Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/wNR0nR1ZzRrGAvw2RWAN3LLxW1E.roa
File: wNR0nR1ZzRrGAvw2RWAN3LLxW1E.roa (raw, json)
Hash identifier: LQvKDse6h7ApPDCHaIhSp1xLq0kn4U19iZ0k2LTpncw=
Subject key identifier: C0:D4:74:9D:1D:59:CD:1A:C6:02:FC:36:45:60:0D:DC:B2:F1:5B:51
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 018455E9B456E38D8ED33F59234F45421AD5
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/wNR0nR1ZzRrGAvw2RWAN3LLxW1E.roa
Signing time: Tue 08 Nov 2022 06:24:50 +0000
ROA not before: Tue 08 Nov 2022 06:24:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 142430
IP address blocks: 62.182.173.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:55:e9:b4:56:e3:8d:8e:d3:3f:59:23:4f:45:42:1a:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Nov 8 06:24:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c0d4749d1d59cd1ac602fc3645600ddcb2f15b51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:38:d2:b0:7d:28:7e:86:78:01:67:66:9d:d6:
7b:02:53:09:e7:4d:37:58:e6:5a:12:80:0e:36:1c:
bf:a7:8d:da:9c:30:e7:50:a9:f0:00:6e:fa:e6:de:
a7:4c:67:b2:22:aa:29:c5:3d:2b:b7:85:0c:96:3c:
a9:e8:9b:f5:a3:b9:98:ad:80:cb:41:5e:33:bb:a1:
a2:9f:e4:45:7f:cf:5d:eb:5c:5e:3b:cb:d5:43:9d:
26:bf:67:2f:7d:c3:6a:cc:ab:e4:b9:e5:d7:a9:fa:
37:b9:1c:59:32:da:4f:99:01:ba:e9:74:6a:06:52:
b0:eb:4b:d9:67:d1:31:2f:6e:73:8f:dd:fc:c1:49:
f0:5a:71:f1:53:e6:2a:b0:d0:60:dc:17:60:b1:73:
dc:99:82:60:f2:c3:fb:fe:9a:8c:96:77:ab:e1:86:
49:73:5e:42:7a:cf:5a:cf:fa:c6:1b:96:5e:c9:5d:
4a:3d:6b:ad:6a:90:2f:5d:30:cc:74:a3:6d:70:7b:
39:a3:78:d6:9b:e0:67:ac:dc:40:6b:ea:45:14:5a:
40:85:f6:0e:e8:8f:2f:48:4e:a5:35:76:4a:a3:bd:
5f:90:0f:4e:f1:35:15:bd:ad:9e:9a:13:ae:a9:2a:
4d:7b:5e:51:65:50:72:3d:ac:88:96:77:a6:26:37:
b3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:D4:74:9D:1D:59:CD:1A:C6:02:FC:36:45:60:0D:DC:B2:F1:5B:51
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/wNR0nR1ZzRrGAvw2RWAN3LLxW1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.173.0/24
Signature Algorithm: sha256WithRSAEncryption
96:b3:f4:ad:d8:d9:01:37:52:c8:73:0c:cb:02:07:f0:2d:da:
dd:90:ec:15:c3:c6:4e:72:d3:6b:32:0d:c1:fb:67:d9:20:b9:
c6:a3:2b:46:4c:64:c1:92:36:1d:de:13:14:26:9b:44:e3:92:
15:ca:39:06:60:15:f3:2d:fb:71:ae:c5:95:08:c0:7d:fb:67:
ae:14:bd:e8:f5:7a:6c:c7:4d:e9:8a:ff:70:6a:c4:71:a0:41:
12:58:5d:bd:ff:b4:f1:d0:f9:1c:7a:f6:c0:32:83:6f:d6:60:
ec:7d:ed:24:3d:9c:49:ce:6a:d9:49:d5:8c:33:97:c8:79:fd:
76:60:e7:05:a3:54:2e:fd:d7:97:ee:1f:4b:a0:15:13:1c:46:
f3:a9:16:20:f7:30:17:71:cc:8f:cb:b1:78:16:80:eb:b5:b6:
c3:b9:34:de:13:e0:80:04:11:2b:ca:37:ab:03:8e:1e:20:40:
35:a7:dd:b8:78:76:a2:14:18:38:8c:3c:0c:df:cb:76:1a:12:
0d:c9:57:2d:dc:32:88:88:cb:9c:3f:8c:20:d8:a0:5b:5a:41:
d4:b9:b7:c8:4a:37:93:88:87:30:98:93:88:3d:61:ee:9e:60:
56:03:59:bf:5e:1b:e6:cb:7a:7a:c7:ff:28:c8:a1:98:b0:0b:
7c:bb:67:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRV6bRW442O0z9ZI09FQhrVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjIxMTA4MDYyNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGQ0NzQ5ZDFkNTljZDFhYzYwMmZjMzY0NTYwMGRkY2IyZjE1YjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDjSsH0ofoZ4AWdmndZ7AlMJ5003
WOZaEoAONhy/p43anDDnUKnwAG765t6nTGeyIqopxT0rt4UMljyp6Jv1o7mYrYDL
QV4zu6Gin+RFf89d61xeO8vVQ50mv2cvfcNqzKvkueXXqfo3uRxZMtpPmQG66XRq
BlKw60vZZ9ExL25zj938wUnwWnHxU+YqsNBg3BdgsXPcmYJg8sP7/pqMlner4YZJ
c15Ces9az/rGG5ZeyV1KPWutapAvXTDMdKNtcHs5o3jWm+BnrNxAa+pFFFpAhfYO
6I8vSE6lNXZKo71fkA9O8TUVva2emhOuqSpNe15RZVByPayIlnemJjez+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMDUdJ0dWc0axgL8NkVgDdyy8VtRMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvd05SMG5SMVp6UnJHQXZ3MlJXQU4zTEx4VzFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPratMA0G
CSqGSIb3DQEBCwUAA4IBAQCWs/St2NkBN1LIcwzLAgfwLdrdkOwVw8ZOctNrMg3B
+2fZILnGoytGTGTBkjYd3hMUJptE45IVyjkGYBXzLftxrsWVCMB9+2euFL3o9Xps
x03piv9wasRxoEESWF29/7Tx0PkcevbAMoNv1mDsfe0kPZxJzmrZSdWMM5fIef12
YOcFo1Qu/deX7h9LoBUTHEbzqRYg9zAXccyPy7F4FoDrtbbDuTTeE+CABBEryjer
A44eIEA1p924eHaiFBg4jDwM38t2GhINyVct3DKIiMucP4wg2KBbWkHUubfISjeT
iIcwmJOIPWHunmBWA1m/Xhvmy3p6x/8oyKGYsAt8u2dx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:30 2025 by rpki-client