Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/JSytIo4VSvBHLOYEogYZsJgfKH0.roa
File: JSytIo4VSvBHLOYEogYZsJgfKH0.roa (raw, json)
Hash identifier: SopLPYvPFrIXlOeIgoTN2I8qltFtpT8CfL4xizc/tYE=
Subject key identifier: 25:2C:AD:22:8E:15:4A:F0:47:2C:E6:04:A2:06:19:B0:98:1F:28:7D
Certificate issuer: /CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Certificate serial: 018AE060927A83B6C6D377B2544954A8258E
Authority key identifier: 75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/JSytIo4VSvBHLOYEogYZsJgfKH0.roa
Signing time: Fri 29 Sep 2023 09:58:59 +0000
ROA not before: Fri 29 Sep 2023 09:58:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3302
IP address blocks: 185.82.0.0/22 maxlen: 22
81.92.32.0/20 maxlen: 20
213.136.128.0/18 maxlen: 24
217.29.160.0/20 maxlen: 20
193.219.30.0/24 maxlen: 24
194.20.0.0/16 maxlen: 24
213.149.192.0/19 maxlen: 19
212.90.0.0/19 maxlen: 24
213.183.128.0/19 maxlen: 19
194.21.0.0/18 maxlen: 24
194.21.128.0/18 maxlen: 24
194.153.192.0/20 maxlen: 24
83.211.0.0/16 maxlen: 24
212.110.0.0/19 maxlen: 24
62.94.0.0/16 maxlen: 24
195.62.224.0/19 maxlen: 24
194.153.208.0/22 maxlen: 24
213.198.128.0/18 maxlen: 24
2001:750::/29 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e0:60:92:7a:83:b6:c6:d3:77:b2:54:49:54:a8:25:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Validity
Not Before: Sep 29 09:58:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=252cad228e154af0472ce604a20619b0981f287d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b7:64:cb:38:35:de:d5:da:a6:07:3f:52:29:
b6:fb:b5:c9:5a:bf:40:1f:94:45:e2:03:34:e2:d6:
34:28:9e:69:05:68:9c:94:a5:f0:85:e8:8e:3d:9e:
2b:da:c3:d8:b8:9b:f7:1c:7b:f1:a2:e4:04:6e:4b:
8e:98:e1:5d:c2:a5:0d:b8:85:ab:ae:c8:10:61:0e:
8a:f4:ab:89:65:7a:09:fe:9a:8d:42:e0:98:94:a8:
3f:d1:ad:44:33:54:b2:1f:f3:b3:f4:9d:eb:2b:cb:
a4:fe:8d:9d:81:65:ce:69:56:65:94:b2:13:d1:10:
27:41:aa:e2:64:c3:0e:d9:b7:b2:ad:17:03:62:a9:
96:df:0c:4d:4b:34:54:ca:4c:5f:c4:27:e9:0f:45:
cb:fe:03:2b:cd:6a:e7:10:76:8c:e8:6a:c7:2b:52:
55:10:9d:e3:e3:61:95:99:ee:80:d9:05:b4:7e:fd:
45:2d:3e:c7:cb:c9:f2:6d:fb:03:fc:b7:93:33:f5:
0d:cd:d7:f4:ca:95:26:22:f5:7d:48:35:29:ef:26:
af:6b:7a:b6:0d:6c:15:7e:b5:86:9d:0b:6c:df:a2:
bb:5d:a8:e2:0b:50:77:d2:40:65:37:56:cb:3f:f5:
18:1d:20:85:31:4c:c1:90:0c:c2:f3:a7:bd:94:85:
22:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:2C:AD:22:8E:15:4A:F0:47:2C:E6:04:A2:06:19:B0:98:1F:28:7D
X509v3 Authority Key Identifier:
keyid:75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/JSytIo4VSvBHLOYEogYZsJgfKH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.94.0.0/16
81.92.32.0/20
83.211.0.0/16
185.82.0.0/22
193.219.30.0/24
194.20.0.0-194.21.63.255
194.21.128.0/18
194.153.192.0-194.153.211.255
195.62.224.0/19
212.90.0.0/19
212.110.0.0/19
213.136.128.0/18
213.149.192.0/19
213.183.128.0/19
213.198.128.0/18
217.29.160.0/20
IPv6:
2001:750::/29
Signature Algorithm: sha256WithRSAEncryption
95:e9:72:42:0c:7e:59:43:39:5e:e6:96:b6:55:8a:69:fd:53:
40:fe:74:66:3c:fa:02:d7:50:d2:b1:e1:70:58:ca:56:4c:65:
9b:c8:24:c7:29:22:82:02:b6:1f:4e:ba:a6:e8:51:00:0d:5d:
97:95:f1:c8:ec:43:a8:45:44:0a:20:59:cf:bc:d9:81:a0:fb:
cf:82:97:5c:51:6a:58:25:f5:ee:83:c0:f0:a7:74:69:ca:75:
50:3d:cf:02:94:a4:7a:2d:a4:46:fe:7b:60:f5:ae:d6:43:d8:
5a:03:f0:7f:02:53:8b:55:a2:76:19:6b:9b:17:1f:9e:41:b8:
f9:5b:84:2b:3a:a1:b6:f6:c9:62:b9:ef:8d:03:13:1b:5b:65:
ad:9a:81:96:25:09:d5:19:5e:d9:d9:99:16:d7:82:d3:96:2a:
06:a6:42:3e:cc:58:ab:e1:cf:11:cc:40:1d:45:25:db:47:9e:
6e:a7:67:47:1a:16:5d:55:ea:7a:ff:3f:8c:b2:76:eb:f0:e1:
13:cc:d1:a4:b5:a0:27:46:96:f0:f2:4a:5b:7f:98:8a:b4:5a:
57:03:9f:72:eb:a2:22:4a:70:d3:83:53:b4:23:d3:af:5b:97:
14:c4:5b:63:88:25:7e:2f:e8:e1:59:5b:16:62:9a:77:85:8d:
22:36:70:ee
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAYrgYJJ6g7bG03eyVElUqCWOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MzliN2ExMjM0MTdhYTcxOTMyNTk0NmFhODllMGYzMGFi
MGNhMDkwHhcNMjMwOTI5MDk1ODU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTJjYWQyMjhlMTU0YWYwNDcyY2U2MDRhMjA2MTliMDk4MWYyODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7dkyzg13tXapgc/Uim2+7XJWr9A
H5RF4gM04tY0KJ5pBWiclKXwheiOPZ4r2sPYuJv3HHvxouQEbkuOmOFdwqUNuIWr
rsgQYQ6K9KuJZXoJ/pqNQuCYlKg/0a1EM1SyH/Oz9J3rK8uk/o2dgWXOaVZllLIT
0RAnQariZMMO2beyrRcDYqmW3wxNSzRUykxfxCfpD0XL/gMrzWrnEHaM6GrHK1JV
EJ3j42GVme6A2QW0fv1FLT7Hy8nybfsD/LeTM/UNzdf0ypUmIvV9SDUp7yava3q2
DWwVfrWGnQts36K7XajiC1B30kBlN1bLP/UYHSCFMUzBkAzC86e9lIUiPwIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFCUsrSKOFUrwRyzmBKIGGbCYHyh9MB8GA1UdIwQY
MBaAFHU5t6EjQXqnGTJZRqqJ4PMKsMoJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjct
NWI1ZTMzY2U3MGFkLzEvSlN5dElvNFZTdkJITE9ZRW9nWVpzSmdmS0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjctNWI1ZTMzY2U3MGFk
LzEvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBzBAIAATBtAwMAPl4D
BARRXCADAwBT0wMEArlSAAMEAMHbHjALAwMCwhQDBAbCFQADBAbCFYAwDAMEBsKZ
wAMEAsKZ0AMEBcM+4AMEBdRaAAMEBdRuAAMEBtWIgAMEBdWVwAMEBdW3gAMEBtXG
gAMEBNkdoDANBAIAAjAHAwUDIAEHUDANBgkqhkiG9w0BAQsFAAOCAQEAlelyQgx+
WUM5XuaWtlWKaf1TQP50Zjz6AtdQ0rHhcFjKVkxlm8gkxykiggK2H066puhRAA1d
l5XxyOxDqEVECiBZz7zZgaD7z4KXXFFqWCX17oPA8Kd0acp1UD3PApSkei2kRv57
YPWu1kPYWgPwfwJTi1WidhlrmxcfnkG4+VuEKzqhtvbJYrnvjQMTG1tlrZqBliUJ
1Rle2dmZFteC05YqBqZCPsxYq+HPEcxAHUUl20eebqdnRxoWXVXqev8/jLJ26/Dh
E8zRpLWgJ0aW8PJKW3+YirRaVwOfcuuiIkpw04NTtCPTr1uXFMRbY4glfi/o4Vlb
FmKad4WNIjZw7g==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:37 2023 by rpki-client on console.sobornost.net