Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/B2PlGkKXCxqNkZ3_9l21NKSCLzo.roa
File: B2PlGkKXCxqNkZ3_9l21NKSCLzo.roa (raw, json)
Hash identifier: zzq6ajYeCP+lnq1NBq5qs0/rlRvIN4QJnYfR30ykTTg=
Subject key identifier: 07:63:E5:1A:42:97:0B:1A:8D:91:9D:FF:F6:5D:B5:34:A4:82:2F:3A
Certificate issuer: /CN=3f230752f3ba0026fbb20c5e4c963b1129ac9d34
Certificate serial: 93522E
Authority key identifier: 3F:23:07:52:F3:BA:00:26:FB:B2:0C:5E:4C:96:3B:11:29:AC:9D:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PyMHUvO6ACb7sgxeTJY7ESmsnTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/B2PlGkKXCxqNkZ3_9l21NKSCLzo.roa
Signing time: Sat 01 Jan 2022 03:02:47 +0000
ROA not before: Sat 01 Jan 2022 03:02:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39305
IP address blocks: 91.211.64.0/22 maxlen: 22
62.106.73.0/24 maxlen: 24
2a0c:7140::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9654830 (0x93522e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f230752f3ba0026fbb20c5e4c963b1129ac9d34
Validity
Not Before: Jan 1 03:02:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0763e51a42970b1a8d919dfff65db534a4822f3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b6:36:80:1c:cf:b9:82:11:0d:18:fe:aa:43:
92:1e:28:02:55:5d:38:55:59:2b:fa:d4:54:63:4d:
13:9c:9d:11:34:4c:b4:a4:43:81:c0:a2:43:71:08:
26:fa:76:27:14:08:bb:59:a7:bf:c6:e7:20:92:77:
a2:18:bf:78:97:16:6e:0a:e9:62:11:5b:fb:07:d7:
c4:da:71:61:6f:03:8b:05:0b:cd:5e:45:72:73:09:
75:5a:40:6c:dc:1f:4f:1f:60:5b:45:cf:28:9a:4d:
e7:7d:eb:69:bb:f1:0f:77:f8:7c:19:5a:bf:4e:2b:
47:5d:58:3c:a2:63:7c:61:dd:da:c7:89:98:7e:a3:
1c:86:18:78:96:ea:78:79:8f:2a:bb:88:78:e0:f0:
2e:31:79:99:e6:53:a4:cb:39:f6:14:6f:3f:22:f3:
29:ab:40:8f:4a:63:f0:92:ea:26:fa:40:9d:6d:28:
ab:e0:0e:64:71:43:a5:7a:0a:e2:6e:99:bf:21:77:
bc:e5:ef:6d:16:91:ea:ee:29:7c:f5:49:88:15:7a:
13:4c:34:35:eb:72:c2:21:65:86:9e:bc:28:24:e1:
3a:8f:9b:fe:45:9c:f8:ee:a3:ee:ea:bb:22:93:c9:
06:37:e9:85:c8:b8:b4:8a:5a:80:37:68:23:b1:53:
c1:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:63:E5:1A:42:97:0B:1A:8D:91:9D:FF:F6:5D:B5:34:A4:82:2F:3A
X509v3 Authority Key Identifier:
keyid:3F:23:07:52:F3:BA:00:26:FB:B2:0C:5E:4C:96:3B:11:29:AC:9D:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PyMHUvO6ACb7sgxeTJY7ESmsnTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/B2PlGkKXCxqNkZ3_9l21NKSCLzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/51f9a1-4368-4568-b029-dd22530e15a4/1/PyMHUvO6ACb7sgxeTJY7ESmsnTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.106.73.0/24
91.211.64.0/22
IPv6:
2a0c:7140::/29
Signature Algorithm: sha256WithRSAEncryption
49:73:62:34:dd:28:66:ac:30:43:9e:63:1b:c6:4d:91:2a:4a:
8e:9f:e9:1d:80:45:60:00:c9:9d:84:9d:9c:75:97:d8:ce:51:
47:b5:2d:57:9f:92:69:27:11:4b:a2:bd:32:f9:de:8d:e2:fe:
a9:5f:07:c8:d8:97:b5:e9:ba:b6:72:9f:06:cd:38:d1:5f:44:
f5:ed:55:68:4e:ec:cf:0b:ae:05:65:a1:df:e1:32:2d:93:2f:
df:50:69:71:7e:1f:38:61:7b:25:7f:ce:e6:bd:1e:22:64:81:
09:34:38:c2:61:0d:4a:52:a1:57:8b:31:56:ca:95:6a:ea:43:
dc:ac:1f:a8:1c:e5:bc:69:4f:85:59:ff:d7:b4:d6:2f:b5:de:
a6:81:c8:2a:a2:02:0f:64:aa:2c:92:eb:c5:78:45:55:6f:72:
37:b3:29:63:0b:2e:69:de:52:99:b3:af:6e:59:2c:81:e6:01:
81:07:5e:14:ad:42:97:a4:18:56:2d:f7:28:3b:58:a4:8b:1d:
da:e3:c3:09:79:ad:b1:ec:72:49:b1:61:4b:0c:a0:f6:ba:76:
e5:3c:e4:9b:24:c3:0a:47:fd:c1:77:71:93:85:c9:a6:5b:d0:
16:c2:7c:a4:29:03:0f:05:13:3e:e9:6f:1b:d2:74:d2:58:6a:
84:30:18:b0
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAJNSLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZjIzMDc1MmYzYmEwMDI2ZmJiMjBjNWU0Yzk2M2IxMTI5YWM5ZDM0MB4XDTIyMDEw
MTAzMDI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDc2M2U1MWE0Mjk3
MGIxYThkOTE5ZGZmZjY1ZGI1MzRhNDgyMmYzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI62NoAcz7mCEQ0Y/qpDkh4oAlVdOFVZK/rUVGNNE5ydETRM
tKRDgcCiQ3EIJvp2JxQIu1mnv8bnIJJ3ohi/eJcWbgrpYhFb+wfXxNpxYW8DiwUL
zV5FcnMJdVpAbNwfTx9gW0XPKJpN533rabvxD3f4fBlav04rR11YPKJjfGHd2seJ
mH6jHIYYeJbqeHmPKruIeODwLjF5meZTpMs59hRvPyLzKatAj0pj8JLqJvpAnW0o
q+AOZHFDpXoK4m6ZvyF3vOXvbRaR6u4pfPVJiBV6E0w0NetywiFlhp68KCThOo+b
/kWc+O6j7uq7IpPJBjfphci4tIpagDdoI7FTwWkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQHY+UaQpcLGo2Rnf/2XbU0pIIvOjAfBgNVHSMEGDAWgBQ/IwdS87oAJvuy
DF5MljsRKaydNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1B5TUhVdk82QUNiN3NneGVUSlk3RVNtc25UUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvNTFmOWExLTQzNjgtNDU2OC1iMDI5LWRkMjI1MzBlMTVhNC8x
L0IyUGxHa0tYQ3hxTmtaM185bDIxTktTQ0x6by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
NTFmOWExLTQzNjgtNDU2OC1iMDI5LWRkMjI1MzBlMTVhNC8xL1B5TUhVdk82QUNi
N3NneGVUSlk3RVNtc25UUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAD5qSQMEAlvTQDANBAIAAjAHAwUD
KgxxQDANBgkqhkiG9w0BAQsFAAOCAQEASXNiNN0oZqwwQ55jG8ZNkSpKjp/pHYBF
YADJnYSdnHWX2M5RR7UtV5+SaScRS6K9MvnejeL+qV8HyNiXtem6tnKfBs040V9E
9e1VaE7szwuuBWWh3+EyLZMv31BpcX4fOGF7JX/O5r0eImSBCTQ4wmENSlKhV4sx
VsqVaupD3KwfqBzlvGlPhVn/17TWL7XepoHIKqICD2SqLJLrxXhFVW9yN7MpYwsu
ad5SmbOvblksgeYBgQdeFK1Cl6QYVi33KDtYpIsd2uPDCXmtsexySbFhSwyg9rp2
5TzkmyTDCkf9wXdxk4XJplvQFsJ8pCkDDwUTPulvG9J00lhqhDAYsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:02 2024 by rpki-client on console-ams.rpki-client.org