Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/ynTGeCzrbp6lO_8KTycCXsI1a5g.roa
File: ynTGeCzrbp6lO_8KTycCXsI1a5g.roa (raw, json)
Hash identifier: Db800M39jAuwTrWFgD9gGM6nMws6NDZELLgX78cJhSg=
Subject key identifier: CA:74:C6:78:2C:EB:6E:9E:A5:3B:FF:0A:4F:27:02:5E:C2:35:6B:98
Certificate issuer: /CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Certificate serial: 018508CDF608C3C9D5EACAB4BEF9DC2AD978
Authority key identifier: FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/ynTGeCzrbp6lO_8KTycCXsI1a5g.roa
Signing time: Tue 13 Dec 2022 00:06:33 +0000
ROA not before: Tue 13 Dec 2022 00:06:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48265
IP address blocks: 91.210.137.0/24 maxlen: 24
91.210.138.0/24 maxlen: 24
91.210.136.0/24 maxlen: 24
91.210.139.0/24 maxlen: 24
109.104.131.0/24 maxlen: 24
109.104.132.0/24 maxlen: 24
109.104.129.0/24 maxlen: 24
109.104.130.0/24 maxlen: 24
109.104.128.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.139.0/24 maxlen: 24
109.104.136.0/24 maxlen: 24
109.104.137.0/24 maxlen: 24
109.104.135.0/24 maxlen: 24
109.104.133.0/24 maxlen: 24
109.104.134.0/24 maxlen: 24
109.104.145.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.144.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
109.104.142.0/24 maxlen: 24
109.104.140.0/24 maxlen: 24
109.104.159.0/24 maxlen: 24
109.104.157.0/24 maxlen: 24
109.104.158.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
109.104.156.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:08:cd:f6:08:c3:c9:d5:ea:ca:b4:be:f9:dc:2a:d9:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf62f7606273f41a6ccc8e2956076f3c0a1eb54
Validity
Not Before: Dec 13 00:06:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca74c6782ceb6e9ea53bff0a4f27025ec2356b98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d6:85:ec:26:3d:df:29:88:cf:9e:4d:6a:60:
11:fb:3d:85:dc:14:b9:f6:a1:5b:c0:3e:9d:18:08:
cf:3f:d5:0f:b4:57:64:67:80:15:fa:af:8b:f9:b3:
62:87:ed:63:a9:21:b3:8e:0e:7d:43:e5:55:bc:0a:
f1:63:e9:61:26:b4:f8:49:77:37:25:76:8d:cc:ff:
9e:16:dd:38:2f:73:0a:09:92:25:88:15:5c:87:49:
85:23:bd:66:c1:2e:80:51:8b:c6:05:e6:f9:bd:db:
38:d4:87:88:5f:8e:7c:b9:c9:5e:95:b0:83:cf:6d:
20:61:a7:68:78:ce:21:05:84:4e:c3:8f:6d:40:27:
17:25:91:47:ff:7f:cf:ad:29:4e:b8:56:21:b7:3c:
05:14:3b:62:67:e0:ef:10:9f:ae:b9:8e:44:07:04:
13:03:0c:8b:33:56:53:91:a1:4d:99:ad:a7:f0:96:
82:e3:42:de:ac:67:43:56:e4:fa:ea:52:9f:c7:51:
3e:9d:7c:77:03:b2:72:e0:06:28:e2:72:25:92:77:
b3:6d:70:bb:e9:e7:93:c2:47:a8:2e:fd:bd:a0:54:
33:a3:3e:70:80:3b:ec:54:58:84:a9:4f:70:13:80:
db:aa:c1:4a:b5:ea:d8:42:29:f1:d7:fc:e8:e7:b3:
32:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:74:C6:78:2C:EB:6E:9E:A5:3B:FF:0A:4F:27:02:5E:C2:35:6B:98
X509v3 Authority Key Identifier:
keyid:FB:F6:2F:76:06:27:3F:41:A6:CC:C8:E2:95:60:76:F3:C0:A1:EB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_YvdgYnP0GmzMjilWB288Ch61Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/ynTGeCzrbp6lO_8KTycCXsI1a5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/95eebb-0a9d-4f71-b3f9-5649e1b192bb/1/1-_YvdgYnP0GmzMjilWB288Ch61Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.136.0/22
109.104.128.0-109.104.145.255
109.104.155.0-109.104.159.255
Signature Algorithm: sha256WithRSAEncryption
dc:cc:a3:db:5f:f7:4a:53:86:34:2f:f5:f1:ad:6c:1b:2b:39:
99:23:80:42:32:04:ec:8e:9f:e8:09:5f:dc:f7:84:76:b2:e6:
46:de:5e:87:a9:a7:cb:91:20:f5:7d:61:d9:41:50:26:95:b1:
28:c1:a9:48:65:1c:02:37:d2:b3:93:6a:69:5f:c0:44:f2:15:
af:8a:93:f7:4f:66:53:28:e6:04:66:d3:d7:5d:09:01:a7:c3:
07:34:6e:7b:92:47:87:50:7c:37:a1:e3:2d:df:55:f9:b4:67:
e0:92:a8:22:33:a5:b2:40:b9:4f:27:cf:36:ec:be:e0:10:6a:
b9:0a:ce:f3:8e:3c:8d:c8:0d:e4:76:76:d1:fa:15:cf:30:a4:
cf:4e:42:21:e8:33:3d:09:73:e8:c3:e6:88:98:ab:df:93:99:
93:06:94:d1:cb:db:eb:54:b1:6a:e7:c9:5e:72:89:63:6d:99:
15:c2:9d:94:ca:43:88:6c:cb:4e:e0:1c:4a:75:e1:6d:cc:7d:
c0:4e:99:6f:23:0f:30:20:ef:d1:13:85:a3:d7:9a:25:53:6c:
ea:08:c1:30:46:31:17:4a:7d:2c:c9:a6:68:ac:e7:7d:e7:75:
9a:69:4e:3c:f9:bd:52:84:b8:c8:cb:4b:c8:5f:34:85:87:0b:
60:21:82:d9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYUIzfYIw8nV6sq0vvncKtl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZjYyZjc2MDYyNzNmNDFhNmNjYzhlMjk1NjA3NmYzYzBh
MWViNTQwHhcNMjIxMjEzMDAwNjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTc0YzY3ODJjZWI2ZTllYTUzYmZmMGE0ZjI3MDI1ZWMyMzU2Yjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNaF7CY93ymIz55NamAR+z2F3BS5
9qFbwD6dGAjPP9UPtFdkZ4AV+q+L+bNih+1jqSGzjg59Q+VVvArxY+lhJrT4SXc3
JXaNzP+eFt04L3MKCZIliBVch0mFI71mwS6AUYvGBeb5vds41IeIX458uclelbCD
z20gYadoeM4hBYROw49tQCcXJZFH/3/PrSlOuFYhtzwFFDtiZ+DvEJ+uuY5EBwQT
AwyLM1ZTkaFNma2n8JaC40LerGdDVuT66lKfx1E+nXx3A7Jy4AYo4nIlknezbXC7
6eeTwkeoLv29oFQzoz5wgDvsVFiEqU9wE4DbqsFKterYQinx1/zo57MyAQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMp0xngs626epTv/Ck8nAl7CNWuYMB8GA1UdIwQY
MBaAFPv2L3YGJz9BpszI4pVgdvPAoetUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1fWXZkZ1luUDBHbXpNamlsV0IyODhDaDYxUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMvOTVlZWJiLTBhOWQtNGY3MS1iM2Y5
LTU2NDllMWIxOTJiYi8xL3luVEdlQ3pyYnA2bE9fOEtUeWNDWHNJMWE1Zy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjMvOTVlZWJiLTBhOWQtNGY3MS1iM2Y5LTU2NDllMWIxOTJi
Yi8xLzEtX1l2ZGdZblAwR216TWppbFdCMjg4Q2g2MVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOwYIKwYBBQUHAQcBAf8ELDAqMCgEAgABMCIDBAJb0ogw
DAMEB21ogAMEAW1okDAMAwQAbWibAwQFbWiAMA0GCSqGSIb3DQEBCwUAA4IBAQDc
zKPbX/dKU4Y0L/XxrWwbKzmZI4BCMgTsjp/oCV/c94R2suZG3l6HqafLkSD1fWHZ
QVAmlbEowalIZRwCN9Kzk2ppX8BE8hWvipP3T2ZTKOYEZtPXXQkBp8MHNG57kkeH
UHw3oeMt31X5tGfgkqgiM6WyQLlPJ8827L7gEGq5Cs7zjjyNyA3kdnbR+hXPMKTP
TkIh6DM9CXPow+aImKvfk5mTBpTRy9vrVLFq58lecoljbZkVwp2UykOIbMtO4BxK
deFtzH3ATplvIw8wIO/RE4Wj15olU2zqCMEwRjEXSn0syaZorOd953WaaU48+b1S
hLjIy0vIXzSFhwtgIYLZ
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:43 2023 by rpki-client on console.sobornost.net