Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/n-SR0z_J-ii_7KgeQCDX0F-nG9E.roa
File: n-SR0z_J-ii_7KgeQCDX0F-nG9E.roa (raw, json)
Hash identifier: aQoiJ01nbMClNz3CaYezfQvDWJvYL3UtbIpOFShpsR4=
Subject key identifier: 9F:E4:91:D3:3F:C9:FA:28:BF:EC:A8:1E:40:20:D7:D0:5F:A7:1B:D1
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 018AA7DE2D79100D70392AB7100687370A99
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/n-SR0z_J-ii_7KgeQCDX0F-nG9E.roa
Signing time: Mon 18 Sep 2023 10:37:50 +0000
ROA not before: Mon 18 Sep 2023 10:37:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 62.182.170.0/24 maxlen: 24
62.182.174.0/24 maxlen: 24
194.15.153.0/24 maxlen: 24
194.15.154.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:de:2d:79:10:0d:70:39:2a:b7:10:06:87:37:0a:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Sep 18 10:37:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fe491d33fc9fa28bfeca81e4020d7d05fa71bd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:89:e9:32:7d:e4:f3:de:a7:99:b1:df:f3:a5:
0f:cc:65:56:2b:33:4c:7e:cc:df:3e:85:5c:b6:92:
97:c6:92:62:7f:c5:af:83:bf:b8:4f:75:b8:45:8b:
53:10:e4:4f:f4:30:f3:10:0e:46:b1:6a:fb:a3:28:
b0:fe:60:9f:c9:5b:6d:43:e0:a8:4e:65:f1:7f:2d:
dd:df:cb:97:30:71:99:f9:67:a3:50:2c:fe:f6:29:
27:57:d3:17:90:24:cf:e1:04:a4:02:79:d7:0e:69:
2b:13:1d:af:75:e9:43:76:89:46:bd:b0:0f:da:e8:
c6:c6:4a:d7:83:72:e5:87:28:07:61:ca:ea:88:64:
97:f0:18:63:45:9e:ef:54:d1:7b:c1:e7:90:14:3f:
50:50:60:6c:19:41:1c:50:f9:7c:ec:2c:90:cd:e3:
8b:b0:47:31:e8:7b:1c:10:fe:9a:38:c7:59:b5:50:
f2:4c:07:0f:d0:01:d8:41:f6:c2:51:80:63:9f:a3:
c5:98:f1:98:51:c7:36:72:cc:92:a1:3b:37:00:1d:
91:16:29:44:45:80:42:a1:89:1e:f4:6c:a0:d1:52:
f0:bb:2f:73:f8:bf:f2:13:8b:b5:b0:db:bc:77:43:
21:c0:60:5b:b7:05:18:d2:a3:8b:1a:b7:7e:0b:3a:
9a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:E4:91:D3:3F:C9:FA:28:BF:EC:A8:1E:40:20:D7:D0:5F:A7:1B:D1
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/n-SR0z_J-ii_7KgeQCDX0F-nG9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.170.0/24
62.182.174.0/24
194.15.153.0-194.15.154.255
Signature Algorithm: sha256WithRSAEncryption
97:ab:a2:89:35:08:d2:83:57:14:9f:e4:2f:5a:f3:00:7a:4f:
56:e9:28:8f:ef:26:bd:d5:1f:5e:0d:4e:f5:4f:54:e4:9b:5c:
b9:c8:5f:fd:8f:6a:21:9b:11:3d:19:d6:bf:b4:b3:0d:64:53:
56:b1:cf:dc:58:10:c5:5b:69:87:ec:f5:3d:89:d3:96:61:02:
fd:59:2e:51:5a:59:22:b1:6c:10:cc:c6:f0:bd:a1:9d:51:68:
c8:55:bd:b2:0f:19:55:c5:7a:11:29:97:0b:be:da:58:26:7e:
e2:30:d2:62:51:16:d3:cf:5b:3f:fd:4f:bc:4d:ef:f9:df:98:
82:e2:31:f8:b5:bf:17:06:19:ea:8a:ba:2c:8e:23:75:f1:d7:
83:1a:af:10:82:3d:72:38:e9:28:f3:46:39:0b:7e:29:48:61:
98:e6:90:f8:e1:71:b0:31:15:d1:58:e3:ec:09:27:57:9a:b8:
a0:b5:9a:3a:fc:3a:50:de:5e:f0:ab:6c:a9:d3:67:ec:45:c5:
73:17:32:94:86:7f:d7:71:0c:82:17:b1:c4:80:84:39:c6:d1:
69:b0:c1:79:6a:14:67:93:16:ec:4e:05:bf:cc:22:97:c9:ca:
80:37:e1:be:da:bb:57:a9:63:67:16:ba:bf:81:fc:0a:a5:de:
c9:e3:7e:d5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYqn3i15EA1wOSq3EAaHNwqZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwOTE4MTAzNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmU0OTFkMzNmYzlmYTI4YmZlY2E4MWU0MDIwZDdkMDVmYTcxYmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApInpMn3k896nmbHf86UPzGVWKzNM
fszfPoVctpKXxpJif8Wvg7+4T3W4RYtTEORP9DDzEA5GsWr7oyiw/mCfyVttQ+Co
TmXxfy3d38uXMHGZ+WejUCz+9iknV9MXkCTP4QSkAnnXDmkrEx2vdelDdolGvbAP
2ujGxkrXg3LlhygHYcrqiGSX8BhjRZ7vVNF7weeQFD9QUGBsGUEcUPl87CyQzeOL
sEcx6HscEP6aOMdZtVDyTAcP0AHYQfbCUYBjn6PFmPGYUcc2csySoTs3AB2RFilE
RYBCoYke9Gyg0VLwuy9z+L/yE4u1sNu8d0MhwGBbtwUY0qOLGrd+Czqa1QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJ/kkdM/yfoov+yoHkAg19BfpxvRMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvbi1TUjB6X0otaWlfN0tnZVFDRFgwRi1uRzlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAPraqAwQA
PrauMAwDBADCD5kDBADCD5owDQYJKoZIhvcNAQELBQADggEBAJerook1CNKDVxSf
5C9a8wB6T1bpKI/vJr3VH14NTvVPVOSbXLnIX/2PaiGbET0Z1r+0sw1kU1axz9xY
EMVbaYfs9T2J05ZhAv1ZLlFaWSKxbBDMxvC9oZ1RaMhVvbIPGVXFehEplwu+2lgm
fuIw0mJRFtPPWz/9T7xN7/nfmILiMfi1vxcGGeqKuiyOI3Xx14MarxCCPXI46Sjz
RjkLfilIYZjmkPjhcbAxFdFY4+wJJ1eauKC1mjr8OlDeXvCrbKnTZ+xFxXMXMpSG
f9dxDIIXscSAhDnG0WmwwXlqFGeTFuxOBb/MIpfJyoA34b7au1epY2cWur+B/Aql
3snjftU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:09 2024 by rpki-client on console-ams.rpki-client.org