Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/ufy-BG2TzF3awU3JrDlqYR_OwjI.roa
File: ufy-BG2TzF3awU3JrDlqYR_OwjI.roa (raw, json)
Hash identifier: 53ju7JwpcRBRGqHZG8wpPgD4QNfv+fw8jFKaybfJiE4=
Subject key identifier: B9:FC:BE:04:6D:93:CC:5D:DA:C1:4D:C9:AC:39:6A:61:1F:CE:C2:32
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 0185AC3F510D5AB5BB16CE9A3B98B78C44E8
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/ufy-BG2TzF3awU3JrDlqYR_OwjI.roa
Signing time: Fri 13 Jan 2023 17:48:28 +0000
ROA not before: Fri 13 Jan 2023 17:48:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 62.182.170.0/24 maxlen: 24
83.97.100.0/22 maxlen: 22
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ac:3f:51:0d:5a:b5:bb:16:ce:9a:3b:98:b7:8c:44:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Jan 13 17:48:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9fcbe046d93cc5ddac14dc9ac396a611fcec232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:fe:80:03:49:c0:7d:52:21:bf:34:5e:3c:0f:
16:ad:2d:c4:ac:02:9c:9f:2f:e4:f9:39:13:6a:da:
06:8e:db:a8:5d:a6:16:5d:28:c6:36:d5:22:06:6e:
0a:0c:60:e2:d3:a0:2f:3c:0c:3f:a4:93:db:40:33:
bd:eb:c3:7c:44:ec:bc:bb:ab:01:27:a3:fb:7c:b2:
26:71:51:27:1e:0c:ba:79:30:27:6e:3b:c0:c0:6f:
76:e0:55:4a:c7:5a:05:3a:78:d4:45:3b:5f:d1:ca:
3e:99:ed:50:2c:42:73:21:46:1d:a1:50:a0:21:36:
29:6b:25:2a:af:81:65:84:e4:76:57:56:bd:db:e5:
91:14:50:49:17:56:c6:f1:cc:8f:ef:d0:c9:f6:f2:
59:18:64:64:93:20:3c:31:6d:c9:1d:62:53:0a:a3:
1c:70:8e:70:15:25:f5:b4:fb:a3:9d:17:22:71:25:
e6:d6:8a:f4:0b:40:46:af:79:d5:a8:56:2f:8d:db:
58:84:df:e3:42:2e:e3:45:e5:a7:d0:a9:a6:36:4e:
c5:29:bd:2c:30:aa:56:ab:90:68:1c:ff:98:23:2e:
bf:20:d2:8d:a7:8e:da:31:69:d8:0d:f5:a5:13:34:
93:62:31:77:a7:27:ce:b4:22:dc:b7:60:93:bc:25:
69:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:FC:BE:04:6D:93:CC:5D:DA:C1:4D:C9:AC:39:6A:61:1F:CE:C2:32
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/ufy-BG2TzF3awU3JrDlqYR_OwjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.170.0/24
83.97.100.0/22
Signature Algorithm: sha256WithRSAEncryption
78:74:dc:60:b6:f8:4a:6b:28:ea:5f:ce:57:da:57:e2:a1:35:
6a:5e:86:74:66:02:c3:d8:c7:f5:82:9f:ec:ed:61:2b:ae:02:
49:d6:1f:d3:b0:71:39:65:77:da:af:dd:2c:dd:df:65:87:78:
53:97:a0:4c:33:09:b5:43:9e:3f:aa:48:52:af:4e:2f:50:c6:
3a:39:94:c8:da:7f:47:37:6e:f6:fb:e3:90:41:a9:7e:3c:2c:
e8:3d:d9:50:18:38:cf:68:67:1d:f0:c3:23:98:56:39:d5:e8:
01:72:72:de:21:78:8c:4f:32:64:7a:6e:49:e2:19:95:00:fc:
ca:80:39:3a:03:f1:53:ec:28:34:9d:95:70:cb:57:f5:2f:de:
e0:18:e7:61:f5:85:ea:d6:7e:1a:37:fc:4d:b5:29:63:29:45:
a5:c4:2d:80:4d:d4:78:97:a4:48:35:a9:3b:f8:7f:f9:3c:0e:
0d:50:34:1e:b9:26:c2:1b:fb:aa:89:30:71:78:99:dd:eb:9a:
47:20:c2:c7:a0:00:78:f8:15:40:87:3a:80:0b:7e:89:3b:48:
4a:98:9a:f4:20:11:a6:47:d0:1f:14:06:50:3e:84:f9:b6:b9:
25:ad:73:f2:40:ef:6b:69:fe:a4:89:d1:54:57:4b:dd:9c:8c:
43:31:13:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWsP1ENWrW7Fs6aO5i3jEToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwMTEzMTc0ODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWZjYmUwNDZkOTNjYzVkZGFjMTRkYzlhYzM5NmE2MTFmY2VjMjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmf6AA0nAfVIhvzRePA8WrS3ErAKc
ny/k+TkTatoGjtuoXaYWXSjGNtUiBm4KDGDi06AvPAw/pJPbQDO968N8ROy8u6sB
J6P7fLImcVEnHgy6eTAnbjvAwG924FVKx1oFOnjURTtf0co+me1QLEJzIUYdoVCg
ITYpayUqr4FlhOR2V1a92+WRFFBJF1bG8cyP79DJ9vJZGGRkkyA8MW3JHWJTCqMc
cI5wFSX1tPujnRcicSXm1or0C0BGr3nVqFYvjdtYhN/jQi7jReWn0KmmNk7FKb0s
MKpWq5BoHP+YIy6/INKNp47aMWnYDfWlEzSTYjF3pyfOtCLct2CTvCVp8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLn8vgRtk8xd2sFNyaw5amEfzsIyMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvdWZ5LUJHMlR6RjNhd1UzSnJEbHFZUl9Pd2pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPraqAwQC
U2FkMA0GCSqGSIb3DQEBCwUAA4IBAQB4dNxgtvhKayjqX85X2lfioTVqXoZ0ZgLD
2Mf1gp/s7WErrgJJ1h/TsHE5ZXfar90s3d9lh3hTl6BMMwm1Q54/qkhSr04vUMY6
OZTI2n9HN272++OQQal+PCzoPdlQGDjPaGcd8MMjmFY51egBcnLeIXiMTzJkem5J
4hmVAPzKgDk6A/FT7Cg0nZVwy1f1L97gGOdh9YXq1n4aN/xNtSljKUWlxC2ATdR4
l6RINak7+H/5PA4NUDQeuSbCG/uqiTBxeJnd65pHIMLHoAB4+BVAhzqAC36JO0hK
mJr0IBGmR9AfFAZQPoT5trklrXPyQO9raf6kidFUV0vdnIxDMRPJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:04 2024 by rpki-client on console-fra.rpki-client.org