Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/ZUgwtu_rhRouhYTL9oFPBOPXK-0.roa
File: ZUgwtu_rhRouhYTL9oFPBOPXK-0.roa (raw, json)
Hash identifier: PGb+U6jfRetcR21dEp4ghFZTcdH5anTF+eJsfo3fCI0=
Subject key identifier: 65:48:30:B6:EF:EB:85:1A:2E:85:84:CB:F6:81:4F:04:E3:D7:2B:ED
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 03D27976
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/ZUgwtu_rhRouhYTL9oFPBOPXK-0.roa
Signing time: Sat 01 Jan 2022 10:02:16 +0000
ROA not before: Sat 01 Jan 2022 10:02:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 212.172.0.0/16 maxlen: 24
195.247.0.0/16 maxlen: 24
195.78.160.0/19 maxlen: 24
194.162.0.0/16 maxlen: 24
80.83.96.0/20 maxlen: 24
195.20.64.0/19 maxlen: 24
62.144.0.0/16 maxlen: 24
194.112.16.0/20 maxlen: 24
79.140.176.0/20 maxlen: 24
62.246.0.0/16 maxlen: 24
213.54.0.0/16 maxlen: 24
83.129.0.0/16 maxlen: 24
195.52.0.0/16 maxlen: 24
85.212.0.0/15 maxlen: 24
195.63.0.0/16 maxlen: 24
212.255.0.0/16 maxlen: 24
62.26.0.0/15 maxlen: 24
185.210.52.0/22 maxlen: 24
195.254.0.0/17 maxlen: 24
195.185.0.0/16 maxlen: 24
2001:4091::/32 maxlen: 48
2a01:5c8::/32 maxlen: 48
2001:4090::/32 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64125302 (0x3d27976)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Jan 1 10:02:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=654830b6efeb851a2e8584cbf6814f04e3d72bed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:11:e5:35:e9:4d:3e:9c:3f:f5:d8:7d:2a:72:
c3:ac:29:6d:2d:70:83:ca:7c:37:e8:cc:62:c2:b0:
fa:ac:05:8f:d7:d4:b0:50:de:e1:19:11:65:15:b2:
4d:e4:95:74:87:ee:d8:c3:fd:88:81:80:93:cd:1b:
3d:df:5f:19:68:4a:2b:e5:5b:ec:28:4b:d8:0f:7e:
d5:fb:38:92:3e:18:1d:ee:7a:5d:eb:9d:0d:db:ff:
c5:c9:ec:b1:ec:89:a2:dc:ec:34:00:68:60:08:3a:
3f:1d:e7:21:f2:0a:4e:5c:d0:f3:fe:a4:13:8c:03:
8a:55:90:ed:1b:36:ac:7f:fd:65:d6:99:ba:c9:7a:
45:7c:d1:44:ab:05:42:1f:4d:6e:92:dc:d6:74:49:
2d:b4:ea:f5:0b:41:48:69:d7:9b:b5:39:30:f9:6e:
c1:f3:bf:3c:78:1f:3f:b8:d1:bf:68:a9:21:5a:3b:
af:5a:2d:e2:5a:18:73:66:97:bd:ee:0c:b7:cd:2e:
25:d1:86:83:5d:eb:b3:6b:76:8a:48:ba:da:21:c0:
1a:b7:29:70:29:33:f0:b3:33:25:85:74:a3:c6:d9:
6e:60:f0:e6:04:65:4c:5c:50:70:a6:a6:96:90:4b:
29:91:75:96:6d:d5:16:1b:8d:64:f2:15:9d:77:f4:
17:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:48:30:B6:EF:EB:85:1A:2E:85:84:CB:F6:81:4F:04:E3:D7:2B:ED
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/ZUgwtu_rhRouhYTL9oFPBOPXK-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.26.0.0/15
62.144.0.0/16
62.246.0.0/16
79.140.176.0/20
80.83.96.0/20
83.129.0.0/16
85.212.0.0/15
185.210.52.0/22
194.112.16.0/20
194.162.0.0/16
195.20.64.0/19
195.52.0.0/16
195.63.0.0/16
195.78.160.0/19
195.185.0.0/16
195.247.0.0/16
195.254.0.0/17
212.172.0.0/16
212.255.0.0/16
213.54.0.0/16
IPv6:
2001:4090::/31
2a01:5c8::/32
Signature Algorithm: sha256WithRSAEncryption
8f:72:61:f8:53:ae:81:ad:9e:07:27:ba:43:09:88:c6:40:fc:
74:59:88:59:31:29:4b:33:eb:4d:ec:54:31:84:6d:4a:97:42:
62:07:ae:3a:86:3f:a0:c1:e3:9c:2b:28:83:4d:6c:9b:a0:25:
0a:7f:7a:28:63:03:65:b0:71:b5:42:09:2c:38:73:58:e6:ef:
51:3c:f2:9b:14:51:f8:94:14:ce:b1:59:c6:7f:93:34:73:14:
3d:07:fd:c5:ef:b0:9f:a4:07:9a:11:15:93:ae:f9:68:c3:c0:
2b:18:44:2a:66:75:67:79:36:b5:9a:a4:47:74:ac:da:74:9e:
86:55:57:5b:38:4b:d1:bc:69:70:c4:85:80:84:48:4b:4b:8e:
33:d3:ea:94:ad:44:f3:3c:f1:1e:9f:64:ec:20:f3:e3:bc:76:
c0:2b:86:07:82:28:27:4f:7c:16:ad:17:81:8e:bd:55:b2:6a:
d6:07:98:5e:8c:ae:bf:e1:19:88:22:b0:20:3d:45:f5:d7:9e:
a1:ad:a7:65:6e:09:64:e5:a1:fe:00:61:4e:bc:5f:a1:d3:f7:
6c:5d:95:63:7f:93:d0:47:61:d2:f0:28:30:b3:44:b1:26:d3:
29:64:34:83:13:bd:20:e2:34:6d:19:65:2a:d4:be:f6:e3:44:
1a:4a:f8:b7
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIEA9J5djANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTFkNzJhYzA4MjZlMDliYzBkMTdkZGVlOGJhODdkOTczMWRkNDEzMB4XDTIyMDEw
MTEwMDIxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjU0ODMwYjZlZmVi
ODUxYTJlODU4NGNiZjY4MTRmMDRlM2Q3MmJlZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIR5TXpTT6cP/XYfSpyw6wpbS1wg8p8N+jMYsKw+qwFj9fU
sFDe4RkRZRWyTeSVdIfu2MP9iIGAk80bPd9fGWhKK+Vb7ChL2A9+1fs4kj4YHe56
XeudDdv/xcnsseyJotzsNABoYAg6Px3nIfIKTlzQ8/6kE4wDilWQ7Rs2rH/9ZdaZ
usl6RXzRRKsFQh9NbpLc1nRJLbTq9QtBSGnXm7U5MPluwfO/PHgfP7jRv2ipIVo7
r1ot4loYc2aXve4Mt80uJdGGg13rs2t2iki62iHAGrcpcCkz8LMzJYV0o8bZbmDw
5gRlTFxQcKamlpBLKZF1lm3VFhuNZPIVnXf0FykCAwEAAaOCAocwggKDMB0GA1Ud
DgQWBBRlSDC27+uFGi6FhMv2gU8E49cr7TAfBgNVHSMEGDAWgBQKHXKsCCbgm8DR
fd7ouofZcx3UEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NoMXlyQWdtNEp2QTBYM2U2THFIMlhNZDFCTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvNjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8x
L1pVZ3d0dV9yaFJvdWhZVEw5b0ZQQk9QWEstMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
NjM0MWRhLTJiMzQtNGQ0NS05YzE3LTk1ODExMmE0ODlhNC8xL0NoMXlyQWdtNEp2
QTBYM2U2THFIMlhNZDFCTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
nAYIKwYBBQUHAQcBAf8EgYwwgYkwcQQCAAEwawMDAT4aAwMAPpADAwA+9gMEBE+M
sAMEBFBTYAMDAFOBAwMBVdQDBAK50jQDBATCcBADAwDCogMEBcMUQAMDAMM0AwMA
wz8DBAXDTqADAwDDuQMDAMP3AwQHw/4AAwMA1KwDAwDU/wMDANU2MBQEAgACMA4D
BQEgAUCQAwUAKgEFyDANBgkqhkiG9w0BAQsFAAOCAQEAj3Jh+FOuga2eBye6QwmI
xkD8dFmIWTEpSzPrTexUMYRtSpdCYgeuOoY/oMHjnCsog01sm6AlCn96KGMDZbBx
tUIJLDhzWObvUTzymxRR+JQUzrFZxn+TNHMUPQf9xe+wn6QHmhEVk675aMPAKxhE
KmZ1Z3k2tZqkR3Ss2nSehlVXWzhL0bxpcMSFgIRIS0uOM9PqlK1E8zzxHp9k7CDz
47x2wCuGB4IoJ098Fq0XgY69VbJq1geYXoyuv+EZiCKwID1F9deeoa2nZW4JZOWh
/gBhTrxfodP3bF2VY3+T0Edh0vAoMLNEsSbTKWQ0gxO9IOI0bRllKtS+9uNEGkr4
tw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:42 2025 by rpki-client