKQIDlR5pstLlpL7jNU
LquobzLkp6r7H0VYiKKoA05jcIemQmeodQz8PH3A4+E30E+rP2c9TCJNRpGUnSvV
hcfwkS9sJhWjnT4ESSnlvN4NeLEmBUtKi9bZHkFQeWFNUmT48uwXqdrmFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH2JaNn3K56Q2UKMTKSICNs8VglDMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvZllsbzJmY3JucERaUW94TXBJZ0kyenhXQ1VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPrarMA0G
CSqGSIb3DQEBCwUAA4IBAQCniIwFyRDaL+SqpFFG6A34koiBh/NZBupyUqGPApyc
EUkMNULQ82YFUdybw+7M7EdFymc1y08wbHMimSSMaRBoGFXtbNHDcXol2amxLc8t
SJEDCIClbf+jKwTV6STXf/ZtLp81CKP2gC/fYHoebVfnPla5p8wIj+7E9CC9+FpG
QHKRv32FZkrJK5Ed/3J/w4c/HGefmcmDykg500sCZRzY31+1Je5cmDwePCFlxvZE
XCd6swRFMYT6YYZV3/hl1uRhCmEbrqVO0LfOa+C7NcCM/fkEBVijmdyj7/r1G04e
WfGL2TNIK9nTWYsIzFh+ZCH5bpTcFRTP9yUg13/cVp2K
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:04 2024 by rpki-client on console-fra.rpki-client.org