Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/ufZp3iJryh9pOSTYUqd-gI7RWY8.roa
File: ufZp3iJryh9pOSTYUqd-gI7RWY8.roa (raw, json)
Hash identifier: qGUy/ahIMryA8LmEmHbaBCUnZTOI0mDzEQndp1Awv6c=
Subject key identifier: B9:F6:69:DE:22:6B:CA:1F:69:39:24:D8:52:A7:7E:80:8E:D1:59:8F
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 03363E60
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/ufZp3iJryh9pOSTYUqd-gI7RWY8.roa
Signing time: Thu 09 Jun 2022 19:36:02 +0000
ROA not before: Thu 09 Jun 2022 19:36:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200019
IP address blocks: 62.182.168.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53886560 (0x3363e60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Jun 9 19:36:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b9f669de226bca1f693924d852a77e808ed1598f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:db:d9:69:06:9a:ed:6e:2a:f9:8f:ba:55:3d:
69:af:a6:f4:b8:5e:52:42:a7:79:8f:ca:00:31:b1:
7e:57:c1:19:7f:36:d4:75:be:6d:3e:6b:55:4a:13:
45:e1:31:55:0a:d5:30:4e:ee:10:ca:b0:bd:6e:63:
6f:4b:b6:de:fb:96:7c:89:e9:84:98:3b:68:14:47:
fc:3f:56:30:50:24:51:9e:47:76:4b:00:38:8a:70:
2e:de:f4:97:cf:26:a8:72:1b:32:83:83:9c:ef:25:
56:ba:ef:27:d0:2b:e2:c1:06:23:40:25:43:0b:05:
b0:e9:db:d0:23:3e:cf:c7:9c:17:30:89:e9:21:58:
72:6f:f8:3e:86:3c:d9:f3:81:ff:aa:1a:9b:9f:9b:
eb:c2:a6:8f:18:c3:0e:be:a0:c5:ad:c3:e7:5a:6b:
c7:d1:db:a3:ac:97:9f:ea:0e:cf:8c:7d:ac:1b:18:
7e:b6:fa:21:6d:49:d5:12:6e:cf:c2:6c:39:3c:df:
c5:7d:f0:27:4c:00:3f:97:96:cb:c9:1d:8f:76:5f:
dd:f3:25:69:cb:0e:4a:fe:a3:b5:1c:94:80:1f:c6:
27:ac:b6:a9:17:7a:b6:c2:ca:01:96:ab:a2:c1:62:
df:0b:56:a7:3e:a8:d1:29:c2:1d:5c:15:20:1f:59:
fb:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:F6:69:DE:22:6B:CA:1F:69:39:24:D8:52:A7:7E:80:8E:D1:59:8F
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/ufZp3iJryh9pOSTYUqd-gI7RWY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.168.0/22
Signature Algorithm: sha256WithRSAEncryption
04:de:ee:9d:08:4c:7c:3f:41:35:8e:7a:e3:6e:b8:7e:e9:53:
e6:7a:60:d6:36:65:62:48:11:2b:bf:6c:bb:8d:5e:91:c8:84:
2e:f5:3e:f3:e1:d1:74:f1:dd:ee:91:24:58:3e:83:fe:d0:ed:
2a:1c:c3:3b:1a:09:b0:7a:67:c0:1f:aa:ed:7b:62:1d:40:ef:
5e:43:ff:93:b7:05:49:c9:14:7f:b4:9c:5a:b6:91:29:2e:6e:
0c:6e:20:ef:e0:6a:ee:f4:1e:64:9d:fa:1a:d0:6f:7a:d0:c0:
76:16:48:3a:77:ed:d8:b1:77:6b:84:50:4e:33:1e:21:4c:90:
ac:d3:a5:fb:8e:66:d5:ed:c1:7d:90:d5:c6:de:59:d7:2e:bd:
a9:f0:fe:65:c0:6a:5d:c1:15:1f:d8:e6:ad:0a:d3:e1:16:11:
5e:2f:23:c0:f6:f2:f0:74:70:b5:cd:14:ba:27:73:fc:16:21:
7f:a8:6d:79:b9:db:cb:ed:cc:39:ae:e9:25:5e:01:f1:93:b6:
0a:f3:03:6f:e7:60:a3:c6:6e:54:79:05:3b:58:33:08:54:bf:
c1:41:58:4e:f5:29:c3:17:e7:2f:56:12:cf:98:5f:b1:1e:e5:
c5:48:f8:40:35:c8:24:28:8b:48:b8:69:1c:d3:2f:c6:40:72:
cd:9c:20:b7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAzY+YDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YzRlZDk0MmU1Yzc0MmU3N2JmYjliZWI5NTRmODcyNTM0ZjUyODQ4MB4XDTIyMDYw
OTE5MzYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjlmNjY5ZGUyMjZi
Y2ExZjY5MzkyNGQ4NTJhNzdlODA4ZWQxNTk4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANPb2WkGmu1uKvmPulU9aa+m9LheUkKneY/KADGxflfBGX82
1HW+bT5rVUoTReExVQrVME7uEMqwvW5jb0u23vuWfInphJg7aBRH/D9WMFAkUZ5H
dksAOIpwLt70l88mqHIbMoODnO8lVrrvJ9Ar4sEGI0AlQwsFsOnb0CM+z8ecFzCJ
6SFYcm/4PoY82fOB/6oam5+b68KmjxjDDr6gxa3D51prx9Hbo6yXn+oOz4x9rBsY
frb6IW1J1RJuz8JsOTzfxX3wJ0wAP5eWy8kdj3Zf3fMlacsOSv6jtRyUgB/GJ6y2
qRd6tsLKAZarosFi3wtWpz6o0SnCHVwVIB9Z+zMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS59mneImvKH2k5JNhSp36AjtFZjzAfBgNVHSMEGDAWgBQ8TtlC5cdC53v7
m+uVT4clNPUoSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BFN1pRdVhIUXVkNy01dnJsVS1ISlRUMUtFZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvMWJiNDVhLTU1MWMtNDk2Ny05NWNhLTc3MzQ0YmNjOTE5MS8x
L3VmWnAzaUpyeWg5cE9TVFlVcWQtZ0k3UldZOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
MWJiNDVhLTU1MWMtNDk2Ny05NWNhLTc3MzQ0YmNjOTE5MS8xL1BFN1pRdVhIUXVk
Ny01dnJsVS1ISlRUMUtFZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAj62qDANBgkqhkiG9w0BAQsFAAOC
AQEABN7unQhMfD9BNY564264fulT5npg1jZlYkgRK79su41ekciELvU+8+HRdPHd
7pEkWD6D/tDtKhzDOxoJsHpnwB+q7XtiHUDvXkP/k7cFSckUf7ScWraRKS5uDG4g
7+Bq7vQeZJ36GtBvetDAdhZIOnft2LF3a4RQTjMeIUyQrNOl+45m1e3BfZDVxt5Z
1y69qfD+ZcBqXcEVH9jmrQrT4RYRXi8jwPby8HRwtc0Uuidz/BYhf6htebnby+3M
Oa7pJV4B8ZO2CvMDb+dgo8ZuVHkFO1gzCFS/wUFYTvUpwxfnL1YSz5hfsR7lxUj4
QDXIJCiLSLhpHNMvxkByzZwgtw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:55 2025 by rpki-client