Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/nlYST4JGMStdA7VL62-ltKKwK9Y.roa
File: nlYST4JGMStdA7VL62-ltKKwK9Y.roa (raw, json)
Hash identifier: kKxeD5ZseCjLARfGLcprBq4bAaWYRt1K7Fx8iJAZw3A=
Subject key identifier: 9E:56:12:4F:82:46:31:2B:5D:03:B5:4B:EB:6F:A5:B4:A2:B0:2B:D6
Certificate issuer: /CN=d123b8d462134667ec6a9d1e154e5c7f0596662c
Certificate serial: 01826DFFBC14B52C13F656C01BF44059D7E5
Authority key identifier: D1:23:B8:D4:62:13:46:67:EC:6A:9D:1E:15:4E:5C:7F:05:96:66:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0SO41GITRmfsap0eFU5cfwWWZiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/nlYST4JGMStdA7VL62-ltKKwK9Y.roa
Signing time: Fri 05 Aug 2022 12:34:12 +0000
ROA not before: Fri 05 Aug 2022 12:34:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50512
IP address blocks: 62.78.82.0/24 maxlen: 24
62.78.81.0/24 maxlen: 24
91.235.95.0/24 maxlen: 24
62.78.89.0/24 maxlen: 24
62.78.88.0/24 maxlen: 24
62.78.87.0/24 maxlen: 24
62.78.93.0/24 maxlen: 24
62.78.92.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:6d:ff:bc:14:b5:2c:13:f6:56:c0:1b:f4:40:59:d7:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d123b8d462134667ec6a9d1e154e5c7f0596662c
Validity
Not Before: Aug 5 12:34:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e56124f8246312b5d03b54beb6fa5b4a2b02bd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f4:ab:9b:bc:2b:76:cb:0a:17:94:13:71:c5:
d2:f4:e1:40:d5:89:58:01:6d:94:1f:8e:bb:b8:db:
fe:da:21:60:69:e6:e3:34:d2:b5:d0:95:d6:06:49:
91:73:34:65:a8:41:f5:eb:c7:68:d7:92:cb:93:79:
a8:c8:db:56:49:c1:1d:66:fd:7f:a5:cf:e2:f8:6d:
4c:84:70:84:eb:31:a9:77:20:16:aa:7b:04:ec:6a:
30:ff:d3:ba:88:0b:f8:4c:b1:51:55:72:f9:84:c9:
39:2b:a5:ef:70:3a:4e:eb:4b:f6:c5:dc:61:b8:21:
95:8a:5a:e1:a8:91:52:a6:ae:c5:f2:80:15:dc:3c:
84:e9:94:ee:ca:d2:07:41:41:26:48:d4:83:d8:90:
c7:45:07:3b:e1:65:15:43:19:95:9f:c5:2a:35:30:
5c:58:c8:1f:6c:3f:20:ff:cb:10:67:98:1c:97:19:
77:24:45:77:ea:06:bf:10:e8:9f:63:e2:b2:c1:e0:
8b:ab:1a:32:c9:b9:db:1e:70:da:e2:4c:d8:9f:e8:
0c:b4:df:e2:86:65:b9:7e:c3:d3:85:f4:f3:5c:7b:
44:4b:78:99:37:db:44:4a:f9:00:a0:ca:a6:81:94:
a1:03:41:03:69:d2:e7:43:7c:06:12:c8:f2:93:85:
0b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:56:12:4F:82:46:31:2B:5D:03:B5:4B:EB:6F:A5:B4:A2:B0:2B:D6
X509v3 Authority Key Identifier:
keyid:D1:23:B8:D4:62:13:46:67:EC:6A:9D:1E:15:4E:5C:7F:05:96:66:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0SO41GITRmfsap0eFU5cfwWWZiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/nlYST4JGMStdA7VL62-ltKKwK9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0d903f-1831-4d03-aab4-81af7c657e05/1/0SO41GITRmfsap0eFU5cfwWWZiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.78.81.0-62.78.82.255
62.78.87.0-62.78.89.255
62.78.92.0/23
91.235.95.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:c6:71:ef:32:04:14:bc:47:b0:e2:67:15:59:5c:6c:35:38:
04:1c:f0:c8:5c:ad:bd:4d:39:ce:2b:7a:c0:4e:22:a5:1d:cb:
47:58:2a:47:2c:bd:6e:92:0c:52:ec:39:20:db:55:e3:96:ae:
4b:4b:cf:ae:5d:8d:64:0d:0d:2b:1f:c9:a3:bc:61:48:6b:b8:
32:65:6f:58:cd:0e:ea:e0:30:bf:1a:bf:63:84:c4:e6:98:61:
a5:fe:a0:1b:a7:29:ad:b1:e5:4e:47:92:92:a3:a8:aa:a6:02:
18:f8:a5:01:1f:af:74:6c:27:fb:79:9e:b5:a7:32:a3:42:7b:
e0:61:1a:74:01:3b:68:48:7f:34:a2:30:34:66:c5:7d:11:1b:
b8:0c:86:e4:bd:b7:0b:21:82:88:31:1e:6e:3b:a4:f8:bd:29:
d6:bc:b1:9c:bb:c0:f0:d8:f9:09:e5:b8:c2:fc:0a:e1:8e:e4:
61:5f:70:99:93:81:2e:3a:f1:6b:ce:27:92:8f:62:54:68:09:
30:f0:fe:0d:1d:e1:e3:b8:51:f5:b8:aa:79:db:cc:13:2a:df:
6a:55:d6:31:64:4c:01:50:03:98:af:87:81:5a:2d:4f:c4:68:
18:20:3d:24:ba:6d:a0:19:af:9a:aa:fc:bc:7a:1e:ad:67:7f:
c2:81:51:c9
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYJt/7wUtSwT9lbAG/RAWdflMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMjNiOGQ0NjIxMzQ2NjdlYzZhOWQxZTE1NGU1YzdmMDU5
NjY2MmMwHhcNMjIwODA1MTIzNDEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTU2MTI0ZjgyNDYzMTJiNWQwM2I1NGJlYjZmYTViNGEyYjAyYmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfSrm7wrdssKF5QTccXS9OFA1YlY
AW2UH467uNv+2iFgaebjNNK10JXWBkmRczRlqEH168do15LLk3moyNtWScEdZv1/
pc/i+G1MhHCE6zGpdyAWqnsE7Gow/9O6iAv4TLFRVXL5hMk5K6XvcDpO60v2xdxh
uCGVilrhqJFSpq7F8oAV3DyE6ZTuytIHQUEmSNSD2JDHRQc74WUVQxmVn8UqNTBc
WMgfbD8g/8sQZ5gclxl3JEV36ga/EOifY+KyweCLqxoyybnbHnDa4kzYn+gMtN/i
hmW5fsPThfTzXHtES3iZN9tESvkAoMqmgZShA0EDadLnQ3wGEsjyk4ULdwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJ5WEk+CRjErXQO1S+tvpbSisCvWMB8GA1UdIwQY
MBaAFNEjuNRiE0Zn7GqdHhVOXH8FlmYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFNPNDFHSVRSbWZzYXAwZUZVNWNmd1dXWml3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZDkwM2YtMTgzMS00ZDAzLWFhYjQt
ODFhZjdjNjU3ZTA1LzEvbmxZU1Q0SkdNU3RkQTdWTDYyLWx0S0t3SzlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZDkwM2YtMTgzMS00ZDAzLWFhYjQtODFhZjdjNjU3ZTA1
LzEvMFNPNDFHSVRSbWZzYXAwZUZVNWNmd1dXWml3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAA+TlED
BAA+TlIwDAMEAD5OVwMEAT5OWAMEAT5OXAMEAFvrXzANBgkqhkiG9w0BAQsFAAOC
AQEADcZx7zIEFLxHsOJnFVlcbDU4BBzwyFytvU05zit6wE4ipR3LR1gqRyy9bpIM
Uuw5INtV45auS0vPrl2NZA0NKx/Jo7xhSGu4MmVvWM0O6uAwvxq/Y4TE5phhpf6g
G6cprbHlTkeSkqOoqqYCGPilAR+vdGwn+3metacyo0J74GEadAE7aEh/NKIwNGbF
fREbuAyG5L23CyGCiDEebjuk+L0p1ryxnLvA8Nj5CeW4wvwK4Y7kYV9wmZOBLjrx
a84nko9iVGgJMPD+DR3h47hR9biqedvMEyrfalXWMWRMAVADmK+HgVotT8RoGCA9
JLptoBmvmqr8vHoerWd/woFRyQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:39 2023 by rpki-client on console-fra.rpki-client.org