Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/le3pzpbV_LwruFUIz8hEZYLoDaQ.roa
File: le3pzpbV_LwruFUIz8hEZYLoDaQ.roa (raw, json)
Hash identifier: Ri8d3eYuqVPC99JZ5iTYGKy/76En9t6x1zCLtHE/EoE=
Subject key identifier: 95:ED:E9:CE:96:D5:FC:BC:2B:B8:55:08:CF:C8:44:65:82:E8:0D:A4
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 0187E0529C784563D7A0C8E4D7070EA2433F
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/le3pzpbV_LwruFUIz8hEZYLoDaQ.roa
Signing time: Wed 03 May 2023 06:35:23 +0000
ROA not before: Wed 03 May 2023 06:35:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 62.182.170.0/24 maxlen: 24
62.182.171.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e0:52:9c:78:45:63:d7:a0:c8:e4:d7:07:0e:a2:43:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: May 3 06:35:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95ede9ce96d5fcbc2bb85508cfc8446582e80da4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:02:91:e6:96:45:67:e8:7e:65:fa:03:40:b0:
1d:3b:9e:79:8e:5c:4b:df:6d:6d:28:19:e4:db:e5:
1e:36:34:d9:5d:4b:f7:7e:1b:3b:4c:ae:7c:5f:9e:
aa:7a:6d:30:d4:b3:a3:80:d3:4e:97:2f:52:7c:9c:
a4:15:17:50:d2:25:10:31:8e:3f:83:ea:b5:28:6f:
8c:75:5d:96:19:7f:a4:cd:e4:55:28:39:e6:83:9e:
4c:2c:dd:3d:f8:9c:f6:cc:2d:59:fe:06:79:fb:36:
0e:7e:a6:a5:93:d6:cb:97:53:76:88:bc:44:dc:18:
58:bd:a4:d0:70:f6:07:83:db:ca:8c:59:25:17:35:
aa:97:14:44:f6:a7:7e:56:94:de:92:59:84:27:de:
81:50:f1:3b:c0:88:f9:f9:47:ab:4d:73:5d:61:61:
8e:a5:fc:19:d5:9b:81:eb:f4:2b:b6:58:41:ef:0d:
d4:4e:d2:26:bb:15:ee:a7:a3:27:94:56:be:26:2c:
7a:23:02:bc:2d:43:8b:25:cd:72:f7:59:51:64:06:
34:f9:ea:51:58:e0:ee:b6:ca:c6:78:e4:2d:50:1f:
e7:6b:91:6d:e9:8c:cc:b7:c1:fc:22:53:0e:f5:77:
09:ba:d1:c2:af:2c:9a:28:03:89:ac:98:5c:f8:26:
1e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:ED:E9:CE:96:D5:FC:BC:2B:B8:55:08:CF:C8:44:65:82:E8:0D:A4
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/le3pzpbV_LwruFUIz8hEZYLoDaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.170.0/23
Signature Algorithm: sha256WithRSAEncryption
63:c4:5f:ed:9d:9e:5a:f4:9e:35:0c:d9:ab:1f:3b:fb:4e:a5:
af:28:0a:de:e2:73:a3:92:0e:13:40:23:2c:94:92:9c:1a:05:
d6:59:05:e5:a8:77:56:b6:3b:e5:12:c2:8c:6d:a5:cd:b1:0b:
22:01:31:34:8a:b1:cd:73:d9:5a:37:21:26:73:be:77:88:d9:
bd:cf:96:cb:9d:c8:1f:ed:15:1d:2b:76:09:4b:31:8f:72:9b:
aa:8f:8d:cb:31:86:3a:a9:dd:3c:e4:02:a2:04:56:92:e1:60:
e6:1e:cf:ed:55:20:50:27:58:4e:aa:35:40:71:93:66:32:44:
ff:0f:38:25:cd:66:9e:ce:b5:b1:49:97:f9:e7:a1:9d:04:67:
95:35:24:85:f1:79:c9:23:bc:20:17:92:e5:84:77:98:28:63:
f1:4b:02:0f:77:f8:60:d1:e1:f1:10:cd:2e:a0:d4:b7:3d:fa:
d0:69:a2:1a:8e:db:8d:b2:7e:67:5b:fa:4f:e4:f9:9e:ee:9d:
71:96:92:02:e9:54:80:b2:21:d5:ac:ea:ab:77:b0:fc:ba:de:
14:d2:fa:46:08:c1:58:1e:a2:22:9b:7e:ad:3f:81:1f:df:a8:
b7:b5:ff:e5:af:0c:cf:eb:ff:cb:27:fe:76:02:3a:06:ca:57:
8f:4b:47:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfgUpx4RWPXoMjk1wcOokM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwNTAzMDYzNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWVkZTljZTk2ZDVmY2JjMmJiODU1MDhjZmM4NDQ2NTgyZTgwZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwKR5pZFZ+h+ZfoDQLAdO555jlxL
321tKBnk2+UeNjTZXUv3fhs7TK58X56qem0w1LOjgNNOly9SfJykFRdQ0iUQMY4/
g+q1KG+MdV2WGX+kzeRVKDnmg55MLN09+Jz2zC1Z/gZ5+zYOfqalk9bLl1N2iLxE
3BhYvaTQcPYHg9vKjFklFzWqlxRE9qd+VpTeklmEJ96BUPE7wIj5+UerTXNdYWGO
pfwZ1ZuB6/QrtlhB7w3UTtImuxXup6MnlFa+Jix6IwK8LUOLJc1y91lRZAY0+epR
WODutsrGeOQtUB/na5Ft6YzMt8H8IlMO9XcJutHCryyaKAOJrJhc+CYeDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJXt6c6W1fy8K7hVCM/IRGWC6A2kMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvbGUzcHpwYlZfTHdydUZVSXo4aEVaWUxvRGFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBPraqMA0G
CSqGSIb3DQEBCwUAA4IBAQBjxF/tnZ5a9J41DNmrHzv7TqWvKAre4nOjkg4TQCMs
lJKcGgXWWQXlqHdWtjvlEsKMbaXNsQsiATE0irHNc9laNyEmc753iNm9z5bLncgf
7RUdK3YJSzGPcpuqj43LMYY6qd085AKiBFaS4WDmHs/tVSBQJ1hOqjVAcZNmMkT/
DzglzWaezrWxSZf556GdBGeVNSSF8XnJI7wgF5LlhHeYKGPxSwIPd/hg0eHxEM0u
oNS3PfrQaaIajtuNsn5nW/pP5Pme7p1xlpIC6VSAsiHVrOqrd7D8ut4U0vpGCMFY
HqIim36tP4Ef36i3tf/lrwzP6//LJ/52AjoGylePS0dm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:04 2024 by rpki-client on console-fra.rpki-client.org