Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/rScs1tsxHeTmSgzeW40mSNcWp8U.roa
File: rScs1tsxHeTmSgzeW40mSNcWp8U.roa (raw, json)
Hash identifier: tzJxy/3asvWtK4C7GliFEKxURaUZDZVroanoZ8Xa0xk=
Subject key identifier: AD:27:2C:D6:DB:31:1D:E4:E6:4A:0C:DE:5B:8D:26:48:D7:16:A7:C5
Certificate issuer: /CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Certificate serial: 018C196CAC941307773B3C2094B793C1391C
Authority key identifier: 21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/rScs1tsxHeTmSgzeW40mSNcWp8U.roa
Signing time: Wed 29 Nov 2023 04:53:21 +0000
ROA not before: Wed 29 Nov 2023 04:53:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60631
IP address blocks: 62.106.95.0/24 maxlen: 24
45.159.150.0/24 maxlen: 24
45.159.149.0/24 maxlen: 24
146.19.212.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:19:6c:ac:94:13:07:77:3b:3c:20:94:b7:93:c1:39:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215266435617fa0f1fd2837ec80c6d83b0b9d608
Validity
Not Before: Nov 29 04:53:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad272cd6db311de4e64a0cde5b8d2648d716a7c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e5:29:8f:bd:1c:dd:a1:e3:c9:b7:db:f6:99:
db:20:ab:ae:c1:50:e8:5f:92:06:b4:94:42:76:b7:
c3:23:4a:d5:fe:82:f7:8c:d2:2a:1f:c1:16:cf:0b:
42:6b:09:03:a5:8e:61:ad:40:2c:c4:1c:10:86:aa:
4d:c1:7b:6f:d4:c9:ad:7a:50:a8:6b:0e:e4:20:0d:
ee:12:e9:e0:97:cb:fc:a1:2a:68:54:09:35:63:97:
20:41:6e:d6:81:e3:11:48:fa:0c:37:bb:d1:a7:a9:
1c:7a:3a:28:55:7c:13:64:18:3a:83:e5:5f:5e:8a:
d7:cd:e4:25:36:9d:81:39:50:0b:76:4c:a0:53:52:
b8:5b:6a:7d:ad:a2:c6:53:90:c5:07:6b:00:2b:5b:
fc:a7:74:27:33:cc:af:f9:75:b0:87:74:9f:0f:68:
6a:d6:2f:e8:b7:0d:9a:8f:db:59:3a:4a:cd:64:54:
32:60:e1:28:e2:d6:a8:c7:db:73:21:71:99:e1:18:
55:71:d7:2f:72:97:ef:5a:e5:5e:67:44:28:d5:5c:
ac:03:5d:bd:32:c2:22:e3:1e:ae:f8:de:97:1f:b3:
0e:9a:73:eb:4a:5a:58:4f:ec:74:7f:86:dd:66:9f:
be:4c:14:61:a6:53:da:16:7f:ca:1f:31:90:c9:8e:
b5:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:27:2C:D6:DB:31:1D:E4:E6:4A:0C:DE:5B:8D:26:48:D7:16:A7:C5
X509v3 Authority Key Identifier:
keyid:21:52:66:43:56:17:FA:0F:1F:D2:83:7E:C8:0C:6D:83:B0:B9:D6:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVJmQ1YX-g8f0oN-yAxtg7C51gg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/rScs1tsxHeTmSgzeW40mSNcWp8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/c072ae-15d7-42a8-bfc2-bc93ca679e1f/1/IVJmQ1YX-g8f0oN-yAxtg7C51gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.149.0-45.159.150.255
62.106.95.0/24
146.19.212.0/24
Signature Algorithm: sha256WithRSAEncryption
69:9a:18:2a:ed:c6:71:d9:6f:a7:d2:76:eb:a6:b2:bb:e5:db:
e2:bd:b8:88:bb:6a:07:12:16:8d:2a:80:84:12:c1:3a:32:a4:
54:20:01:48:2d:39:cf:f7:08:7f:73:1f:e8:e4:9f:9a:88:2a:
06:c2:b2:b3:70:a8:f7:b3:86:d7:1a:83:58:f4:82:75:b7:57:
63:99:24:53:f2:59:a6:51:e3:e2:5a:0b:72:cc:e3:d1:0b:a9:
2b:78:52:69:aa:9d:24:08:35:3a:54:30:af:50:fe:04:01:80:
3d:52:aa:61:d7:0d:76:d9:40:42:a4:dc:57:42:17:c4:65:44:
5f:3f:e4:fb:c6:d7:d5:fa:1f:22:f3:f9:84:27:99:de:b0:15:
1c:1d:a4:ce:0c:2a:95:5d:d1:ef:bd:c5:03:76:90:11:bf:7f:
c9:c4:af:a4:ae:5e:ba:b4:85:2e:47:a3:a2:f7:58:06:df:a0:
57:38:20:e7:81:5b:c1:f3:aa:2b:58:37:25:26:7a:4c:2b:00:
8f:b7:9a:4a:8a:8e:6b:2f:91:f8:47:e7:bf:28:0e:7b:db:d4:
9d:5b:c6:cb:ee:e2:90:ac:4a:d0:ea:c7:14:a6:24:5a:26:7d:
26:4f:34:45:41:7b:28:82:a4:f2:90:a0:9d:06:27:b0:53:83:
87:c5:69:97
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYwZbKyUEwd3OzwglLeTwTkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNTI2NjQzNTYxN2ZhMGYxZmQyODM3ZWM4MGM2ZDgzYjBi
OWQ2MDgwHhcNMjMxMTI5MDQ1MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDI3MmNkNmRiMzExZGU0ZTY0YTBjZGU1YjhkMjY0OGQ3MTZhN2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOUpj70c3aHjybfb9pnbIKuuwVDo
X5IGtJRCdrfDI0rV/oL3jNIqH8EWzwtCawkDpY5hrUAsxBwQhqpNwXtv1MmtelCo
aw7kIA3uEungl8v8oSpoVAk1Y5cgQW7WgeMRSPoMN7vRp6kcejooVXwTZBg6g+Vf
XorXzeQlNp2BOVALdkygU1K4W2p9raLGU5DFB2sAK1v8p3QnM8yv+XWwh3SfD2hq
1i/otw2aj9tZOkrNZFQyYOEo4taox9tzIXGZ4RhVcdcvcpfvWuVeZ0Qo1VysA129
MsIi4x6u+N6XH7MOmnPrSlpYT+x0f4bdZp++TBRhplPaFn/KHzGQyY614wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFK0nLNbbMR3k5koM3luNJkjXFqfFMB8GA1UdIwQY
MBaAFCFSZkNWF/oPH9KDfsgMbYOwudYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzIt
YmM5M2NhNjc5ZTFmLzEvclNjczF0c3hIZVRtU2d6ZVc0MG1TTmNXcDhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9jMDcyYWUtMTVkNy00MmE4LWJmYzItYmM5M2NhNjc5ZTFm
LzEvSVZKbVExWVgtZzhmMG9OLXlBeHRnN0M1MWdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtn5UD
BAAtn5YDBAA+al8DBACSE9QwDQYJKoZIhvcNAQELBQADggEBAGmaGCrtxnHZb6fS
duumsrvl2+K9uIi7agcSFo0qgIQSwToypFQgAUgtOc/3CH9zH+jkn5qIKgbCsrNw
qPezhtcag1j0gnW3V2OZJFPyWaZR4+JaC3LM49ELqSt4UmmqnSQINTpUMK9Q/gQB
gD1SqmHXDXbZQEKk3FdCF8RlRF8/5PvG19X6HyLz+YQnmd6wFRwdpM4MKpVd0e+9
xQN2kBG/f8nEr6SuXrq0hS5Ho6L3WAbfoFc4IOeBW8HzqitYNyUmekwrAI+3mkqK
jmsvkfhH578oDnvb1J1bxsvu4pCsStDqxxSmJFomfSZPNEVBeyiCpPKQoJ0GJ7BT
g4fFaZc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:16 2024 by rpki-client on console-fra.rpki-client.org