Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/hIdfptSSVLgriSHO_frtJu2zjvA.roa
File: hIdfptSSVLgriSHO_frtJu2zjvA.roa (raw, json)
Hash identifier: 7TYqWQ2aptfXwLq3M9Ig1U33UichMKOJI3GFBCsFMJA=
Subject key identifier: 84:87:5F:A6:D4:92:54:B8:2B:89:21:CE:FD:FA:ED:26:ED:B3:8E:F0
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 018B8073D1F368A79F76A16C9EAE45A2364D
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/hIdfptSSVLgriSHO_frtJu2zjvA.roa
Signing time: Mon 30 Oct 2023 11:59:15 +0000
ROA not before: Mon 30 Oct 2023 11:59:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216091
IP address blocks: 62.182.173.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:73:d1:f3:68:a7:9f:76:a1:6c:9e:ae:45:a2:36:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Oct 30 11:59:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84875fa6d49254b82b8921cefdfaed26edb38ef0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:29:10:86:d4:7c:44:0c:cc:0c:6a:28:47:34:
0f:ad:dc:82:85:1d:e9:6b:87:70:7a:a1:16:03:63:
93:80:c5:6e:05:da:bb:76:bb:5e:0e:89:ff:57:6d:
52:8e:91:de:dd:cc:c2:07:86:7a:b3:3a:b4:8e:0e:
5b:49:11:d5:2a:06:32:50:99:be:96:4e:79:7c:d1:
aa:7d:4a:50:5b:4e:e8:cc:d8:8a:ba:dd:b5:0d:c1:
e2:cc:11:e1:85:c3:ef:28:c1:aa:da:a1:10:29:8a:
67:59:23:68:4e:25:26:7d:67:88:83:de:9a:b9:74:
f9:9e:2c:ae:47:4a:5e:17:1e:30:96:ad:3f:47:48:
7c:2a:0f:24:98:c4:10:df:df:db:3c:a2:6b:c9:9b:
8a:24:22:3c:28:8e:b5:82:58:c0:3e:0b:c1:ff:c7:
82:32:a2:30:a7:4b:c8:4d:59:17:61:9a:53:e8:9e:
5e:f4:b2:3c:41:c0:ba:2d:ff:76:0e:e6:9a:5b:dc:
6e:50:64:68:e4:3b:35:65:5e:92:72:d4:64:35:ce:
1b:be:59:b0:cf:56:88:8b:b4:af:83:84:50:20:94:
31:f9:5e:1a:22:d8:49:b4:44:9d:03:4a:b1:32:17:
c2:60:71:c4:96:ae:b2:14:7e:33:7b:f5:ff:91:b6:
78:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:87:5F:A6:D4:92:54:B8:2B:89:21:CE:FD:FA:ED:26:ED:B3:8E:F0
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/hIdfptSSVLgriSHO_frtJu2zjvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.173.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:d9:31:23:99:c3:fd:e1:bc:c1:87:60:b1:42:6c:d8:f9:02:
18:ff:f2:e6:f9:89:17:af:38:d5:f3:bb:54:13:3b:6b:06:ad:
4c:ab:54:27:44:71:0c:8a:fa:0b:a0:d1:dc:63:d0:0c:f3:97:
5e:b3:af:df:d2:e9:6f:9d:cc:d6:86:c2:3d:11:9d:36:08:50:
fa:49:52:ec:64:7c:b7:46:02:b6:86:42:b2:87:a6:6c:8c:6c:
cc:1b:b5:89:a6:8b:41:01:f3:f9:11:f0:f6:a5:eb:ec:0c:ce:
29:77:1d:44:61:28:13:a0:05:85:bc:08:cb:1f:ae:4c:ab:93:
db:88:82:58:73:f8:f2:32:09:89:41:0b:71:44:34:3a:78:b1:
c7:a8:95:35:e8:6b:ee:51:ff:48:1d:78:24:2b:f4:9f:d8:15:
15:15:bd:bd:51:3d:77:70:6f:48:e4:7b:74:f7:55:51:ba:b0:
5f:7c:73:ad:22:3e:97:bf:51:be:1e:7d:27:4f:a6:1d:35:ac:
cd:25:87:e2:5c:65:01:fa:4b:0f:7b:16:8f:a6:6c:21:a0:78:
3a:23:46:0e:e8:81:30:c8:5a:c7:60:ab:b6:44:cb:08:af:8e:
5e:0c:b4:59:66:f6:91:7c:2d:67:16:e0:36:a2:10:52:e6:3e:
b8:2a:97:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuAc9HzaKefdqFsnq5FojZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMxMDMwMTE1OTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDg3NWZhNmQ0OTI1NGI4MmI4OTIxY2VmZGZhZWQyNmVkYjM4ZWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhykQhtR8RAzMDGooRzQPrdyChR3p
a4dweqEWA2OTgMVuBdq7drteDon/V21SjpHe3czCB4Z6szq0jg5bSRHVKgYyUJm+
lk55fNGqfUpQW07ozNiKut21DcHizBHhhcPvKMGq2qEQKYpnWSNoTiUmfWeIg96a
uXT5niyuR0peFx4wlq0/R0h8Kg8kmMQQ39/bPKJryZuKJCI8KI61gljAPgvB/8eC
MqIwp0vITVkXYZpT6J5e9LI8QcC6Lf92DuaaW9xuUGRo5Ds1ZV6SctRkNc4bvlmw
z1aIi7Svg4RQIJQx+V4aIthJtESdA0qxMhfCYHHElq6yFH4ze/X/kbZ4BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFISHX6bUklS4K4khzv367Sbts47wMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvaElkZnB0U1NWTGdyaVNIT19mcnRKdTJ6anZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPratMA0G
CSqGSIb3DQEBCwUAA4IBAQAK2TEjmcP94bzBh2CxQmzY+QIY//Lm+YkXrzjV87tU
EztrBq1Mq1QnRHEMivoLoNHcY9AM85des6/f0ulvnczWhsI9EZ02CFD6SVLsZHy3
RgK2hkKyh6ZsjGzMG7WJpotBAfP5EfD2pevsDM4pdx1EYSgToAWFvAjLH65Mq5Pb
iIJYc/jyMgmJQQtxRDQ6eLHHqJU16GvuUf9IHXgkK/Sf2BUVFb29UT13cG9I5Ht0
91VRurBffHOtIj6Xv1G+Hn0nT6YdNazNJYfiXGUB+ksPexaPpmwhoHg6I0YO6IEw
yFrHYKu2RMsIr45eDLRZZvaRfC1nFuA2ohBS5j64Kpd8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:54 2025 by rpki-client