Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/ecde3e-1fcf-4531-b0f9-24e7e6ada1e2/1/dgkPwiAKUU4ROxubrsui_YRBAIg.roa
File: dgkPwiAKUU4ROxubrsui_YRBAIg.roa (raw, json)
Hash identifier: +sw7zRiMe95MnqBDRwnQjwBZg8iQwrBst0MEM1Or/pA=
Subject key identifier: 76:09:0F:C2:20:0A:51:4E:11:3B:1B:9B:AE:CB:A2:FD:84:41:00:88
Certificate issuer: /CN=c441ae2612d2527167c83f7afc16f5e674d88b0f
Certificate serial: 018CC56E41718169FEA3821A4250C4AE263F
Authority key identifier: C4:41:AE:26:12:D2:52:71:67:C8:3F:7A:FC:16:F5:E6:74:D8:8B:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xEGuJhLSUnFnyD96_Bb15nTYiw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/ecde3e-1fcf-4531-b0f9-24e7e6ada1e2/1/dgkPwiAKUU4ROxubrsui_YRBAIg.roa
Signing time: Mon 01 Jan 2024 14:29:46 +0000
ROA not before: Mon 01 Jan 2024 14:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60023
IP address blocks: 185.62.52.0/22 maxlen: 22
212.102.104.0/24 maxlen: 24
2a0b:d180::/29 maxlen: 29
2a04:ef40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:41:71:81:69:fe:a3:82:1a:42:50:c4:ae:26:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c441ae2612d2527167c83f7afc16f5e674d88b0f
Validity
Not Before: Jan 1 14:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76090fc2200a514e113b1b9baecba2fd84410088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:20:3a:80:b2:4d:c5:b6:46:2b:95:bd:6c:ab:
f7:43:9c:76:fa:48:cd:42:7e:2b:db:d1:35:83:93:
51:33:71:6c:f8:02:41:f0:a9:92:84:ef:c9:25:83:
17:df:68:81:98:aa:97:52:ed:fd:51:ce:0e:96:2c:
ff:e7:0e:7f:63:1e:e2:5b:05:12:aa:72:d6:26:ba:
e8:d9:c0:60:8b:14:23:2a:bf:3f:64:38:d6:0b:98:
56:1c:bd:32:10:b4:7b:05:d9:46:70:fd:6a:2d:5e:
e1:33:ca:ea:c4:9d:13:44:86:ab:09:a1:a9:d1:2b:
2a:ea:33:ab:e0:7d:14:0a:bc:82:84:db:a2:3c:f7:
fc:ff:a5:5a:9d:6f:c0:66:a8:fc:dc:52:a4:96:11:
83:f5:a0:b2:eb:da:09:5f:dc:24:0c:41:26:aa:ff:
b2:be:9a:ba:44:0a:32:59:f8:49:ca:92:12:d8:64:
1d:fb:59:23:c7:a8:92:b0:f5:37:fe:c5:e4:de:65:
f3:42:fa:04:13:d2:df:7d:cd:31:94:5c:1c:b0:6d:
61:5c:f7:69:e8:8d:c9:f2:4e:ef:2e:b6:22:5a:c0:
8a:e8:0a:a8:86:86:d8:69:c9:0d:7e:e1:0f:15:5d:
e5:aa:13:19:a5:a5:09:ea:0a:06:c7:e1:bd:aa:d3:
5e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:09:0F:C2:20:0A:51:4E:11:3B:1B:9B:AE:CB:A2:FD:84:41:00:88
X509v3 Authority Key Identifier:
keyid:C4:41:AE:26:12:D2:52:71:67:C8:3F:7A:FC:16:F5:E6:74:D8:8B:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xEGuJhLSUnFnyD96_Bb15nTYiw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/ecde3e-1fcf-4531-b0f9-24e7e6ada1e2/1/dgkPwiAKUU4ROxubrsui_YRBAIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/ecde3e-1fcf-4531-b0f9-24e7e6ada1e2/1/xEGuJhLSUnFnyD96_Bb15nTYiw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.62.52.0/22
212.102.104.0/24
IPv6:
2a04:ef40::/29
2a0b:d180::/29
Signature Algorithm: sha256WithRSAEncryption
75:fa:c7:b9:b8:3f:ee:9c:43:86:9d:0a:41:f5:5d:44:b2:9a:
3e:4e:62:3a:d2:49:ba:ce:d3:28:44:93:15:5f:be:1a:42:95:
56:49:1a:bb:13:0e:6b:49:8d:88:68:95:6d:c7:f4:c4:30:4c:
58:44:78:2b:c9:f0:c4:dc:3e:1c:70:72:ca:35:8b:18:21:fd:
15:b9:73:7d:af:82:7d:e2:57:c9:66:b2:a6:0c:cd:3b:fb:11:
ed:05:6a:22:8a:a7:f9:77:19:4a:d8:bf:89:54:24:53:b6:96:
23:9b:cb:14:0b:6e:52:e9:07:9d:23:27:c2:cb:6e:e3:eb:61:
c2:88:d5:2f:7d:43:b1:13:57:a8:3e:0c:f7:cd:44:f6:89:68:
5a:15:8d:ef:4e:89:59:a5:76:a9:f5:65:8d:c0:fa:2b:ec:4e:
41:39:a7:1a:25:d7:9f:f5:ed:92:76:eb:22:8a:41:ff:ed:9b:
60:0b:6c:41:6f:96:d8:66:78:e8:83:f5:f9:bb:95:a4:03:ae:
53:50:72:72:8b:0c:b3:ca:ae:2b:cf:0b:81:1a:a3:7e:aa:ed:
7f:d7:0f:5b:70:55:ce:a3:84:75:5d:8e:98:67:8b:76:08:e3:
39:1e:45:65:42:1c:1a:c0:6b:e3:bf:fb:b2:fe:5b:5e:2e:a2:
b9:93:60:a1
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzFbkFxgWn+o4IaQlDEriY/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NDFhZTI2MTJkMjUyNzE2N2M4M2Y3YWZjMTZmNWU2NzRk
ODhiMGYwHhcNMjQwMTAxMTQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjA5MGZjMjIwMGE1MTRlMTEzYjFiOWJhZWNiYTJmZDg0NDEwMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSA6gLJNxbZGK5W9bKv3Q5x2+kjN
Qn4r29E1g5NRM3Fs+AJB8KmShO/JJYMX32iBmKqXUu39Uc4Oliz/5w5/Yx7iWwUS
qnLWJrro2cBgixQjKr8/ZDjWC5hWHL0yELR7BdlGcP1qLV7hM8rqxJ0TRIarCaGp
0Ssq6jOr4H0UCryChNuiPPf8/6VanW/AZqj83FKklhGD9aCy69oJX9wkDEEmqv+y
vpq6RAoyWfhJypIS2GQd+1kjx6iSsPU3/sXk3mXzQvoEE9Lffc0xlFwcsG1hXPdp
6I3J8k7vLrYiWsCK6AqohobYackNfuEPFV3lqhMZpaUJ6goGx+G9qtNeWQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHYJD8IgClFOETsbm67Lov2EQQCIMB8GA1UdIwQY
MBaAFMRBriYS0lJxZ8g/evwW9eZ02IsPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEVHdUpoTFNVbkZueUQ5Nl9CYjE1blRZaXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9lY2RlM2UtMWZjZi00NTMxLWIwZjkt
MjRlN2U2YWRhMWUyLzEvZGdrUHdpQUtVVTRST3h1YnJzdWlfWVJCQUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9lY2RlM2UtMWZjZi00NTMxLWIwZjktMjRlN2U2YWRhMWUy
LzEveEVHdUpoTFNVbkZueUQ5Nl9CYjE1blRZaXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuT40AwQA
1GZoMBQEAgACMA4DBQMqBO9AAwUDKgvRgDANBgkqhkiG9w0BAQsFAAOCAQEAdfrH
ubg/7pxDhp0KQfVdRLKaPk5iOtJJus7TKESTFV++GkKVVkkauxMOa0mNiGiVbcf0
xDBMWER4K8nwxNw+HHByyjWLGCH9Fblzfa+CfeJXyWaypgzNO/sR7QVqIoqn+XcZ
Sti/iVQkU7aWI5vLFAtuUukHnSMnwstu4+thwojVL31DsRNXqD4M981E9oloWhWN
706JWaV2qfVljcD6K+xOQTmnGiXXn/XtknbrIopB/+2bYAtsQW+W2GZ46IP1+buV
pAOuU1BycosMs8quK88LgRqjfqrtf9cPW3BVzqOEdV2OmGeLdgjjOR5FZUIcGsBr
47/7sv5bXi6iuZNgoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:44 2024 by rpki-client on console-ams.rpki-client.org