Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/J67UpOTKPvQj__vaE9U16cvB2wA.roa
File: J67UpOTKPvQj__vaE9U16cvB2wA.roa (raw, json)
Hash identifier: yJwNgr3sIlOnoRCCemaKTD29mhSStxBQhkBythvco3I=
Subject key identifier: 27:AE:D4:A4:E4:CA:3E:F4:23:FF:FB:DA:13:D5:35:E9:CB:C1:DB:00
Certificate issuer: /CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Certificate serial: 0183CFF92B1ADAB59AC9996F68D59BD9737D
Authority key identifier: 2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/J67UpOTKPvQj__vaE9U16cvB2wA.roa
Signing time: Thu 13 Oct 2022 06:12:36 +0000
ROA not before: Thu 13 Oct 2022 06:12:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3292
IP address blocks: 195.215.0.0/16 maxlen: 16
62.242.0.0/15 maxlen: 15
2.104.0.0/13 maxlen: 13
176.20.0.0/17 maxlen: 17
195.97.128.0/18 maxlen: 18
194.239.0.0/16 maxlen: 16
176.20.0.0/14 maxlen: 14
93.178.128.0/18 maxlen: 18
195.249.0.0/16 maxlen: 16
93.160.0.0/13 maxlen: 13
80.160.0.0/13 maxlen: 13
193.163.158.0/23 maxlen: 23
128.76.0.0/16 maxlen: 16
193.163.160.0/21 maxlen: 21
212.130.0.0/16 maxlen: 16
176.22.0.0/15 maxlen: 15
194.247.188.0/23 maxlen: 23
193.39.139.0/24 maxlen: 24
195.184.32.0/19 maxlen: 19
194.182.240.0/20 maxlen: 20
188.176.0.0/13 maxlen: 13
95.166.64.0/18 maxlen: 18
193.162.145.0/24 maxlen: 24
193.162.152.0/21 maxlen: 21
193.162.146.0/24 maxlen: 24
95.166.0.0/16 maxlen: 16
85.129.0.0/17 maxlen: 17
194.182.232.0/21 maxlen: 21
81.31.80.0/20 maxlen: 20
91.199.190.0/24 maxlen: 24
87.48.0.0/12 maxlen: 12
193.163.10.0/24 maxlen: 24
195.95.181.0/24 maxlen: 24
193.163.24.0/22 maxlen: 22
80.62.0.0/15 maxlen: 15
95.166.128.0/17 maxlen: 17
94.189.0.0/17 maxlen: 17
128.77.128.0/17 maxlen: 17
194.192.0.0/16 maxlen: 16
193.3.130.0/23 maxlen: 23
193.3.140.0/24 maxlen: 24
193.3.141.0/24 maxlen: 24
193.3.142.0/24 maxlen: 24
83.88.0.0/13 maxlen: 13
194.182.144.0/21 maxlen: 21
193.162.98.0/23 maxlen: 23
80.196.0.0/14 maxlen: 14
62.135.128.0/17 maxlen: 17
176.21.0.0/16 maxlen: 16
193.162.32.0/23 maxlen: 23
193.88.0.0/15 maxlen: 15
193.3.224.0/22 maxlen: 22
176.20.192.0/18 maxlen: 18
194.182.128.0/20 maxlen: 20
195.41.0.0/16 maxlen: 16
2001:6c8::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cf:f9:2b:1a:da:b5:9a:c9:99:6f:68:d5:9b:d9:73:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e8b24c76ad87a6c1fedffaf08d9b17b45249991
Validity
Not Before: Oct 13 06:12:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=27aed4a4e4ca3ef423fffbda13d535e9cbc1db00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ea:5a:5d:84:28:01:5b:92:a7:37:9c:57:91:
78:3d:42:9e:ac:2f:10:ec:34:21:b1:9b:cd:1b:30:
63:d4:c3:c9:88:39:97:c5:6f:a6:dd:08:63:17:ba:
f5:13:31:15:c5:b6:e2:83:8a:36:62:c9:bd:95:a7:
fb:79:c9:50:62:89:dd:d5:75:5c:97:a9:7f:51:75:
74:70:1f:90:1e:f0:ea:f6:49:81:7a:6e:43:f3:88:
5f:5c:0b:92:3c:62:76:2c:72:f0:bd:01:d0:51:26:
c2:ed:0b:eb:13:e1:cc:92:30:94:e1:a9:ba:02:28:
56:6c:5f:c3:6a:50:96:b0:27:90:2b:f3:20:ac:81:
6f:b9:47:f7:b6:e6:3a:ea:3a:c3:0a:f3:fa:33:3f:
ab:ad:ef:03:d4:d0:65:74:42:af:2e:e0:ea:3a:cb:
2c:bb:88:bf:4f:22:99:6a:5e:c4:ec:e4:77:ae:01:
e1:96:37:86:70:fe:4e:ba:b5:c2:66:ad:a7:12:21:
e5:e9:c0:93:3c:2c:33:93:e0:30:43:6f:04:54:34:
98:12:20:56:cb:8c:57:c5:e5:04:93:7a:53:c2:f8:
2a:7b:87:0b:f8:41:39:63:51:6a:18:2c:28:10:e6:
79:33:44:f0:dd:70:10:0c:ca:d9:c4:df:93:a8:25:
51:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:AE:D4:A4:E4:CA:3E:F4:23:FF:FB:DA:13:D5:35:E9:CB:C1:DB:00
X509v3 Authority Key Identifier:
keyid:2E:8B:24:C7:6A:D8:7A:6C:1F:ED:FF:AF:08:D9:B1:7B:45:24:99:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Loskx2rYemwf7f-vCNmxe0UkmZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/J67UpOTKPvQj__vaE9U16cvB2wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/04d348-75b9-48d2-be10-91190a02db70/1/Loskx2rYemwf7f-vCNmxe0UkmZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.104.0.0/13
62.135.128.0/17
62.242.0.0/15
80.62.0.0/15
80.160.0.0/13
80.196.0.0/14
81.31.80.0/20
83.88.0.0/13
85.129.0.0/17
87.48.0.0/12
91.199.190.0/24
93.160.0.0/13
93.178.128.0/18
94.189.0.0/17
95.166.0.0/16
128.76.0.0/16
128.77.128.0/17
176.20.0.0/14
188.176.0.0/13
193.3.130.0/23
193.3.140.0-193.3.142.255
193.3.224.0/22
193.39.139.0/24
193.88.0.0/15
193.162.32.0/23
193.162.98.0/23
193.162.145.0-193.162.146.255
193.162.152.0/21
193.163.10.0/24
193.163.24.0/22
193.163.158.0-193.163.167.255
194.182.128.0-194.182.151.255
194.182.232.0-194.182.255.255
194.192.0.0/16
194.239.0.0/16
194.247.188.0/23
195.41.0.0/16
195.95.181.0/24
195.97.128.0/18
195.184.32.0/19
195.215.0.0/16
195.249.0.0/16
212.130.0.0/16
IPv6:
2001:6c8::/29
Signature Algorithm: sha256WithRSAEncryption
54:53:3f:24:6a:a5:ed:79:e9:44:1b:3a:08:c5:d8:96:0f:b9:
9f:b0:70:84:e5:0e:d1:f5:e9:4d:bb:38:04:ca:4e:83:b4:21:
eb:6b:a9:e2:40:2d:85:ad:83:3b:b7:a5:d3:6a:73:90:24:59:
42:9c:1f:d0:6f:a2:b7:c9:2f:9c:71:ff:3c:34:01:5e:62:df:
81:c2:a5:d2:23:04:d7:aa:be:e6:36:74:24:1c:3b:12:69:61:
3f:e9:71:66:af:bf:b6:98:e0:04:49:21:fc:1c:2e:47:94:28:
5c:80:61:e7:96:51:00:77:43:6d:3b:aa:98:98:3b:9f:6d:4a:
69:c0:f7:cc:62:1d:d3:42:12:f3:96:c0:b4:56:e7:8a:3d:c2:
92:a5:99:dd:60:81:5a:3e:cd:b8:c5:e9:8b:20:ce:df:37:a6:
a0:82:65:7f:68:b6:99:6d:07:84:5b:8d:58:88:34:e8:a7:cf:
e3:e0:5b:60:0f:f7:98:ca:c1:5d:77:e2:96:78:aa:39:45:82:
3d:b0:8f:4b:56:37:58:f4:8a:a2:ec:8e:3d:3d:3f:cd:ab:e1:
d3:00:b9:48:22:85:6b:a4:f9:05:dd:a0:42:fb:b3:75:7a:5f:
d2:2d:f4:04:76:a9:a5:b9:e8:f2:16:ad:ff:7c:22:f4:47:66:
85:48:42:8a
-----BEGIN CERTIFICATE-----
MIIGJjCCBQ6gAwIBAgISAYPP+Ssa2rWayZlvaNWb2XN9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOGIyNGM3NmFkODdhNmMxZmVkZmZhZjA4ZDliMTdiNDUy
NDk5OTEwHhcNMjIxMDEzMDYxMjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2FlZDRhNGU0Y2EzZWY0MjNmZmZiZGExM2Q1MzVlOWNiYzFkYjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnupaXYQoAVuSpzecV5F4PUKerC8Q
7DQhsZvNGzBj1MPJiDmXxW+m3QhjF7r1EzEVxbbig4o2Ysm9laf7eclQYond1XVc
l6l/UXV0cB+QHvDq9kmBem5D84hfXAuSPGJ2LHLwvQHQUSbC7QvrE+HMkjCU4am6
AihWbF/DalCWsCeQK/MgrIFvuUf3tuY66jrDCvP6Mz+rre8D1NBldEKvLuDqOsss
u4i/TyKZal7E7OR3rgHhljeGcP5OurXCZq2nEiHl6cCTPCwzk+AwQ28EVDSYEiBW
y4xXxeUEk3pTwvgqe4cL+EE5Y1FqGCwoEOZ5M0Tw3XAQDMrZxN+TqCVReQIDAQAB
o4IDMjCCAy4wHQYDVR0OBBYEFCeu1KTkyj70I//72hPVNenLwdsAMB8GA1UdIwQY
MBaAFC6LJMdq2HpsH+3/rwjZsXtFJJmRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAt
OTExOTBhMDJkYjcwLzEvSjY3VXBPVEtQdlFqX192YUU5VTE2Y3ZCMndBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8wNGQzNDgtNzViOS00OGQyLWJlMTAtOTExOTBhMDJkYjcw
LzEvTG9za3gyclllbXdmN2YtdkNObXhlMFVrbVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRgYIKwYBBQUHAQcBAf8EggE1MIIBMTCCAR4EAgABMIIB
FgMDAwJoAwQHPoeAAwMBPvIDAwFQPgMDA1CgAwMCUMQDBARRH1ADAwNTWAMEB1WB
AAMDBFcwAwQAW8e+AwMDXaADBAZdsoADBAdevQADAwBfpgMDAIBMAwQHgE2AAwMC
sBQDAwO8sAMEAcEDgjAMAwQCwQOMAwQAwQOOAwQCwQPgAwQAwSeLAwMBwVgDBAHB
oiADBAHBomIwDAMEAMGikQMEAMGikgMEA8GimAMEAMGjCgMEAsGjGDAMAwQBwaOe
AwQDwaOgMAwDBAfCtoADBAPCtpAwCwMEA8K26AMDAMK2AwMAwsADAwDC7wMEAcL3
vAMDAMMpAwQAw1+1AwQGw2GAAwQFw7ggAwMAw9cDAwDD+QMDANSCMA0EAgACMAcD
BQMgAQbIMA0GCSqGSIb3DQEBCwUAA4IBAQBUUz8kaqXteelEGzoIxdiWD7mfsHCE
5Q7R9elNuzgEyk6DtCHra6niQC2FrYM7t6XTanOQJFlCnB/Qb6K3yS+ccf88NAFe
Yt+BwqXSIwTXqr7mNnQkHDsSaWE/6XFmr7+2mOAESSH8HC5HlChcgGHnllEAd0Nt
O6qYmDufbUppwPfMYh3TQhLzlsC0VueKPcKSpZndYIFaPs24xemLIM7fN6aggmV/
aLaZbQeEW41YiDTop8/j4FtgD/eYysFdd+KWeKo5RYI9sI9LVjdY9Iqi7I49PT/N
q+HTALlIIoVrpPkF3aBC+7N1el/SLfQEdqmluejyFq3/fCL0R2aFSEKK
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:42 2023 by rpki-client on console.sobornost.net