Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/Qj1CptaQQ2u5lF5mF6tcZBfMhgg.roa
File: Qj1CptaQQ2u5lF5mF6tcZBfMhgg.roa (raw, json)
Hash identifier: 1Mab455VfZZL4YlNiAvVNuuOUgDQOFr2AmbGch4Z98c=
Subject key identifier: 42:3D:42:A6:D6:90:43:6B:B9:94:5E:66:17:AB:5C:64:17:CC:86:08
Certificate issuer: /CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Certificate serial: 045D834A
Authority key identifier: 6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/Qj1CptaQQ2u5lF5mF6tcZBfMhgg.roa
Signing time: Sat 01 Jan 2022 02:01:23 +0000
ROA not before: Sat 01 Jan 2022 02:01:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39216
IP address blocks: 188.72.63.0/24 maxlen: 24
188.72.62.0/24 maxlen: 24
188.72.60.0/24 maxlen: 24
188.72.4.0/24 maxlen: 24
188.72.3.0/24 maxlen: 24
188.72.2.0/24 maxlen: 24
188.72.7.0/24 maxlen: 24
188.72.6.0/24 maxlen: 24
188.72.5.0/24 maxlen: 24
188.72.9.0/24 maxlen: 24
188.72.35.0/24 maxlen: 24
188.72.34.0/24 maxlen: 24
185.72.253.0/24 maxlen: 24
185.72.252.0/24 maxlen: 24
188.72.40.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73237322 (0x45d834a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb0dec13df205a66ec5227925b8f56bdb09f499
Validity
Not Before: Jan 1 02:01:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=423d42a6d690436bb9945e6617ab5c6417cc8608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:72:47:80:68:4b:a6:94:39:99:62:7e:86:3e:
ab:d9:8d:67:f8:e0:84:d4:f9:ce:a8:cf:f2:a0:2f:
42:f0:f6:db:77:aa:31:31:2b:54:b0:3d:58:9f:8b:
13:c3:c1:7c:87:fe:4a:ff:41:dc:7b:84:0e:75:ce:
60:fd:cf:c8:04:57:24:3b:09:12:b9:a9:fb:42:1e:
89:5e:bb:30:ab:17:ac:71:ba:84:fd:b2:36:ff:cc:
bc:30:59:8f:94:11:3f:fb:07:3b:68:58:71:25:8f:
8b:d6:6a:0e:71:f0:f5:80:cc:bf:c0:69:1f:28:48:
92:f6:f8:b1:68:36:40:8d:55:a0:3a:7b:97:66:02:
67:e8:fe:fa:58:5a:5b:d6:2d:7a:c3:23:ab:54:bd:
23:dd:95:b8:d1:fe:af:21:c7:bb:33:4f:22:4e:be:
4e:8e:9a:7c:2d:ec:91:2d:7d:8b:d0:82:c8:08:06:
51:f1:f5:ba:09:67:2c:71:cb:2c:ae:82:f6:13:3f:
26:34:8c:9c:ac:06:50:ec:6b:f8:96:10:e8:29:f9:
f4:aa:c9:c9:f1:72:f9:e5:5f:dd:8d:51:c9:a5:39:
71:cc:f1:26:09:59:61:0e:7a:74:a4:e7:b7:f5:23:
9f:14:da:6c:78:cd:b7:23:64:ed:70:c0:cc:9b:33:
dc:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:3D:42:A6:D6:90:43:6B:B9:94:5E:66:17:AB:5C:64:17:CC:86:08
X509v3 Authority Key Identifier:
keyid:6C:B0:DE:C1:3D:F2:05:A6:6E:C5:22:79:25:B8:F5:6B:DB:09:F4:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/Qj1CptaQQ2u5lF5mF6tcZBfMhgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ca46fc-3847-4f1d-9ce4-52b9e6a16350/1/bLDewT3yBaZuxSJ5Jbj1a9sJ9Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.252.0/23
188.72.2.0-188.72.7.255
188.72.9.0/24
188.72.34.0/23
188.72.40.0/24
188.72.60.0/24
188.72.62.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:32:04:c2:98:2e:7e:ed:e1:75:7c:63:e2:8c:0e:e5:3c:08:
41:48:fe:e7:70:d5:1d:a7:2a:89:e5:d4:b0:ba:24:e5:45:e6:
22:45:73:9e:54:76:4d:fa:47:3d:7b:3d:02:f8:57:1c:53:79:
1b:c7:22:cb:70:f8:62:09:8b:1f:34:86:d3:f2:7e:6b:3f:b8:
bf:9f:c3:04:2c:b7:42:04:66:02:d1:fa:e8:44:05:8f:96:40:
01:6e:e9:e7:a2:95:e7:db:89:4e:5f:5a:d7:6b:9f:2b:43:c1:
27:60:0f:d1:35:97:56:d3:6b:cc:3a:80:c5:45:f9:a3:06:4c:
1a:4d:7f:9c:da:b2:b4:df:c9:ca:bf:f8:7f:77:fc:dd:32:ed:
35:d3:bb:93:4a:26:b1:3f:b3:01:5c:f2:85:78:92:29:7e:16:
dd:15:85:ac:b8:17:6a:a7:1a:e7:ae:d8:69:65:0e:0b:00:24:
40:a7:b6:3e:e7:d4:53:35:2a:2d:02:76:b8:35:35:f8:3b:4d:
b7:be:92:45:90:88:48:33:e8:6a:91:61:8d:13:95:cd:5e:c9:
22:1d:a6:82:fb:3b:5e:8e:41:c1:52:c7:c7:88:4f:92:5d:86:
ce:3c:c8:25:48:24:86:1a:fc:a7:7e:55:9a:57:d2:a8:d4:81:
9f:36:6f:9a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEBF2DSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Y2IwZGVjMTNkZjIwNWE2NmVjNTIyNzkyNWI4ZjU2YmRiMDlmNDk5MB4XDTIyMDEw
MTAyMDEyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDIzZDQyYTZkNjkw
NDM2YmI5OTQ1ZTY2MTdhYjVjNjQxN2NjODYwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANFyR4BoS6aUOZlifoY+q9mNZ/jghNT5zqjP8qAvQvD223eq
MTErVLA9WJ+LE8PBfIf+Sv9B3HuEDnXOYP3PyARXJDsJErmp+0IeiV67MKsXrHG6
hP2yNv/MvDBZj5QRP/sHO2hYcSWPi9ZqDnHw9YDMv8BpHyhIkvb4sWg2QI1VoDp7
l2YCZ+j++lhaW9YtesMjq1S9I92VuNH+ryHHuzNPIk6+To6afC3skS19i9CCyAgG
UfH1uglnLHHLLK6C9hM/JjSMnKwGUOxr+JYQ6Cn59KrJyfFy+eVf3Y1RyaU5cczx
JglZYQ56dKTnt/UjnxTabHjNtyNk7XDAzJsz3BkCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBRCPUKm1pBDa7mUXmYXq1xkF8yGCDAfBgNVHSMEGDAWgBRssN7BPfIFpm7F
InkluPVr2wn0mTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JMRGV3VDN5QmFadXhTSjVKYmoxYTlzSjlKay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvY2E0NmZjLTM4NDctNGYxZC05Y2U0LTUyYjllNmExNjM1MC8x
L1FqMUNwdGFRUTJ1NWxGNW1GNnRjWkJmTWhnZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
Y2E0NmZjLTM4NDctNGYxZC05Y2U0LTUyYjllNmExNjM1MC8xL2JMRGV3VDN5QmFa
dXhTSjVKYmoxYTlzSjlKay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAblI/DAMAwQBvEgCAwQDvEgAAwQA
vEgJAwQBvEgiAwQAvEgoAwQAvEg8AwQBvEg+MA0GCSqGSIb3DQEBCwUAA4IBAQCa
MgTCmC5+7eF1fGPijA7lPAhBSP7ncNUdpyqJ5dSwuiTlReYiRXOeVHZN+kc9ez0C
+FccU3kbxyLLcPhiCYsfNIbT8n5rP7i/n8MELLdCBGYC0froRAWPlkABbunnopXn
24lOX1rXa58rQ8EnYA/RNZdW02vMOoDFRfmjBkwaTX+c2rK038nKv/h/d/zdMu01
07uTSiaxP7MBXPKFeJIpfhbdFYWsuBdqpxrnrthpZQ4LACRAp7Y+59RTNSotAna4
NTX4O023vpJFkIhIM+hqkWGNE5XNXskiHaaC+ztejkHBUsfHiE+SXYbOPMglSCSG
GvynflWaV9Ko1IGfNm+a
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:28 2023 by rpki-client on console.sobornost.net