Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/3jPdHSUre91YQznxZZOZqcjSH3E.roa
File: 3jPdHSUre91YQznxZZOZqcjSH3E.roa (raw, json)
Hash identifier: gdRrgrBKekbwwqjry9jd8Q+rxLrdZJ3jTlYWOqShmHI=
Subject key identifier: DE:33:DD:1D:25:2B:7B:DD:58:43:39:F1:65:93:99:A9:C8:D2:1F:71
Certificate issuer: /CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Certificate serial: 01857169AABF16E2E4D60F644F66E92C89C4
Authority key identifier: 6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/3jPdHSUre91YQznxZZOZqcjSH3E.roa
Signing time: Mon 02 Jan 2023 07:37:08 +0000
ROA not before: Mon 02 Jan 2023 07:37:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209565
IP address blocks: 188.72.52.0/24 maxlen: 24
188.72.56.0/24 maxlen: 24
188.72.53.0/24 maxlen: 24
188.72.3.0/24 maxlen: 24
188.72.1.0/24 maxlen: 24
188.72.0.0/24 maxlen: 24
188.72.10.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:aa:bf:16:e2:e4:d6:0f:64:4f:66:e9:2c:89:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Validity
Not Before: Jan 2 07:37:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de33dd1d252b7bdd584339f1659399a9c8d21f71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2f:52:be:79:df:03:ea:37:46:ad:82:79:d9:
d8:ed:2e:3a:65:f1:93:76:39:37:27:7e:c6:a7:e5:
07:4a:b5:43:ee:7d:cf:07:1a:36:7c:2f:72:18:97:
04:31:55:6e:db:56:cc:e4:eb:4b:49:4f:15:cd:99:
12:cc:83:e3:11:a5:65:ef:77:ba:31:98:1a:4d:95:
ee:d1:d7:5c:c3:69:9f:c3:5e:4e:f4:d6:93:27:36:
f9:09:1f:81:04:18:0e:e7:61:fd:56:ba:4d:2d:92:
d7:ce:30:dc:26:77:66:ec:0f:3c:a6:2c:be:50:ab:
73:5a:d4:a0:07:24:87:81:de:1a:b0:bc:bd:7e:0a:
c6:ef:6c:49:d3:6a:eb:ad:ed:5e:b9:63:f5:ac:28:
ac:81:43:ee:44:17:c3:81:66:a6:a0:fc:fa:1c:a5:
e9:12:0b:c1:43:28:e8:d4:3b:27:90:60:5b:07:b1:
e0:3b:7c:cf:5e:a0:d7:63:5a:15:a6:c2:fa:c4:e6:
25:3e:98:83:f3:c1:a1:b1:8a:80:08:a3:74:26:45:
41:f3:89:44:e4:cf:7e:c6:cb:b3:7e:aa:13:17:4d:
fd:ab:78:fd:aa:b1:bb:9b:4b:77:30:f1:e3:ea:59:
09:3c:9f:fc:85:e6:31:4a:43:9f:1d:30:7c:d1:43:
47:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:33:DD:1D:25:2B:7B:DD:58:43:39:F1:65:93:99:A9:C8:D2:1F:71
X509v3 Authority Key Identifier:
keyid:6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/3jPdHSUre91YQznxZZOZqcjSH3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.0.0/23
188.72.3.0/24
188.72.10.0/24
188.72.52.0/23
188.72.56.0/24
Signature Algorithm: sha256WithRSAEncryption
62:a3:b8:e0:12:7f:ca:51:d1:d8:ce:7a:d7:04:01:84:46:5a:
fe:7a:53:57:d4:7d:28:3f:27:3c:d4:05:9a:6e:84:e7:82:80:
a3:91:7a:e6:d1:37:00:b8:20:8c:eb:9d:48:65:91:3c:ed:dd:
93:4a:d2:61:b5:11:35:1a:bf:f2:e0:77:37:f8:f2:bd:68:14:
d0:b7:94:1e:9c:5e:21:54:1c:93:17:01:0d:9e:fc:82:70:f7:
8c:00:a2:ed:98:e8:67:02:45:70:cf:fd:98:0c:e4:a0:b7:1f:
93:4d:1a:2f:f1:19:36:bc:33:ff:ca:98:c8:e8:c1:6d:2a:83:
2c:93:98:fe:8b:5f:db:ec:6b:28:4f:86:81:bf:c3:64:3e:18:
23:6f:9e:24:fe:6d:c2:4d:45:11:d9:e5:43:85:86:0b:d2:2a:
e3:c5:d9:34:88:a7:47:66:a3:e6:54:5c:5f:19:ae:53:e0:8d:
63:62:91:ae:59:9d:53:04:79:c6:bd:56:df:4d:ff:f8:b4:88:
06:39:9f:fc:0e:7d:fa:59:15:68:6e:b3:19:1b:fb:e2:55:4a:
0f:28:a3:f1:18:46:cd:29:2a:00:18:1b:d9:22:74:58:4e:77:
0b:74:e7:e2:87:32:47:e9:3f:c6:76:c8:0e:2e:15:d7:24:08:
ac:5d:98:32
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVxaaq/FuLk1g9kT2bpLInEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjBkZWMxM2RmMjA1YTY2ZWM1MjI3OTI1YjhmNTZiZGIw
OWY0OTkwHhcNMjMwMTAyMDczNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTMzZGQxZDI1MmI3YmRkNTg0MzM5ZjE2NTkzOTlhOWM4ZDIxZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnS9SvnnfA+o3Rq2CednY7S46ZfGT
djk3J37Gp+UHSrVD7n3PBxo2fC9yGJcEMVVu21bM5OtLSU8VzZkSzIPjEaVl73e6
MZgaTZXu0ddcw2mfw15O9NaTJzb5CR+BBBgO52H9VrpNLZLXzjDcJndm7A88piy+
UKtzWtSgBySHgd4asLy9fgrG72xJ02rrre1euWP1rCisgUPuRBfDgWamoPz6HKXp
EgvBQyjo1DsnkGBbB7HgO3zPXqDXY1oVpsL6xOYlPpiD88GhsYqACKN0JkVB84lE
5M9+xsuzfqoTF039q3j9qrG7m0t3MPHj6lkJPJ/8heYxSkOfHTB80UNHmwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN4z3R0lK3vdWEM58WWTmanI0h9xMB8GA1UdIwQY
MBaAFGyw3sE98gWmbsUieSW49WvbCfSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQt
NTJiOWU2YTE2MzUwLzEvM2pQZEhTVXJlOTFZUXpueFpaT1pxY2pTSDNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9jYTQ2ZmMtMzg0Ny00ZjFkLTljZTQtNTJiOWU2YTE2MzUw
LzEvYkxEZXdUM3lCYVp1eFNKNUpiajFhOXNKOUprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBvEgAAwQA
vEgDAwQAvEgKAwQBvEg0AwQAvEg4MA0GCSqGSIb3DQEBCwUAA4IBAQBio7jgEn/K
UdHYznrXBAGERlr+elNX1H0oPyc81AWaboTngoCjkXrm0TcAuCCM651IZZE87d2T
StJhtRE1Gr/y4Hc3+PK9aBTQt5QenF4hVByTFwENnvyCcPeMAKLtmOhnAkVwz/2Y
DOSgtx+TTRov8Rk2vDP/ypjI6MFtKoMsk5j+i1/b7GsoT4aBv8NkPhgjb54k/m3C
TUUR2eVDhYYL0irjxdk0iKdHZqPmVFxfGa5T4I1jYpGuWZ1TBHnGvVbfTf/4tIgG
OZ/8Dn36WRVobrMZG/viVUoPKKPxGEbNKSoAGBvZInRYTncLdOfihzJH6T/GdsgO
LhXXJAisXZgy
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:28 2023 by rpki-client on console.sobornost.net