Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/os2CLD6HDPo2woNO4_iUDvTLozs.roa
File: os2CLD6HDPo2woNO4_iUDvTLozs.roa (raw, json)
Hash identifier: +F5B3zA5qVkFP0QyNycwijB/RbMY3g1YS6oinGkwUv0=
Subject key identifier: A2:CD:82:2C:3E:87:0C:FA:36:C2:83:4E:E3:F8:94:0E:F4:CB:A3:3B
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 2FB86BA7
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/os2CLD6HDPo2woNO4_iUDvTLozs.roa
Signing time: Sat 01 Jan 2022 10:04:49 +0000
ROA not before: Sat 01 Jan 2022 10:04:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14616
IP address blocks: 62.41.66.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 800615335 (0x2fb86ba7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 1 10:04:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2cd822c3e870cfa36c2834ee3f8940ef4cba33b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:96:3d:ae:62:3b:a5:16:f5:4b:68:e7:23:f6:
72:91:3e:9f:5a:8e:d1:8f:67:11:a5:44:be:ee:ff:
04:c5:74:90:c8:71:56:39:05:29:49:7b:14:0b:50:
1d:70:a1:80:d6:2a:8d:64:8d:0b:ba:ae:a3:9f:21:
f6:f6:4f:6c:20:c8:e2:d2:95:4d:f3:93:d4:71:f8:
ea:bf:70:ae:71:4e:90:f1:83:73:b6:14:22:4f:8a:
f7:1b:00:6e:45:f2:32:ed:ee:34:70:e1:bb:7e:e8:
18:f1:59:11:90:d1:19:ca:37:7b:9b:ee:e7:73:8c:
54:28:44:85:19:7f:cc:a5:2f:72:68:72:60:d3:4a:
57:05:2f:c3:7f:52:53:d2:c6:4f:67:f7:51:c4:31:
95:1f:e7:e1:42:23:80:6f:72:7c:c2:4f:36:cd:c5:
bd:f0:f3:31:37:4e:db:fc:18:8c:14:2c:af:ae:28:
b0:0c:43:0b:9e:a6:4f:e4:e2:c3:d1:7f:fb:52:b1:
70:d4:4c:a4:b5:67:fb:4f:84:00:66:05:be:25:b2:
81:a4:4c:53:1e:24:ec:13:b4:b3:da:8d:a8:ce:15:
f6:86:59:1b:d0:75:18:38:3c:67:13:9e:51:a2:e0:
38:54:9d:b4:87:f6:87:2d:35:9d:c4:c9:2d:76:5c:
7b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:CD:82:2C:3E:87:0C:FA:36:C2:83:4E:E3:F8:94:0E:F4:CB:A3:3B
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/os2CLD6HDPo2woNO4_iUDvTLozs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.41.66.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:0f:52:e7:7f:a1:fa:49:f9:04:7c:51:f3:f4:d8:d0:8f:b3:
3b:d4:17:0f:b2:21:2f:b1:a8:16:fe:80:9c:1b:ce:42:4c:1d:
20:36:4e:d5:54:08:8c:38:d9:d0:85:ff:5f:9f:7b:c7:b1:ca:
cd:f5:f1:b3:f3:19:27:df:bc:31:cd:b7:2b:98:0a:a2:cd:0f:
7f:63:b6:2b:d9:80:84:68:fc:67:4d:cd:3c:fb:2f:dc:ed:ca:
f8:15:d2:21:20:6f:e6:fd:5c:44:05:bb:dd:35:d7:2a:dd:bc:
b6:88:42:5b:1d:89:6c:73:12:6a:4b:a6:9b:1b:b0:a1:f9:26:
f9:6d:7c:ea:d9:99:87:7e:1b:9a:87:20:31:46:78:08:47:cf:
d4:0f:78:56:6a:b2:fe:86:28:cf:1b:87:8a:c2:81:b2:c8:c9:
18:93:56:01:b2:6b:50:a7:f9:1e:54:f9:be:25:bc:10:ea:37:
d0:df:89:88:ec:d1:9d:d3:ec:9f:02:a3:06:38:f8:41:3e:d0:
a6:6e:79:35:86:53:88:65:00:d6:97:20:b7:0d:7b:6f:1a:b3:
2d:50:dc:7a:d6:7f:60:16:08:d4:7c:ad:32:b8:41:12:0e:9e:
11:d3:98:27:55:ed:a4:63:96:0b:23:05:66:75:6f:7d:d3:4e:
5a:e3:24:d8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEL7hrpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mzk4MDYwZjFiZjIyZjA5OTljYjA3MWIxYjQyNjk2ZGJjNDNlMTBjMB4XDTIyMDEw
MTEwMDQ0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTJjZDgyMmMzZTg3
MGNmYTM2YzI4MzRlZTNmODk0MGVmNGNiYTMzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKCWPa5iO6UW9Uto5yP2cpE+n1qO0Y9nEaVEvu7/BMV0kMhx
VjkFKUl7FAtQHXChgNYqjWSNC7quo58h9vZPbCDI4tKVTfOT1HH46r9wrnFOkPGD
c7YUIk+K9xsAbkXyMu3uNHDhu37oGPFZEZDRGco3e5vu53OMVChEhRl/zKUvcmhy
YNNKVwUvw39SU9LGT2f3UcQxlR/n4UIjgG9yfMJPNs3FvfDzMTdO2/wYjBQsr64o
sAxDC56mT+Tiw9F/+1KxcNRMpLVn+0+EAGYFviWygaRMUx4k7BO0s9qNqM4V9oZZ
G9B1GDg8ZxOeUaLgOFSdtIf2hy01ncTJLXZce48CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSizYIsPocM+jbCg07j+JQO9MujOzAfBgNVHSMEGDAWgBTDmAYPG/IvCZnL
BxsbQmltvEPhDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3c1Z0dEeHZ5THdtWnl3Y2JHMEpwYmJ4RDRRdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvM2JmYzMxLWRjMzItNDU0MS04NDYwLWM5MjdiOGMyYzdjNC8x
L29zMkNMRDZIRFBvMndvTk80X2lVRHZUTG96cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
M2JmYzMxLWRjMzItNDU0MS04NDYwLWM5MjdiOGMyYzdjNC8xL3c1Z0dEeHZ5THdt
Wnl3Y2JHMEpwYmJ4RDRRdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAT4pQjANBgkqhkiG9w0BAQsFAAOC
AQEAaw9S53+h+kn5BHxR8/TY0I+zO9QXD7IhL7GoFv6AnBvOQkwdIDZO1VQIjDjZ
0IX/X597x7HKzfXxs/MZJ9+8Mc23K5gKos0Pf2O2K9mAhGj8Z03NPPsv3O3K+BXS
ISBv5v1cRAW73TXXKt28tohCWx2JbHMSakummxuwofkm+W186tmZh34bmocgMUZ4
CEfP1A94Vmqy/oYozxuHisKBssjJGJNWAbJrUKf5HlT5viW8EOo30N+JiOzRndPs
nwKjBjj4QT7Qpm55NYZTiGUA1pcgtw17bxqzLVDcetZ/YBYI1HytMrhBEg6eEdOY
J1XtpGOWCyMFZnVvfdNOWuMk2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:51 2024 by rpki-client on console-ams.rpki-client.org