Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/hPG1THoAJcM6Si474cFDF70Mpgw.roa
File: hPG1THoAJcM6Si474cFDF70Mpgw.roa (raw, json)
Hash identifier: C47w4Vo/6hFzZF38xPwblGpkECr8xMrfocrrPgSa9xc=
Subject key identifier: 84:F1:B5:4C:7A:00:25:C3:3A:4A:2E:3B:E1:C1:43:17:BD:0C:A6:0C
Certificate issuer: /CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Certificate serial: 018AADE6AB888BC9E87265D93702B5419817
Authority key identifier: 75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/hPG1THoAJcM6Si474cFDF70Mpgw.roa
Signing time: Tue 19 Sep 2023 14:44:50 +0000
ROA not before: Tue 19 Sep 2023 14:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3302
IP address blocks: 185.82.0.0/22 maxlen: 22
81.92.32.0/20 maxlen: 20
213.136.128.0/18 maxlen: 24
217.29.160.0/20 maxlen: 20
193.219.30.0/24 maxlen: 24
194.20.0.0/16 maxlen: 24
213.149.192.0/19 maxlen: 19
212.90.0.0/19 maxlen: 24
213.183.128.0/19 maxlen: 19
194.21.0.0/18 maxlen: 24
194.21.128.0/18 maxlen: 24
194.153.192.0/20 maxlen: 24
83.211.0.0/16 maxlen: 24
212.110.0.0/19 maxlen: 24
62.94.0.0/16 maxlen: 24
195.62.224.0/19 maxlen: 24
194.153.208.0/22 maxlen: 24
213.198.128.0/18 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ad:e6:ab:88:8b:c9:e8:72:65:d9:37:02:b5:41:98:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Validity
Not Before: Sep 19 14:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84f1b54c7a0025c33a4a2e3be1c14317bd0ca60c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3b:7c:6d:74:69:54:bc:9f:44:a5:e6:fe:34:
94:ce:ce:1f:19:f2:c0:32:4e:4f:71:17:ff:98:0a:
a9:71:14:64:10:80:7d:be:a1:a8:3b:40:95:a7:e9:
66:ff:a1:8d:d3:0a:f8:6d:75:1d:42:49:5a:f6:9e:
de:9a:7e:06:66:e0:9e:38:cd:33:e4:11:ec:7c:00:
0f:6a:63:85:ac:b0:ee:70:fb:28:f0:eb:08:16:d5:
11:96:d9:7a:f3:5b:4c:56:25:04:72:8c:c0:cb:98:
c6:b2:d5:e8:57:41:fe:2a:3d:6b:a9:f4:40:89:5d:
60:32:80:6c:86:f4:85:3a:4d:06:56:4d:96:a2:31:
91:71:35:f9:6a:ef:42:b0:7c:26:8b:ce:43:97:a1:
49:bd:4e:15:f3:64:8e:0e:ac:f7:97:78:33:77:5e:
eb:44:53:fa:e9:85:ba:aa:3e:1f:03:8d:3f:4d:f3:
7e:61:4d:23:1d:26:71:ac:97:05:f8:0c:46:a6:96:
52:12:aa:88:4d:c3:af:0a:bf:3b:92:c0:57:9f:3d:
d7:c7:23:81:4d:1b:4a:f2:45:9d:12:c1:9a:b4:d3:
0b:c0:f1:24:c4:0a:85:55:a8:80:b4:a3:31:f5:eb:
4d:72:3e:e3:d0:cd:73:cd:a0:d7:f3:d5:4b:d2:b0:
f2:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F1:B5:4C:7A:00:25:C3:3A:4A:2E:3B:E1:C1:43:17:BD:0C:A6:0C
X509v3 Authority Key Identifier:
keyid:75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/hPG1THoAJcM6Si474cFDF70Mpgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.94.0.0/16
81.92.32.0/20
83.211.0.0/16
185.82.0.0/22
193.219.30.0/24
194.20.0.0-194.21.63.255
194.21.128.0/18
194.153.192.0-194.153.211.255
195.62.224.0/19
212.90.0.0/19
212.110.0.0/19
213.136.128.0/18
213.149.192.0/19
213.183.128.0/19
213.198.128.0/18
217.29.160.0/20
Signature Algorithm: sha256WithRSAEncryption
08:1e:30:b0:35:89:31:dc:5e:34:d3:e6:a8:56:90:7f:94:7d:
b8:f3:8a:95:73:e8:c3:3c:7a:69:67:79:80:2b:a5:09:3f:65:
89:db:3a:5d:2e:d0:83:3a:ba:ff:e7:96:1f:06:67:07:ba:45:
7b:e7:52:35:87:20:df:00:12:6f:e1:a6:f0:53:44:22:d8:1a:
4e:64:04:03:98:ef:78:0c:11:86:ef:2b:dc:62:c1:78:2c:3e:
05:45:f9:84:7e:63:f2:97:af:0e:37:c3:e9:23:48:90:4f:fb:
d9:9e:1e:7b:db:b5:ff:c6:76:06:7c:27:35:0e:e6:cc:94:47:
c7:b4:1c:0a:8e:fb:e8:66:b4:ff:3a:31:77:9f:1d:b1:e8:d1:
61:8b:b1:31:b7:01:c1:ff:4f:92:4f:13:40:41:a7:5b:6f:20:
df:95:44:aa:36:9f:0a:d5:84:05:93:d4:3f:23:84:85:26:14:
38:c7:c1:37:c4:82:85:e4:5a:e1:bd:e6:e4:92:1a:5e:f6:ac:
cd:9c:d1:e9:b8:1d:02:cc:68:fb:13:11:ef:ea:18:13:a5:96:
0a:14:a4:fc:2c:8d:1c:f3:d0:9a:5a:83:d5:61:15:a2:5f:bc:
a2:8a:c5:f0:41:d3:a8:98:dc:73:d4:db:d8:2c:f9:7a:c9:8e:
f3:d4:19:25
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAYqt5quIi8nocmXZNwK1QZgXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MzliN2ExMjM0MTdhYTcxOTMyNTk0NmFhODllMGYzMGFi
MGNhMDkwHhcNMjMwOTE5MTQ0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGYxYjU0YzdhMDAyNWMzM2E0YTJlM2JlMWMxNDMxN2JkMGNhNjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDt8bXRpVLyfRKXm/jSUzs4fGfLA
Mk5PcRf/mAqpcRRkEIB9vqGoO0CVp+lm/6GN0wr4bXUdQkla9p7emn4GZuCeOM0z
5BHsfAAPamOFrLDucPso8OsIFtURltl681tMViUEcozAy5jGstXoV0H+Kj1rqfRA
iV1gMoBshvSFOk0GVk2WojGRcTX5au9CsHwmi85Dl6FJvU4V82SODqz3l3gzd17r
RFP66YW6qj4fA40/TfN+YU0jHSZxrJcF+AxGppZSEqqITcOvCr87ksBXnz3XxyOB
TRtK8kWdEsGatNMLwPEkxAqFVaiAtKMx9etNcj7j0M1zzaDX89VL0rDyVwIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFITxtUx6ACXDOkouO+HBQxe9DKYMMB8GA1UdIwQY
MBaAFHU5t6EjQXqnGTJZRqqJ4PMKsMoJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjct
NWI1ZTMzY2U3MGFkLzEvaFBHMVRIb0FKY002U2k0NzRjRkRGNzBNcGd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjctNWI1ZTMzY2U3MGFk
LzEvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwcwQCAAEwbQMDAD5eAwQE
UVwgAwMAU9MDBAK5UgADBADB2x4wCwMDAsIUAwQGwhUAAwQGwhWAMAwDBAbCmcAD
BALCmdADBAXDPuADBAXUWgADBAXUbgADBAbViIADBAXVlcADBAXVt4ADBAbVxoAD
BATZHaAwDQYJKoZIhvcNAQELBQADggEBAAgeMLA1iTHcXjTT5qhWkH+UfbjzipVz
6MM8emlneYArpQk/ZYnbOl0u0IM6uv/nlh8GZwe6RXvnUjWHIN8AEm/hpvBTRCLY
Gk5kBAOY73gMEYbvK9xiwXgsPgVF+YR+Y/KXrw43w+kjSJBP+9meHnvbtf/GdgZ8
JzUO5syUR8e0HAqO++hmtP86MXefHbHo0WGLsTG3AcH/T5JPE0BBp1tvIN+VRKo2
nwrVhAWT1D8jhIUmFDjHwTfEgoXkWuG95uSSGl72rM2c0em4HQLMaPsTEe/qGBOl
lgoUpPwsjRzz0Jpag9VhFaJfvKKKxfBB06iY3HPU29gs+XrJjvPUGSU=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:37 2023 by rpki-client on console.sobornost.net