Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/x9ZWm0MXUj3LqXD9i2BTAguTeU4.roa
File: x9ZWm0MXUj3LqXD9i2BTAguTeU4.roa (raw, json)
Hash identifier: Xk/UrJNWUmaZ/bjKLf62n4FuO7VyNgw/nyYYeJBNrHQ=
Subject key identifier: C7:D6:56:9B:43:17:52:3D:CB:A9:70:FD:8B:60:53:02:0B:93:79:4E
Certificate issuer: /CN=7979863cea82aeb8e9df384b39aa5176f4bcfa61
Certificate serial: 018571FA0A77031EF19B6ABDBD42739298F2
Authority key identifier: 79:79:86:3C:EA:82:AE:B8:E9:DF:38:4B:39:AA:51:76:F4:BC:FA:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXmGPOqCrrjp3zhLOapRdvS8-mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/x9ZWm0MXUj3LqXD9i2BTAguTeU4.roa
Signing time: Mon 02 Jan 2023 10:14:50 +0000
ROA not before: Mon 02 Jan 2023 10:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209665
IP address blocks: 62.32.78.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:0a:77:03:1e:f1:9b:6a:bd:bd:42:73:92:98:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7979863cea82aeb8e9df384b39aa5176f4bcfa61
Validity
Not Before: Jan 2 10:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7d6569b4317523dcba970fd8b6053020b93794e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4d:88:9c:f8:fc:bd:66:97:b2:a6:7a:ea:26:
bf:df:7b:01:08:8f:9f:a5:e1:4e:b0:1d:3f:63:12:
a8:f5:8f:02:9f:de:06:76:09:30:9e:d2:14:90:da:
21:db:98:3d:5e:b8:3d:38:53:a4:93:3a:ef:1f:8c:
e2:00:ee:39:9c:54:4e:61:2f:ff:f0:65:64:85:39:
22:19:09:80:89:68:d5:66:9d:17:13:1d:b0:8c:ed:
48:01:f2:c5:32:e3:e7:8c:07:87:a6:06:29:24:50:
87:f5:10:ec:fd:7e:29:ee:57:63:ec:5e:38:60:ea:
38:23:99:01:99:40:ac:75:55:60:38:34:4b:a1:40:
5d:17:68:44:ee:26:5c:6e:23:0f:9c:98:5e:04:2e:
d5:d1:de:a8:5c:1c:e8:92:ce:1a:44:6d:91:24:26:
52:94:5b:aa:be:d7:e1:32:c7:50:4b:97:f8:40:bd:
28:96:28:bf:18:2d:c1:62:fd:08:45:a4:ab:6f:1e:
0e:ad:29:dc:ee:b0:22:4e:43:6a:f7:9e:cb:d2:28:
89:a8:76:f3:a2:b0:00:b0:02:c2:4f:7f:66:68:36:
76:d5:86:fc:4a:41:98:4d:5d:33:a9:b7:56:3c:5b:
83:14:36:46:14:b6:77:dc:05:ac:b0:73:10:7f:02:
c8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:D6:56:9B:43:17:52:3D:CB:A9:70:FD:8B:60:53:02:0B:93:79:4E
X509v3 Authority Key Identifier:
keyid:79:79:86:3C:EA:82:AE:B8:E9:DF:38:4B:39:AA:51:76:F4:BC:FA:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXmGPOqCrrjp3zhLOapRdvS8-mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/x9ZWm0MXUj3LqXD9i2BTAguTeU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/eXmGPOqCrrjp3zhLOapRdvS8-mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.32.78.0/24
Signature Algorithm: sha256WithRSAEncryption
55:9a:0d:7d:e3:09:20:14:b9:29:3b:51:31:f1:af:0c:2d:5e:
a6:49:65:e5:c9:d0:65:53:2a:81:aa:c5:7b:c7:0d:a0:9c:f9:
30:b3:ef:69:f0:7e:66:06:58:be:f0:bc:6d:f7:02:d4:90:7e:
c2:1c:aa:e9:aa:45:10:47:f1:2f:b5:7c:2c:b0:5e:b7:a6:f9:
e8:f4:73:0c:d4:d9:3d:ed:a8:ca:49:f8:ff:e9:f6:ce:69:9c:
80:6c:9a:14:bc:73:ab:da:72:4d:f5:4b:a8:0b:09:a2:b0:b8:
9c:1e:87:39:e4:4f:83:e2:5d:1f:b1:2b:e0:02:ad:80:20:51:
c4:52:ee:c0:9a:f8:60:5d:32:86:11:30:b0:18:05:3b:fc:7c:
0f:83:61:20:bd:24:9f:11:28:08:62:70:ad:92:c2:36:26:4e:
70:e5:43:5c:74:4d:46:61:2e:33:53:ea:40:67:da:a9:08:c5:
b3:dc:4a:c1:5e:b5:dc:04:62:b5:58:e1:03:ee:a0:87:71:22:
af:86:03:1e:a7:70:5f:29:f0:3f:c4:c9:79:9e:c3:a3:c7:92:
4d:ac:e1:cc:6f:99:4b:aa:42:d9:af:ae:a8:07:c0:7e:cd:a9:
48:88:3c:d2:ff:5f:6c:ee:67:89:5d:9f:be:f7:6b:0f:33:13:
8f:f7:5e:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+gp3Ax7xm2q9vUJzkpjyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5Nzk4NjNjZWE4MmFlYjhlOWRmMzg0YjM5YWE1MTc2ZjRi
Y2ZhNjEwHhcNMjMwMTAyMTAxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2Q2NTY5YjQzMTc1MjNkY2JhOTcwZmQ4YjYwNTMwMjBiOTM3OTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm02InPj8vWaXsqZ66ia/33sBCI+f
peFOsB0/YxKo9Y8Cn94GdgkwntIUkNoh25g9Xrg9OFOkkzrvH4ziAO45nFROYS//
8GVkhTkiGQmAiWjVZp0XEx2wjO1IAfLFMuPnjAeHpgYpJFCH9RDs/X4p7ldj7F44
YOo4I5kBmUCsdVVgODRLoUBdF2hE7iZcbiMPnJheBC7V0d6oXBzoks4aRG2RJCZS
lFuqvtfhMsdQS5f4QL0olii/GC3BYv0IRaSrbx4OrSnc7rAiTkNq957L0iiJqHbz
orAAsALCT39maDZ21Yb8SkGYTV0zqbdWPFuDFDZGFLZ33AWssHMQfwLIjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMfWVptDF1I9y6lw/YtgUwILk3lOMB8GA1UdIwQY
MBaAFHl5hjzqgq646d84SzmqUXb0vPphMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhtR1BPcUNycmpwM3poTE9hcFJkdlM4LW1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8xY2NmMjUtMjBkZS00YjJlLWEwZTEt
ZGU0YWNmNDQ3ZmFlLzEveDlaV20wTVhVajNMcVhEOWkyQlRBZ3VUZVU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8xY2NmMjUtMjBkZS00YjJlLWEwZTEtZGU0YWNmNDQ3ZmFl
LzEvZVhtR1BPcUNycmpwM3poTE9hcFJkdlM4LW1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPiBOMA0G
CSqGSIb3DQEBCwUAA4IBAQBVmg194wkgFLkpO1Ex8a8MLV6mSWXlydBlUyqBqsV7
xw2gnPkws+9p8H5mBli+8Lxt9wLUkH7CHKrpqkUQR/EvtXwssF63pvno9HMM1Nk9
7ajKSfj/6fbOaZyAbJoUvHOr2nJN9UuoCwmisLicHoc55E+D4l0fsSvgAq2AIFHE
Uu7AmvhgXTKGETCwGAU7/HwPg2EgvSSfESgIYnCtksI2Jk5w5UNcdE1GYS4zU+pA
Z9qpCMWz3ErBXrXcBGK1WOED7qCHcSKvhgMep3BfKfA/xMl5nsOjx5JNrOHMb5lL
qkLZr66oB8B+zalIiDzS/19s7meJXZ++92sPMxOP915e
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:51 2024 by rpki-client on console-fra.rpki-client.org