Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/fx9q4DsF93jKonaLSb1FporaOXs.roa
File: fx9q4DsF93jKonaLSb1FporaOXs.roa (raw, json)
Hash identifier: s7V8hiKLgrK3kDvcRGB2g8e+N34Dh3nSPldZfyrA3aE=
Subject key identifier: 7F:1F:6A:E0:3B:05:F7:78:CA:A2:76:8B:49:BD:45:A6:8A:DA:39:7B
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 0202EC83
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/fx9q4DsF93jKonaLSb1FporaOXs.roa
Signing time: Tue 08 Feb 2022 06:27:01 +0000
ROA not before: Tue 08 Feb 2022 06:27:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 62.182.172.0/22 maxlen: 22
62.182.168.0/22 maxlen: 22
185.65.68.0/24 maxlen: 24
83.97.100.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33746051 (0x202ec83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Feb 8 06:27:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7f1f6ae03b05f778caa2768b49bd45a68ada397b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:06:de:c7:09:3e:14:bf:8b:71:14:92:dc:b0:
40:86:ea:6e:50:27:4a:fc:3f:cd:6f:11:d5:57:3c:
79:9e:d4:16:18:a4:1e:c8:a0:ce:54:f7:e9:41:22:
cc:e9:af:7b:59:98:17:d4:0d:27:ba:9f:95:8c:3b:
65:8c:90:3e:51:79:8b:78:fd:c6:43:2b:8b:46:3f:
68:8b:62:5c:9c:fa:f6:6f:44:fd:6d:9a:b3:a9:0a:
d4:1c:7e:6c:bf:ce:71:85:72:e0:a0:67:de:ca:b3:
a1:15:e0:36:fb:d0:2b:19:26:fe:ac:65:4f:40:8f:
98:dd:70:d5:70:f1:de:f3:99:90:f6:1c:a5:31:8d:
35:2e:d6:b3:d5:9a:40:c8:4f:c7:07:3c:54:cd:de:
4a:8d:4f:8f:ff:23:96:6b:40:49:05:21:8b:d0:71:
88:3a:4c:66:87:7c:23:5d:7b:3d:74:01:13:dd:17:
a3:cf:8f:af:b2:f1:3f:5d:8d:c6:42:04:5f:8f:52:
4d:fe:27:87:93:94:b6:89:bf:b0:93:9e:aa:cc:1d:
5e:fa:e5:c7:52:be:21:5d:3c:14:2c:6e:e4:86:8a:
d7:4d:31:a3:34:3e:ed:ec:e4:43:dc:e4:4a:f2:cc:
24:c4:58:9b:f9:bb:06:68:60:a7:00:1a:5f:d3:46:
4c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:1F:6A:E0:3B:05:F7:78:CA:A2:76:8B:49:BD:45:A6:8A:DA:39:7B
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/fx9q4DsF93jKonaLSb1FporaOXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.168.0/21
83.97.100.0/22
185.65.68.0/24
Signature Algorithm: sha256WithRSAEncryption
64:7d:eb:25:b4:db:0b:f2:31:14:f1:e1:89:9b:5e:c6:f3:32:
fb:cb:cc:c8:45:d1:a8:f6:f3:fb:5e:8e:0b:d8:37:a6:ea:e4:
d9:26:78:73:c2:6f:21:0c:89:49:50:2b:24:72:e4:42:10:86:
42:55:c2:03:0b:e0:86:c4:e6:0c:2d:8c:34:73:d6:64:a2:c8:
f7:fc:21:28:e9:b4:99:11:1e:82:dc:f4:01:b6:cc:d1:02:ec:
7d:96:26:59:35:5e:a2:4c:56:be:2f:ea:42:f3:18:34:73:8e:
b9:dd:b6:60:e8:48:99:0f:06:c7:e8:d9:60:ab:a6:69:7c:49:
d6:91:c3:a3:03:87:e4:b6:63:71:1f:b9:93:52:40:62:5f:55:
87:bb:77:f4:33:42:8b:e6:4b:2d:4f:ce:48:0d:a9:69:8a:19:
b2:9d:c2:58:2b:99:87:0a:99:09:0e:0d:11:a8:6b:82:2b:52:
e0:6e:1f:33:82:8f:61:59:d4:0c:ce:59:ec:8d:cb:28:7e:19:
a8:c0:70:8b:53:ca:01:f8:35:97:fd:44:15:90:73:8c:84:76:
da:42:40:68:17:0d:c9:2b:5f:31:3c:0c:4b:17:c7:98:de:28:
f1:d4:bd:c6:23:79:14:73:0b:48:94:7e:be:6b:5c:78:f4:a3:
dc:19:c1:9e
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAgLsgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YzRlZDk0MmU1Yzc0MmU3N2JmYjliZWI5NTRmODcyNTM0ZjUyODQ4MB4XDTIyMDIw
ODA2MjcwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2YxZjZhZTAzYjA1
Zjc3OGNhYTI3NjhiNDliZDQ1YTY4YWRhMzk3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8G3scJPhS/i3EUktywQIbqblAnSvw/zW8R1Vc8eZ7UFhik
HsigzlT36UEizOmve1mYF9QNJ7qflYw7ZYyQPlF5i3j9xkMri0Y/aItiXJz69m9E
/W2as6kK1Bx+bL/OcYVy4KBn3sqzoRXgNvvQKxkm/qxlT0CPmN1w1XDx3vOZkPYc
pTGNNS7Ws9WaQMhPxwc8VM3eSo1Pj/8jlmtASQUhi9BxiDpMZod8I117PXQBE90X
o8+Pr7LxP12NxkIEX49STf4nh5OUtom/sJOeqswdXvrlx1K+IV08FCxu5IaK100x
ozQ+7ezkQ9zkSvLMJMRYm/m7BmhgpwAaX9NGTHUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBR/H2rgOwX3eMqidotJvUWmito5ezAfBgNVHSMEGDAWgBQ8TtlC5cdC53v7
m+uVT4clNPUoSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BFN1pRdVhIUXVkNy01dnJsVS1ISlRUMUtFZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvMWJiNDVhLTU1MWMtNDk2Ny05NWNhLTc3MzQ0YmNjOTE5MS8x
L2Z4OXE0RHNGOTNqS29uYUxTYjFGcG9yYU9Ycy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
MWJiNDVhLTU1MWMtNDk2Ny05NWNhLTc3MzQ0YmNjOTE5MS8xL1BFN1pRdVhIUXVk
Ny01dnJsVS1ISlRUMUtFZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAz62qAMEAlNhZAMEALlBRDANBgkq
hkiG9w0BAQsFAAOCAQEAZH3rJbTbC/IxFPHhiZtexvMy+8vMyEXRqPbz+16OC9g3
purk2SZ4c8JvIQyJSVArJHLkQhCGQlXCAwvghsTmDC2MNHPWZKLI9/whKOm0mREe
gtz0AbbM0QLsfZYmWTVeokxWvi/qQvMYNHOOud22YOhImQ8Gx+jZYKumaXxJ1pHD
owOH5LZjcR+5k1JAYl9Vh7t39DNCi+ZLLU/OSA2paYoZsp3CWCuZhwqZCQ4NEahr
gitS4G4fM4KPYVnUDM5Z7I3LKH4ZqMBwi1PKAfg1l/1EFZBzjIR22kJAaBcNyStf
MTwMSxfHmN4o8dS9xiN5FHMLSJR+vmtcePSj3BnBng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:04 2024 by rpki-client on console-fra.rpki-client.org