Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/ecde3e-1fcf-4531-b0f9-24e7e6ada1e2/1/n3M3Qv4QFUQdK-k7fY3_FEMx6bw.roa
File: n3M3Qv4QFUQdK-k7fY3_FEMx6bw.roa (raw, json)
Hash identifier: YDtc4CBNk0tUvHObLL8P6lvwgtnFLD0XxHmm2KZ4nBg=
Subject key identifier: 9F:73:37:42:FE:10:15:44:1D:2B:E9:3B:7D:8D:FF:14:43:31:E9:BC
Certificate issuer: /CN=c441ae2612d2527167c83f7afc16f5e674d88b0f
Certificate serial: 01856BE58439775D328D3CBAED7A3C6DF5F0
Authority key identifier: C4:41:AE:26:12:D2:52:71:67:C8:3F:7A:FC:16:F5:E6:74:D8:8B:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xEGuJhLSUnFnyD96_Bb15nTYiw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/ecde3e-1fcf-4531-b0f9-24e7e6ada1e2/1/n3M3Qv4QFUQdK-k7fY3_FEMx6bw.roa
Signing time: Sun 01 Jan 2023 05:54:41 +0000
ROA not before: Sun 01 Jan 2023 05:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60023
IP address blocks: 185.62.52.0/22 maxlen: 22
212.102.104.0/24 maxlen: 24
2a0b:d180::/29 maxlen: 29
2a04:ef40::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:84:39:77:5d:32:8d:3c:ba:ed:7a:3c:6d:f5:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c441ae2612d2527167c83f7afc16f5e674d88b0f
Validity
Not Before: Jan 1 05:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f733742fe1015441d2be93b7d8dff144331e9bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:44:a3:7a:67:7e:58:0c:68:15:0a:9f:61:70:
e0:b2:47:0c:e7:bc:39:a3:4b:68:8f:30:79:f0:4c:
e4:4b:8c:e9:58:6a:04:aa:ed:ce:ec:ec:c6:40:68:
bd:73:01:38:ea:f0:e9:b3:0d:41:ca:5e:1f:fa:e9:
f4:b7:a5:a9:60:1b:ce:a6:e3:0e:81:67:da:c5:24:
81:bc:28:52:22:6a:b3:f3:c7:a1:05:aa:63:f0:fe:
cb:b6:b5:6c:c6:19:95:1c:1c:92:ed:eb:f9:f6:1d:
71:ab:a7:00:8f:93:42:2e:1a:c6:88:c6:ea:c9:20:
e5:15:c3:05:7a:8f:e4:b2:0b:b2:43:49:23:95:06:
a9:f2:38:be:dd:b4:c1:58:9c:09:fe:30:96:ad:99:
cd:6f:3b:e5:11:dd:07:1e:65:ed:d3:1e:21:58:9f:
67:8e:b1:52:33:5a:e3:09:02:4b:70:26:e5:fb:a6:
64:f5:31:1d:3f:40:5a:67:ef:6e:59:13:48:39:15:
db:44:15:a8:22:f3:4f:16:f8:30:1a:56:ca:56:7e:
b4:9c:cd:4f:7b:32:39:41:96:2e:e6:49:45:7d:80:
4f:f3:50:38:30:65:fb:84:30:39:c3:26:5c:4c:e8:
16:e1:14:96:0f:9c:d7:25:61:b3:f8:ed:52:88:5e:
a3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:73:37:42:FE:10:15:44:1D:2B:E9:3B:7D:8D:FF:14:43:31:E9:BC
X509v3 Authority Key Identifier:
keyid:C4:41:AE:26:12:D2:52:71:67:C8:3F:7A:FC:16:F5:E6:74:D8:8B:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xEGuJhLSUnFnyD96_Bb15nTYiw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/ecde3e-1fcf-4531-b0f9-24e7e6ada1e2/1/n3M3Qv4QFUQdK-k7fY3_FEMx6bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/ecde3e-1fcf-4531-b0f9-24e7e6ada1e2/1/xEGuJhLSUnFnyD96_Bb15nTYiw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.62.52.0/22
212.102.104.0/24
IPv6:
2a04:ef40::/29
2a0b:d180::/29
Signature Algorithm: sha256WithRSAEncryption
73:b7:16:a2:50:cb:95:37:c8:b3:30:70:0f:73:62:95:ea:1a:
fd:8e:14:61:af:c1:7d:02:62:d5:2d:7f:18:62:07:61:73:12:
7a:fb:43:ab:35:a1:ac:62:c2:be:09:66:45:64:ae:39:0a:c3:
a5:cb:94:37:b9:27:7b:d8:73:9b:d0:71:d4:51:d6:a5:f5:32:
ef:43:99:13:08:a8:74:14:c4:c4:58:ba:aa:2f:ad:cf:2b:fd:
ae:2b:08:bc:6a:49:87:dc:fa:8a:d7:50:50:67:7e:5d:40:c4:
be:38:05:e1:46:6b:ee:33:5f:94:3b:88:e9:12:bf:b7:71:59:
62:59:6b:9d:0b:09:f9:5d:9b:15:ff:40:f3:48:2a:9c:94:a9:
c7:5d:02:6b:e7:e0:f4:d3:21:c6:40:01:b3:64:cf:d2:a2:60:
1b:ab:cf:f7:35:f5:17:94:d6:a6:b2:a0:91:a8:f2:a7:ee:49:
c1:d0:ed:9d:26:55:67:4d:ed:43:28:0a:31:14:53:5a:84:89:
7b:91:21:82:ec:07:2d:73:4c:63:74:d1:b6:f0:3c:c0:42:26:
04:b2:b5:dc:c3:3f:18:05:fb:de:49:a2:a1:94:1c:c5:96:1f:
c4:5e:af:df:52:aa:aa:1c:09:b7:fd:00:bd:e4:73:ca:ec:3b:
4a:63:37:4e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVr5YQ5d10yjTy67Xo8bfXwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NDFhZTI2MTJkMjUyNzE2N2M4M2Y3YWZjMTZmNWU2NzRk
ODhiMGYwHhcNMjMwMTAxMDU1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjczMzc0MmZlMTAxNTQ0MWQyYmU5M2I3ZDhkZmYxNDQzMzFlOWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuESjemd+WAxoFQqfYXDgskcM57w5
o0tojzB58EzkS4zpWGoEqu3O7OzGQGi9cwE46vDpsw1Byl4f+un0t6WpYBvOpuMO
gWfaxSSBvChSImqz88ehBapj8P7LtrVsxhmVHByS7ev59h1xq6cAj5NCLhrGiMbq
ySDlFcMFeo/ksguyQ0kjlQap8ji+3bTBWJwJ/jCWrZnNbzvlEd0HHmXt0x4hWJ9n
jrFSM1rjCQJLcCbl+6Zk9TEdP0BaZ+9uWRNIORXbRBWoIvNPFvgwGlbKVn60nM1P
ezI5QZYu5klFfYBP81A4MGX7hDA5wyZcTOgW4RSWD5zXJWGz+O1SiF6jfQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJ9zN0L+EBVEHSvpO32N/xRDMem8MB8GA1UdIwQY
MBaAFMRBriYS0lJxZ8g/evwW9eZ02IsPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEVHdUpoTFNVbkZueUQ5Nl9CYjE1blRZaXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9lY2RlM2UtMWZjZi00NTMxLWIwZjkt
MjRlN2U2YWRhMWUyLzEvbjNNM1F2NFFGVVFkSy1rN2ZZM19GRU14NmJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9lY2RlM2UtMWZjZi00NTMxLWIwZjktMjRlN2U2YWRhMWUy
LzEveEVHdUpoTFNVbkZueUQ5Nl9CYjE1blRZaXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuT40AwQA
1GZoMBQEAgACMA4DBQMqBO9AAwUDKgvRgDANBgkqhkiG9w0BAQsFAAOCAQEAc7cW
olDLlTfIszBwD3Nileoa/Y4UYa/BfQJi1S1/GGIHYXMSevtDqzWhrGLCvglmRWSu
OQrDpcuUN7kne9hzm9Bx1FHWpfUy70OZEwiodBTExFi6qi+tzyv9risIvGpJh9z6
itdQUGd+XUDEvjgF4UZr7jNflDuI6RK/t3FZYllrnQsJ+V2bFf9A80gqnJSpx10C
a+fg9NMhxkABs2TP0qJgG6vP9zX1F5TWprKgkajyp+5JwdDtnSZVZ03tQygKMRRT
WoSJe5EhguwHLXNMY3TRtvA8wEImBLK13MM/GAX73kmioZQcxZYfxF6v31KqqhwJ
t/0AveRzyuw7SmM3Tg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:19 2024 by rpki-client on console-fra.rpki-client.org