Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/tJV4gN-PEmr3KTkTr0_s8J8KN6o.roa
File: tJV4gN-PEmr3KTkTr0_s8J8KN6o.roa (raw, json)
Hash identifier: ZlQwSP4P4aAtR+2uJj7RJgbQ267rflJnm6FtJaWUwGY=
Subject key identifier: B4:95:78:80:DF:8F:12:6A:F7:29:39:13:AF:4F:EC:F0:9F:0A:37:AA
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 0187F00CD4841608F34D5468D968790957AE
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/tJV4gN-PEmr3KTkTr0_s8J8KN6o.roa
Signing time: Sat 06 May 2023 07:53:05 +0000
ROA not before: Sat 06 May 2023 07:53:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5089
IP address blocks: 62.182.171.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f0:0c:d4:84:16:08:f3:4d:54:68:d9:68:79:09:57:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: May 6 07:53:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4957880df8f126af7293913af4fecf09f0a37aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e7:8e:6b:4b:a9:d3:71:59:5c:53:15:0d:cc:
e5:d1:83:21:11:a7:73:fd:e1:c9:23:41:1a:11:1b:
ea:ee:4f:26:dd:d3:cf:69:eb:09:a2:8a:63:80:dd:
ca:16:91:ce:7d:af:eb:10:ed:8d:94:90:b3:13:f4:
a1:7c:97:54:1d:7c:bb:09:d8:0c:9f:95:f5:1d:64:
1d:8f:b7:b2:0c:47:95:e1:66:b3:5e:7c:ba:2a:4b:
ea:4d:57:f7:a8:51:6f:0a:55:ba:62:fd:62:5f:a7:
95:a7:17:da:0f:b1:3f:09:6b:9d:ab:93:54:9f:cf:
22:2d:b6:63:85:98:5b:fb:1d:55:50:1c:d1:e7:d4:
49:e9:0f:b3:1e:0f:79:83:40:bb:bb:de:c5:60:f0:
ea:53:f1:9f:ca:83:13:5a:26:23:b7:e6:49:22:ca:
40:91:72:f7:18:de:c4:ef:c7:34:c3:fd:95:13:4a:
8a:9e:79:a3:57:a5:44:df:39:58:7d:55:2a:96:21:
1d:a0:30:d4:0c:55:15:6a:45:0f:6b:ae:9d:cc:bb:
5a:c1:30:19:b4:52:3a:43:42:b2:0c:19:57:8b:2e:
39:7d:77:f5:34:45:6a:21:2f:9c:b0:97:25:e5:78:
44:d5:3e:e4:85:b3:7a:a7:10:4d:e9:5b:7a:c3:71:
8a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:95:78:80:DF:8F:12:6A:F7:29:39:13:AF:4F:EC:F0:9F:0A:37:AA
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/tJV4gN-PEmr3KTkTr0_s8J8KN6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.171.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:31:04:d9:a6:5d:bc:2f:d4:c0:c4:14:cb:d3:87:61:cd:43:
ae:af:86:13:b5:14:3b:ab:8f:b8:3d:9d:dc:4e:f1:f6:6a:0d:
dd:b6:12:21:67:53:fb:5d:2c:35:6b:4d:81:0a:e0:69:9f:fa:
2a:4b:3f:04:d7:85:f3:a3:c1:4e:b0:f4:76:fb:32:92:a0:9a:
e0:65:0e:2d:47:23:45:92:6a:d3:d3:30:95:ab:f2:61:2e:76:
6b:c2:40:6f:ce:67:b0:12:fa:c2:5e:f5:26:ad:5d:ec:25:6b:
7f:05:b9:45:44:ec:18:df:c0:7e:c0:4b:47:e7:90:f6:27:aa:
07:bd:39:54:98:f3:ed:e5:fb:f1:4e:cb:ec:98:5f:f0:b7:cc:
20:fd:47:b1:63:1b:51:e3:f8:0f:74:f8:a0:d9:6c:b1:9f:c1:
ec:af:fb:22:68:0a:12:6b:05:f9:f6:c8:f5:81:bb:9a:d3:6c:
78:f5:bd:da:ee:aa:da:50:8b:33:34:95:2d:b3:00:ab:c8:78:
de:8c:b1:c4:8a:57:8d:9e:cd:72:ec:43:6b:51:79:ac:43:0d:
85:48:9e:55:e9:f6:96:c4:c8:0a:47:8c:6b:3c:4e:d4:d3:7f:
67:87:d2:99:8a:57:8b:8a:ca:ba:7c:41:af:96:c4:e2:49:44:
85:ef:b5:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfwDNSEFgjzTVRo2Wh5CVeuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwNTA2MDc1MzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDk1Nzg4MGRmOGYxMjZhZjcyOTM5MTNhZjRmZWNmMDlmMGEzN2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoueOa0up03FZXFMVDczl0YMhEadz
/eHJI0EaERvq7k8m3dPPaesJoopjgN3KFpHOfa/rEO2NlJCzE/ShfJdUHXy7CdgM
n5X1HWQdj7eyDEeV4WazXny6KkvqTVf3qFFvClW6Yv1iX6eVpxfaD7E/CWudq5NU
n88iLbZjhZhb+x1VUBzR59RJ6Q+zHg95g0C7u97FYPDqU/GfyoMTWiYjt+ZJIspA
kXL3GN7E78c0w/2VE0qKnnmjV6VE3zlYfVUqliEdoDDUDFUVakUPa66dzLtawTAZ
tFI6Q0KyDBlXiy45fXf1NEVqIS+csJcl5XhE1T7khbN6pxBN6Vt6w3GKRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSVeIDfjxJq9yk5E69P7PCfCjeqMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvdEpWNGdOLVBFbXIzS1RrVHIwX3M4SjhLTjZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPrarMA0G
CSqGSIb3DQEBCwUAA4IBAQCPMQTZpl28L9TAxBTL04dhzUOur4YTtRQ7q4+4PZ3c
TvH2ag3dthIhZ1P7XSw1a02BCuBpn/oqSz8E14Xzo8FOsPR2+zKSoJrgZQ4tRyNF
kmrT0zCVq/JhLnZrwkBvzmewEvrCXvUmrV3sJWt/BblFROwY38B+wEtH55D2J6oH
vTlUmPPt5fvxTsvsmF/wt8wg/UexYxtR4/gPdPig2Wyxn8Hsr/siaAoSawX59sj1
gbua02x49b3a7qraUIszNJUtswCryHjejLHEileNns1y7ENrUXmsQw2FSJ5V6faW
xMgKR4xrPE7U039nh9KZileLisq6fEGvlsTiSUSF77Vz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:53 2025 by rpki-client