Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/NqPb98Wvd92OBznrWJXX8QftIo0.roa
File: NqPb98Wvd92OBznrWJXX8QftIo0.roa (raw, json)
Hash identifier: yiYV0Gn6JCFFvRA64+JKqRApbOquporJEp7TSuD1WF8=
Subject key identifier: 36:A3:DB:F7:C5:AF:77:DD:8E:07:39:EB:58:95:D7:F1:07:ED:22:8D
Certificate issuer: /CN=d123b8d462134667ec6a9d1e154e5c7f0596662c
Certificate serial: 01840E0BADC279E48016D8EAC2DE1D240C53
Authority key identifier: D1:23:B8:D4:62:13:46:67:EC:6A:9D:1E:15:4E:5C:7F:05:96:66:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0SO41GITRmfsap0eFU5cfwWWZiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/NqPb98Wvd92OBznrWJXX8QftIo0.roa
Signing time: Tue 25 Oct 2022 07:29:17 +0000
ROA not before: Tue 25 Oct 2022 07:29:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50512
IP address blocks: 62.78.82.0/24 maxlen: 24
62.78.81.0/24 maxlen: 24
91.235.95.0/24 maxlen: 24
62.78.88.0/23 maxlen: 24
62.78.87.0/24 maxlen: 24
62.78.92.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0e:0b:ad:c2:79:e4:80:16:d8:ea:c2:de:1d:24:0c:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d123b8d462134667ec6a9d1e154e5c7f0596662c
Validity
Not Before: Oct 25 07:29:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36a3dbf7c5af77dd8e0739eb5895d7f107ed228d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:25:72:fd:a0:e6:51:09:c4:04:a5:1e:6a:9f:
08:17:55:f6:cb:f4:21:32:cd:5d:44:55:f6:b9:bc:
4b:fa:e2:23:cb:0e:00:d8:5d:2c:c4:cd:7e:a7:a1:
fd:aa:16:52:6e:7b:4a:f3:00:97:90:82:2e:97:a4:
7a:45:a2:2a:14:cd:d0:bc:1a:81:62:12:d6:13:5e:
44:93:0a:ac:42:80:42:e4:28:0e:c1:88:cc:1b:b2:
dc:69:26:50:33:ca:e7:f0:6c:51:b7:02:da:bd:62:
33:be:6a:d0:cc:a3:4a:16:42:31:5c:c9:13:f3:18:
a1:33:a9:fd:de:df:a1:48:42:31:e5:61:8b:4b:c8:
2e:f0:c2:a0:a7:82:da:c7:a0:7f:1d:b9:82:e7:b7:
45:9a:71:d3:75:a8:5c:52:6a:1f:42:fc:0b:b3:58:
3b:ae:da:9e:e7:5f:52:a0:04:b4:f0:78:d5:61:c0:
a7:15:71:ed:67:20:3c:56:70:3a:5b:e1:31:09:14:
31:f0:02:5f:24:2b:f0:6c:a5:14:92:db:b8:04:32:
80:1c:d2:82:4d:5b:2b:4a:82:b2:d6:3a:7f:e8:2a:
61:bd:2e:7f:c4:10:3c:d0:d9:cd:23:33:bd:b2:78:
54:fb:a1:0b:4d:93:be:00:fb:8d:af:b2:5b:c1:94:
67:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A3:DB:F7:C5:AF:77:DD:8E:07:39:EB:58:95:D7:F1:07:ED:22:8D
X509v3 Authority Key Identifier:
keyid:D1:23:B8:D4:62:13:46:67:EC:6A:9D:1E:15:4E:5C:7F:05:96:66:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0SO41GITRmfsap0eFU5cfwWWZiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/NqPb98Wvd92OBznrWJXX8QftIo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/0SO41GITRmfsap0eFU5cfwWWZiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.78.81.0-62.78.82.255
62.78.87.0-62.78.89.255
62.78.92.0/23
91.235.95.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:7d:e6:f5:8d:38:74:17:1a:bf:6d:d4:fc:ce:3b:42:bf:d6:
93:9c:39:93:20:19:82:26:e1:d9:bd:29:31:3d:f5:5d:14:a7:
9f:bd:7b:52:cf:73:fe:e4:68:9d:6d:21:41:da:90:e3:04:a4:
f2:29:d6:16:5f:91:ce:af:87:76:88:74:67:52:ff:03:6c:4a:
37:7d:a2:98:fb:a8:b8:a0:9f:80:ca:3c:b3:40:e0:57:35:b8:
13:9c:bb:fe:57:53:4c:7d:ae:3d:f8:95:f4:7b:d3:b1:03:d6:
df:ef:77:54:6b:05:9e:e9:5b:76:d5:85:6c:ff:23:84:09:7f:
7c:4e:e2:52:52:dd:41:bd:6a:b0:00:39:a9:f8:5e:9b:49:5a:
ba:52:f6:96:8c:e4:77:dd:22:34:f3:07:1e:0b:8e:53:7b:3c:
db:2e:61:b7:d8:ca:65:dd:4c:30:b5:30:92:56:36:72:7f:e2:
4e:f7:12:88:bd:32:28:7d:37:64:10:1f:cb:f7:07:36:a5:7f:
04:a1:73:5e:62:01:85:03:e3:66:84:87:3c:dd:39:17:7a:a3:
bb:63:f0:fd:49:da:2e:ad:a2:95:74:c5:39:35:8b:7d:d5:eb:
eb:ae:53:7d:96:84:53:85:74:cd:dd:f7:f2:31:cd:fa:0c:21:
54:c7:10:a1
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYQOC63CeeSAFtjqwt4dJAxTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMjNiOGQ0NjIxMzQ2NjdlYzZhOWQxZTE1NGU1YzdmMDU5
NjY2MmMwHhcNMjIxMDI1MDcyOTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmEzZGJmN2M1YWY3N2RkOGUwNzM5ZWI1ODk1ZDdmMTA3ZWQyMjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyVy/aDmUQnEBKUeap8IF1X2y/Qh
Ms1dRFX2ubxL+uIjyw4A2F0sxM1+p6H9qhZSbntK8wCXkIIul6R6RaIqFM3QvBqB
YhLWE15EkwqsQoBC5CgOwYjMG7LcaSZQM8rn8GxRtwLavWIzvmrQzKNKFkIxXMkT
8xihM6n93t+hSEIx5WGLS8gu8MKgp4Lax6B/HbmC57dFmnHTdahcUmofQvwLs1g7
rtqe519SoAS08HjVYcCnFXHtZyA8VnA6W+ExCRQx8AJfJCvwbKUUktu4BDKAHNKC
TVsrSoKy1jp/6CphvS5/xBA80NnNIzO9snhU+6ELTZO+APuNr7JbwZRnRwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDaj2/fFr3fdjgc561iV1/EH7SKNMB8GA1UdIwQY
MBaAFNEjuNRiE0Zn7GqdHhVOXH8FlmYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFNPNDFHSVRSbWZzYXAwZUZVNWNmd1dXWml3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZDkwM2YtMTgzMS00ZDAzLWFhYjQt
ODFhZjdjNjU3ZTA1LzEvTnFQYjk4V3ZkOTJPQnpucldKWFg4UWZ0SW8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZDkwM2YtMTgzMS00ZDAzLWFhYjQtODFhZjdjNjU3ZTA1
LzEvMFNPNDFHSVRSbWZzYXAwZUZVNWNmd1dXWml3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAA+TlED
BAA+TlIwDAMEAD5OVwMEAT5OWAMEAT5OXAMEAFvrXzANBgkqhkiG9w0BAQsFAAOC
AQEAin3m9Y04dBcav23U/M47Qr/Wk5w5kyAZgibh2b0pMT31XRSnn717Us9z/uRo
nW0hQdqQ4wSk8inWFl+Rzq+Hdoh0Z1L/A2xKN32imPuouKCfgMo8s0DgVzW4E5y7
/ldTTH2uPfiV9HvTsQPW3+93VGsFnulbdtWFbP8jhAl/fE7iUlLdQb1qsAA5qfhe
m0laulL2lozkd90iNPMHHguOU3s82y5ht9jKZd1MMLUwklY2cn/iTvcSiL0yKH03
ZBAfy/cHNqV/BKFzXmIBhQPjZoSHPN05F3qju2Pw/UnaLq2ilXTFOTWLfdXr665T
fZaEU4V0zd338jHN+gwhVMcQoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:11 2024 by rpki-client on console-fra.rpki-client.org