Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/QxzSn9dBLHnmu1-oYTYGBbykpWc.roa
File: QxzSn9dBLHnmu1-oYTYGBbykpWc.roa (raw, json)
Hash identifier: NEgjr2/czWjirzVwuZmW1LSsFDghviEuK6MAkF2t2ak=
Subject key identifier: 43:1C:D2:9F:D7:41:2C:79:E6:BB:5F:A8:61:36:06:05:BC:A4:A5:67
Certificate issuer: /CN=37ed49efac9795987771acdc77a0e228904277ad
Certificate serial: 018CC348BA7502F00729D5DD1C8BD206F518
Authority key identifier: 37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/QxzSn9dBLHnmu1-oYTYGBbykpWc.roa
Signing time: Mon 01 Jan 2024 04:29:32 +0000
ROA not before: Mon 01 Jan 2024 04:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 178.130.131.0/24 maxlen: 24
178.130.132.0/24 maxlen: 24
178.130.133.0/24 maxlen: 24
109.172.80.0/24 maxlen: 24
109.172.81.0/24 maxlen: 24
109.172.82.0/24 maxlen: 24
109.172.83.0/24 maxlen: 24
109.172.89.0/24 maxlen: 24
109.172.90.0/24 maxlen: 24
109.172.91.0/24 maxlen: 24
109.172.88.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ba:75:02:f0:07:29:d5:dd:1c:8b:d2:06:f5:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37ed49efac9795987771acdc77a0e228904277ad
Validity
Not Before: Jan 1 04:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=431cd29fd7412c79e6bb5fa861360605bca4a567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:18:de:19:49:fd:c8:f1:43:ef:3e:9c:bc:ad:
70:ec:13:f9:c2:cf:de:c2:0c:0c:86:92:a4:7b:10:
a4:16:fa:fd:98:bd:29:39:01:76:0e:11:8e:f5:92:
41:ec:2b:ce:14:6b:03:8c:9a:99:3e:bd:27:95:9c:
a7:cd:6b:9d:40:71:61:9c:19:38:d1:9c:2c:40:5b:
ba:70:18:af:fa:ea:41:8b:03:b0:6f:aa:ff:f3:1f:
f1:ed:95:43:c1:33:30:bd:35:e4:9e:55:b9:b9:66:
79:68:d2:7c:7d:29:42:63:69:68:b5:1a:ea:9e:9c:
77:74:05:ba:e4:71:17:79:44:57:e7:e1:7e:ec:30:
e6:53:6e:62:41:57:67:de:d3:fc:2e:23:0a:6b:e9:
f1:55:82:71:79:15:e1:65:70:cc:ec:3a:63:3c:e6:
9a:63:35:91:f0:78:c1:d9:7f:4f:42:19:98:b0:de:
21:c9:34:34:53:f3:25:1f:9c:92:47:ba:1f:5c:b3:
6d:fb:77:df:4c:0e:82:0a:0a:50:2c:a2:4b:d7:49:
44:5f:6f:54:60:c1:09:f6:e6:8b:82:63:f8:51:d6:
82:5e:e2:8b:3a:4c:2e:60:e8:17:04:d5:b8:f1:54:
96:63:95:63:9a:cc:f4:86:62:1e:7f:73:cd:fd:da:
ee:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:1C:D2:9F:D7:41:2C:79:E6:BB:5F:A8:61:36:06:05:BC:A4:A5:67
X509v3 Authority Key Identifier:
keyid:37:ED:49:EF:AC:97:95:98:77:71:AC:DC:77:A0:E2:28:90:42:77:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-1J76yXlZh3cazcd6DiKJBCd60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/QxzSn9dBLHnmu1-oYTYGBbykpWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/2171be-b083-479b-a580-6a06b7502bd7/1/N-1J76yXlZh3cazcd6DiKJBCd60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.172.80.0/22
109.172.88.0/22
178.130.131.0-178.130.133.255
Signature Algorithm: sha256WithRSAEncryption
39:4e:96:47:f9:73:00:d4:b0:08:34:7b:07:af:9a:3c:96:ff:
0f:fa:3e:ea:59:f8:1b:78:c2:7c:5a:a0:3b:41:9e:98:5a:f8:
57:d6:cc:38:32:67:51:99:d1:12:31:d8:a4:03:18:0a:05:50:
99:3d:8a:19:de:98:df:0d:17:ab:36:f4:66:f9:b2:89:33:11:
4c:80:81:fc:aa:c2:46:ed:99:9b:93:da:97:42:9a:e9:23:d0:
10:2a:2a:1b:16:17:69:3f:26:48:64:2c:b9:b2:87:b6:b5:3c:
65:d6:be:3b:b5:a4:da:52:ee:de:6c:3c:bc:32:59:90:ae:e2:
a8:49:2f:53:af:27:cc:cc:70:69:7b:18:32:e4:ab:62:d6:f6:
b1:82:74:2f:bd:76:db:7e:73:2b:b3:51:07:c1:16:e5:8b:e2:
33:49:fe:95:46:b9:5b:ac:fb:57:37:e2:8a:34:13:ce:e9:e5:
c7:3b:55:43:86:7c:3b:84:f6:09:86:fa:1d:f4:23:b9:af:ad:
0e:55:e0:e7:60:5e:75:a3:9b:52:4f:2b:14:fe:12:d6:7c:45:
00:63:50:6a:c5:22:c0:26:12:b7:e2:fb:4b:d0:78:df:31:b5:
41:26:7b:18:07:86:ec:98:93:1d:bd:c2:f0:b4:b9:84:61:57:
93:da:a4:4a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzDSLp1AvAHKdXdHIvSBvUYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZWQ0OWVmYWM5Nzk1OTg3NzcxYWNkYzc3YTBlMjI4OTA0
Mjc3YWQwHhcNMjQwMTAxMDQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzFjZDI5ZmQ3NDEyYzc5ZTZiYjVmYTg2MTM2MDYwNWJjYTRhNTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhjeGUn9yPFD7z6cvK1w7BP5ws/e
wgwMhpKkexCkFvr9mL0pOQF2DhGO9ZJB7CvOFGsDjJqZPr0nlZynzWudQHFhnBk4
0ZwsQFu6cBiv+upBiwOwb6r/8x/x7ZVDwTMwvTXknlW5uWZ5aNJ8fSlCY2lotRrq
npx3dAW65HEXeURX5+F+7DDmU25iQVdn3tP8LiMKa+nxVYJxeRXhZXDM7DpjPOaa
YzWR8HjB2X9PQhmYsN4hyTQ0U/MlH5ySR7ofXLNt+3ffTA6CCgpQLKJL10lEX29U
YMEJ9uaLgmP4UdaCXuKLOkwuYOgXBNW48VSWY5Vjmsz0hmIef3PN/druzwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEMc0p/XQSx55rtfqGE2BgW8pKVnMB8GA1UdIwQY
MBaAFDftSe+sl5WYd3Gs3Heg4iiQQnetMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAt
NmEwNmI3NTAyYmQ3LzEvUXh6U245ZEJMSG5tdTEtb1lUWUdCYnlrcFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8yMTcxYmUtYjA4My00NzliLWE1ODAtNmEwNmI3NTAyYmQ3
LzEvTi0xSjc2eVhsWmgzY2F6Y2Q2RGlLSkJDZDYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCbaxQAwQC
baxYMAwDBACygoMDBAGygoQwDQYJKoZIhvcNAQELBQADggEBADlOlkf5cwDUsAg0
ewevmjyW/w/6PupZ+Bt4wnxaoDtBnpha+FfWzDgyZ1GZ0RIx2KQDGAoFUJk9ihne
mN8NF6s29Gb5sokzEUyAgfyqwkbtmZuT2pdCmukj0BAqKhsWF2k/JkhkLLmyh7a1
PGXWvju1pNpS7t5sPLwyWZCu4qhJL1OvJ8zMcGl7GDLkq2LW9rGCdC+9dtt+cyuz
UQfBFuWL4jNJ/pVGuVus+1c34oo0E87p5cc7VUOGfDuE9gmG+h30I7mvrQ5V4Odg
XnWjm1JPKxT+EtZ8RQBjUGrFIsAmErfi+0vQeN8xtUEmexgHhuyYkx29wvC0uYRh
V5PapEo=
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:58:49 2024 by rpki-client on console.sobornost.net