Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/m2tMTudhZKTaNR50zSfJw4-k7H0.roa
File: m2tMTudhZKTaNR50zSfJw4-k7H0.roa (raw, json)
Hash identifier: MUswTLgw+nqUvZk3Vzu28r/T771ozCez0UxN3Bm8pwI=
Subject key identifier: 9B:6B:4C:4E:E7:61:64:A4:DA:35:1E:74:CD:27:C9:C3:8F:A4:EC:7D
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 018D99D11F858A849A9E28F0B190F5013A86
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/m2tMTudhZKTaNR50zSfJw4-k7H0.roa
Signing time: Sun 11 Feb 2024 20:17:15 +0000
ROA not before: Sun 11 Feb 2024 20:17:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 62.68.85.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:99:d1:1f:85:8a:84:9a:9e:28:f0:b1:90:f5:01:3a:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Feb 11 20:17:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b6b4c4ee76164a4da351e74cd27c9c38fa4ec7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:16:ee:98:c3:9a:37:59:e7:37:a7:f4:dc:94:
6d:d7:99:89:e1:78:fa:09:d6:b2:a7:5e:e4:18:f4:
f9:6c:62:22:04:33:e3:d4:2b:14:59:b8:cd:27:3b:
93:c8:c9:97:c9:92:ab:61:44:db:db:1f:f1:b0:58:
94:e0:46:3c:69:12:87:d3:25:4c:c6:40:88:5e:52:
54:21:01:a5:45:ab:60:2d:b1:32:fb:1e:ff:72:ca:
33:21:fc:e6:54:1b:51:66:8d:8f:8c:26:36:12:dc:
a9:12:24:8e:3b:72:e8:4d:92:d0:40:ba:ba:fe:f2:
0a:cf:c2:c3:bf:2d:bb:3e:b8:aa:43:98:cb:51:cc:
e8:18:8a:cf:5e:4a:4f:75:d3:c6:3c:79:59:1c:b2:
24:32:57:56:0e:e1:e3:cf:45:2c:df:57:3e:88:80:
01:4f:c6:66:e1:43:34:93:6d:70:f4:4c:71:9b:2a:
44:7c:c2:fb:bb:0a:7e:4d:e7:58:17:15:b7:b5:0d:
0a:9f:88:a7:0c:19:01:0a:8f:fe:8a:ae:db:a5:7d:
88:a7:1f:46:d2:89:f4:44:a8:44:ad:64:85:5d:38:
19:df:54:0c:90:f6:68:c1:f5:7c:b6:a7:98:b8:7a:
96:30:ff:93:60:1a:e2:f4:3c:74:bf:bb:c3:e6:7a:
63:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:6B:4C:4E:E7:61:64:A4:DA:35:1E:74:CD:27:C9:C3:8F:A4:EC:7D
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/m2tMTudhZKTaNR50zSfJw4-k7H0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.85.0/24
Signature Algorithm: sha256WithRSAEncryption
86:b1:6f:72:a7:02:65:5d:9a:27:b9:05:1a:88:04:fd:5d:f9:
0f:aa:82:91:e4:79:a3:c6:52:f9:5e:79:ec:1c:3a:57:46:2c:
eb:17:e2:30:f5:12:72:3a:4c:8f:65:7f:32:21:22:8f:21:09:
ec:1d:19:08:47:05:ee:d2:f0:eb:ea:68:91:9e:f2:ee:bd:b2:
f7:ee:e0:c7:f4:03:62:71:97:a4:47:a0:fa:2d:04:9e:f3:82:
5a:9b:2a:a5:be:e2:92:f6:1e:61:ea:98:a5:e0:0e:c5:5e:e0:
21:32:ba:ff:33:4c:88:f5:19:fc:f1:42:49:a2:07:1a:00:c7:
91:66:75:d5:75:19:5a:3a:83:85:ae:a1:af:36:b8:8a:0b:b0:
4e:24:b1:c4:c1:4a:00:73:f4:5c:84:74:24:97:c4:32:8f:25:
53:39:9d:36:8c:8b:66:6b:61:7d:87:53:71:3d:10:eb:2d:85:
05:7e:7f:7c:54:3a:42:fc:5b:b3:89:c3:ef:1a:b9:02:ed:98:
30:c8:29:ce:06:8e:23:7f:fe:91:0b:69:79:c0:76:0d:ea:b9:
87:7f:95:e2:83:9d:db:3f:86:e2:ab:2f:a4:d0:14:78:88:fd:
92:0c:d0:b9:0f:05:f2:29:21:96:b7:cf:8d:2f:c0:11:86:42:
bc:d5:4c:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2Z0R+FioSanijwsZD1ATqGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjQwMjExMjAxNzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjZiNGM0ZWU3NjE2NGE0ZGEzNTFlNzRjZDI3YzljMzhmYTRlYzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhbumMOaN1nnN6f03JRt15mJ4Xj6
Cdayp17kGPT5bGIiBDPj1CsUWbjNJzuTyMmXyZKrYUTb2x/xsFiU4EY8aRKH0yVM
xkCIXlJUIQGlRatgLbEy+x7/csozIfzmVBtRZo2PjCY2EtypEiSOO3LoTZLQQLq6
/vIKz8LDvy27PriqQ5jLUczoGIrPXkpPddPGPHlZHLIkMldWDuHjz0Us31c+iIAB
T8Zm4UM0k21w9ExxmypEfML7uwp+TedYFxW3tQ0Kn4inDBkBCo/+iq7bpX2Ipx9G
0on0RKhErWSFXTgZ31QMkPZowfV8tqeYuHqWMP+TYBri9Dx0v7vD5npjwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJtrTE7nYWSk2jUedM0nycOPpOx9MB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvbTJ0TVR1ZGhaS1RhTlI1MHpTZkp3NC1rN0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPkRVMA0G
CSqGSIb3DQEBCwUAA4IBAQCGsW9ypwJlXZonuQUaiAT9XfkPqoKR5HmjxlL5Xnns
HDpXRizrF+Iw9RJyOkyPZX8yISKPIQnsHRkIRwXu0vDr6miRnvLuvbL37uDH9ANi
cZekR6D6LQSe84JamyqlvuKS9h5h6pil4A7FXuAhMrr/M0yI9Rn88UJJogcaAMeR
ZnXVdRlaOoOFrqGvNriKC7BOJLHEwUoAc/RchHQkl8QyjyVTOZ02jItma2F9h1Nx
PRDrLYUFfn98VDpC/FuzicPvGrkC7ZgwyCnOBo4jf/6RC2l5wHYN6rmHf5Xig53b
P4biqy+k0BR4iP2SDNC5DwXyKSGWt8+NL8ARhkK81Uz6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:30 2024 by rpki-client on console-ams.rpki-client.org