Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/EBe7STPAoL0JBsqHY1sYej8DO7o.roa
File: EBe7STPAoL0JBsqHY1sYej8DO7o.roa (raw, json)
Hash identifier: b+fnKEE3/oARhXxW+P6OzDsQ2U9lOR+M5LA6oiVNZzM=
Subject key identifier: 10:17:BB:49:33:C0:A0:BD:09:06:CA:87:63:5B:18:7A:3F:03:3B:BA
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 01860EEF5962D1C79BBD55FE486948D8CCDD
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/EBe7STPAoL0JBsqHY1sYej8DO7o.roa
Signing time: Wed 01 Feb 2023 21:43:32 +0000
ROA not before: Wed 01 Feb 2023 21:43:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 217.144.55.0/24 maxlen: 24
217.144.52.0/24 maxlen: 24
217.144.57.0/24 maxlen: 24
217.144.58.0/24 maxlen: 24
79.172.224.0/24 maxlen: 24
217.144.59.0/24 maxlen: 24
217.144.60.0/24 maxlen: 24
79.172.228.0/24 maxlen: 24
79.172.250.0/24 maxlen: 24
84.21.12.0/24 maxlen: 24
84.21.13.0/24 maxlen: 24
79.172.192.0/24 maxlen: 24
79.172.207.0/24 maxlen: 24
185.63.17.0/24 maxlen: 24
185.63.18.0/24 maxlen: 24
185.63.19.0/24 maxlen: 24
213.181.217.0/24 maxlen: 24
213.181.218.0/24 maxlen: 24
213.181.216.0/24 maxlen: 24
84.21.4.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0e:ef:59:62:d1:c7:9b:bd:55:fe:48:69:48:d8:cc:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Feb 1 21:43:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1017bb4933c0a0bd0906ca87635b187a3f033bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ee:01:2b:74:13:1b:af:29:37:08:d1:2c:b3:
92:02:20:ee:bf:c7:c0:70:c9:62:e5:c9:3e:2c:5b:
40:86:c4:01:7c:12:ec:cf:9a:7f:ba:cf:73:9c:3d:
11:98:8f:08:2d:15:26:12:6c:56:6f:94:83:14:82:
c0:ce:0e:f9:20:a8:33:22:72:ae:6c:56:30:01:28:
ee:97:c2:7e:b5:0a:a2:60:6f:b0:f6:85:15:c1:8c:
9c:b4:4d:33:57:71:e7:30:01:35:fe:05:e4:3e:da:
c8:35:c5:3f:22:3c:7d:00:17:7f:73:60:9b:82:44:
01:37:e8:ed:5a:02:93:f3:8a:ef:d6:fa:e0:4a:bd:
97:be:8c:ef:b6:b0:68:51:20:d3:04:6a:69:2d:a6:
83:b9:57:11:1f:30:3d:fc:a3:21:35:b1:79:ea:74:
d1:ae:c3:8e:f2:87:0f:d7:92:5e:56:71:5c:e6:88:
12:ba:8f:4d:8f:c5:6b:5f:ed:1b:41:fb:fb:c9:3f:
47:23:e0:db:7d:95:0e:a8:9e:5c:e4:3f:21:8a:81:
db:0f:b8:4e:ec:a8:8d:08:41:31:a5:17:c5:d9:d2:
d1:ac:0d:c3:b3:5f:30:f0:82:17:74:c0:d2:fb:a0:
d2:8e:1c:e2:b4:c6:7d:40:d2:78:58:74:12:9f:64:
86:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:17:BB:49:33:C0:A0:BD:09:06:CA:87:63:5B:18:7A:3F:03:3B:BA
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/EBe7STPAoL0JBsqHY1sYej8DO7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.192.0/24
79.172.207.0/24
79.172.224.0/24
79.172.228.0/24
79.172.250.0/24
84.21.4.0/24
84.21.12.0/23
185.63.17.0-185.63.19.255
213.181.216.0-213.181.218.255
217.144.52.0/24
217.144.55.0/24
217.144.57.0-217.144.60.255
Signature Algorithm: sha256WithRSAEncryption
a0:b1:81:f4:fe:60:e0:de:87:6e:0b:9e:d9:83:43:0f:37:54:
c0:15:6b:f6:77:62:32:ba:35:e1:7b:4a:ea:e5:df:e8:03:94:
9e:f4:9e:03:9a:8c:e2:e5:15:51:b8:9b:b7:65:ce:1a:4b:da:
42:98:74:7c:bf:51:26:ec:2b:55:e3:08:7d:15:fa:c7:1a:f5:
46:cf:5c:df:2b:e9:a7:b3:c7:83:c8:0e:71:c3:2f:7b:41:7f:
78:04:8f:17:13:07:55:96:2d:53:2b:7a:cb:41:c4:22:db:a7:
7b:9f:9d:47:c7:b5:56:53:35:f7:91:00:15:11:0f:0a:31:ea:
bd:b4:45:b7:c5:e1:3f:81:88:cf:c8:5b:dc:b7:0d:36:6a:cd:
62:fc:89:df:be:1a:69:34:e2:9d:d9:15:d2:85:e7:8b:12:37:
69:71:f0:a0:85:bd:98:82:4f:4a:80:ff:0b:e2:23:cd:01:02:
27:da:42:b0:03:c6:36:f9:3d:cd:ac:96:ca:49:d3:93:6f:07:
ff:47:76:a4:00:92:ce:42:2a:6a:3c:24:ab:23:16:26:f1:c8:
f9:02:97:72:46:0d:eb:cd:48:00:37:0b:46:f6:6b:36:5a:90:
c8:6b:a1:56:f8:18:d9:fc:a1:d8:b9:97:a0:01:ba:3b:81:9c:
bc:66:6d:39
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYYO71li0cebvVX+SGlI2MzdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjMwMjAxMjE0MzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDE3YmI0OTMzYzBhMGJkMDkwNmNhODc2MzViMTg3YTNmMDMzYmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+4BK3QTG68pNwjRLLOSAiDuv8fA
cMli5ck+LFtAhsQBfBLsz5p/us9znD0RmI8ILRUmEmxWb5SDFILAzg75IKgzInKu
bFYwASjul8J+tQqiYG+w9oUVwYyctE0zV3HnMAE1/gXkPtrINcU/Ijx9ABd/c2Cb
gkQBN+jtWgKT84rv1vrgSr2XvozvtrBoUSDTBGppLaaDuVcRHzA9/KMhNbF56nTR
rsOO8ocP15JeVnFc5ogSuo9Nj8VrX+0bQfv7yT9HI+DbfZUOqJ5c5D8hioHbD7hO
7KiNCEExpRfF2dLRrA3Ds18w8IIXdMDS+6DSjhzitMZ9QNJ4WHQSn2SG8wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFBAXu0kzwKC9CQbKh2NbGHo/Azu6MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvRUJlN1NUUEFvTDBKQnNxSFkxc1llajhETzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAT6zAAwQA
T6zPAwQAT6zgAwQAT6zkAwQAT6z6AwQAVBUEAwQBVBUMMAwDBAC5PxEDBAK5PxAw
DAMEA9W12AMEANW12gMEANmQNAMEANmQNzAMAwQA2ZA5AwQA2ZA8MA0GCSqGSIb3
DQEBCwUAA4IBAQCgsYH0/mDg3oduC57Zg0MPN1TAFWv2d2IyujXhe0rq5d/oA5Se
9J4Dmozi5RVRuJu3Zc4aS9pCmHR8v1Em7CtV4wh9FfrHGvVGz1zfK+mns8eDyA5x
wy97QX94BI8XEwdVli1TK3rLQcQi26d7n51Hx7VWUzX3kQAVEQ8KMeq9tEW3xeE/
gYjPyFvctw02as1i/InfvhppNOKd2RXSheeLEjdpcfCghb2Ygk9KgP8L4iPNAQIn
2kKwA8Y2+T3NrJbKSdOTbwf/R3akAJLOQipqPCSrIxYm8cj5ApdyRg3rzUgANwtG
9ms2WpDIa6FW+BjZ/KHYuZegAbo7gZy8Zm05
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:57 2023 by rpki-client on console.sobornost.net