Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/vbRedp-BTN8LYOwc9glE_F7WJ_o.roa
File: vbRedp-BTN8LYOwc9glE_F7WJ_o.roa (raw, json)
Hash identifier: meuIVJdXrDfOhP4doPedBzd5t/YaiqTxkkmDqBL6VyA=
Subject key identifier: BD:B4:5E:76:9F:81:4C:DF:0B:60:EC:1C:F6:09:44:FC:5E:D6:27:FA
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 01889E9BD2999D3A07AB8EF54712CAACF3E0
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/vbRedp-BTN8LYOwc9glE_F7WJ_o.roa
Signing time: Fri 09 Jun 2023 05:23:12 +0000
ROA not before: Fri 09 Jun 2023 05:23:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210476
IP address blocks: 62.182.171.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9e:9b:d2:99:9d:3a:07:ab:8e:f5:47:12:ca:ac:f3:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Jun 9 05:23:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bdb45e769f814cdf0b60ec1cf60944fc5ed627fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:00:0f:15:07:cc:b3:a0:a3:2a:be:c9:35:1d:
a4:e7:ff:65:4f:7f:b1:91:88:fb:1d:b0:2f:9f:24:
b5:e7:d5:e8:09:d4:d5:99:2f:af:94:53:e6:e3:96:
5e:9c:c1:cb:53:b2:6b:13:73:6d:4c:33:fc:d1:ec:
ff:09:05:ea:ba:87:69:b8:55:68:8d:09:98:12:22:
3b:cb:64:4f:94:dd:82:f0:cf:df:46:d4:a5:bd:69:
21:07:81:3a:cf:b7:6e:ca:01:2e:5e:a8:11:b1:b6:
97:2d:f7:f4:9c:2f:fe:a9:aa:4f:04:17:6b:b2:a5:
93:21:22:11:45:8e:07:bd:9e:29:97:33:38:ce:17:
35:ef:41:a8:e3:4d:d8:5a:7b:65:ef:98:6a:5b:33:
ba:a3:1d:8a:d1:0b:f2:23:bd:b2:9d:89:ea:35:03:
31:73:da:55:4c:2b:cf:44:70:f3:2b:1b:95:06:12:
63:b1:29:76:90:b2:c3:e9:a9:8f:7b:e8:e2:ad:17:
be:43:e9:76:8b:4b:8f:70:22:88:88:fc:ed:24:d8:
30:39:78:62:ae:58:02:fc:42:78:a5:3c:31:30:7b:
4c:47:8e:08:e6:30:fa:29:a0:29:fb:b3:11:c6:49:
70:21:30:ad:bc:48:c2:0b:84:cd:58:67:71:bd:07:
aa:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:B4:5E:76:9F:81:4C:DF:0B:60:EC:1C:F6:09:44:FC:5E:D6:27:FA
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/vbRedp-BTN8LYOwc9glE_F7WJ_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.171.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:fc:b4:af:24:b5:c4:ee:36:42:0c:9e:70:d3:82:a3:b4:81:
01:ea:32:09:04:3f:38:fd:02:eb:37:c3:42:bb:20:97:a6:45:
09:4a:92:91:e2:b0:e1:db:a8:69:2d:6d:c4:fa:fc:0b:e9:7b:
37:76:fc:64:12:a1:52:87:48:bb:3a:ec:05:bd:54:52:7f:66:
17:bf:4b:4a:b6:fb:38:a6:34:90:f5:56:59:59:99:b9:0e:58:
a8:bc:57:b0:8d:12:42:17:5e:3b:e3:41:68:b7:99:62:43:3b:
6c:c8:2c:ed:ab:a8:53:5d:99:15:68:20:60:e8:60:4c:eb:f6:
77:a8:dd:20:90:0e:2e:a1:92:0f:45:fa:46:69:52:e9:54:c9:
35:2c:cd:55:54:16:19:d1:ad:97:75:6d:ff:15:43:59:7e:c8:
b7:d2:95:4f:51:2f:33:68:b2:d0:f9:2e:b6:54:43:cc:54:b6:
c9:03:b9:f4:4c:53:d8:d1:6e:69:8f:82:3d:65:31:7d:2a:98:
18:68:f4:64:32:a5:e5:da:72:15:11:6d:a4:67:f1:04:c8:83:
ce:fd:d3:7a:a2:83:bb:8f:fc:4a:8f:2b:e4:b6:36:4a:e5:d1:
38:db:04:9f:e7:fb:55:75:2b:6b:39:63:dd:e2:73:ce:12:0e:
20:fe:ef:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiem9KZnToHq471RxLKrPPgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwNjA5MDUyMzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGI0NWU3NjlmODE0Y2RmMGI2MGVjMWNmNjA5NDRmYzVlZDYyN2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wAPFQfMs6CjKr7JNR2k5/9lT3+x
kYj7HbAvnyS159XoCdTVmS+vlFPm45ZenMHLU7JrE3NtTDP80ez/CQXquodpuFVo
jQmYEiI7y2RPlN2C8M/fRtSlvWkhB4E6z7duygEuXqgRsbaXLff0nC/+qapPBBdr
sqWTISIRRY4HvZ4plzM4zhc170Go403YWntl75hqWzO6ox2K0QvyI72ynYnqNQMx
c9pVTCvPRHDzKxuVBhJjsSl2kLLD6amPe+jirRe+Q+l2i0uPcCKIiPztJNgwOXhi
rlgC/EJ4pTwxMHtMR44I5jD6KaAp+7MRxklwITCtvEjCC4TNWGdxvQeqlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL20XnafgUzfC2DsHPYJRPxe1if6MB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvdmJSZWRwLUJUTjhMWU93YzlnbEVfRjdXSl9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPrarMA0G
CSqGSIb3DQEBCwUAA4IBAQAM/LSvJLXE7jZCDJ5w04KjtIEB6jIJBD84/QLrN8NC
uyCXpkUJSpKR4rDh26hpLW3E+vwL6Xs3dvxkEqFSh0i7OuwFvVRSf2YXv0tKtvs4
pjSQ9VZZWZm5DliovFewjRJCF14740Fot5liQztsyCztq6hTXZkVaCBg6GBM6/Z3
qN0gkA4uoZIPRfpGaVLpVMk1LM1VVBYZ0a2XdW3/FUNZfsi30pVPUS8zaLLQ+S62
VEPMVLbJA7n0TFPY0W5pj4I9ZTF9KpgYaPRkMqXl2nIVEW2kZ/EEyIPO/dN6ooO7
j/xKjyvktjZK5dE42wSf5/tVdStrOWPd4nPOEg4g/u/3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:04 2024 by rpki-client on console-fra.rpki-client.org