Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/p2cN9hASJ9_UxE_0vAOreFdcP24.roa
File: p2cN9hASJ9_UxE_0vAOreFdcP24.roa (raw, json)
Hash identifier: Db7VqTOAlRaPfUoS3YnzdfDBv0fDFdtg9BZzeOa2B04=
Subject key identifier: A7:67:0D:F6:10:12:27:DF:D4:C4:4F:F4:BC:03:AB:78:57:5C:3F:6E
Certificate issuer: /CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Certificate serial: 018AE1465E2B3A699FDCFAA7FDAF4615F3EF
Authority key identifier: 75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/p2cN9hASJ9_UxE_0vAOreFdcP24.roa
Signing time: Fri 29 Sep 2023 14:09:59 +0000
ROA not before: Fri 29 Sep 2023 14:09:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3302
IP address blocks: 185.82.0.0/22 maxlen: 22
81.92.32.0/20 maxlen: 20
213.136.128.0/18 maxlen: 24
217.29.160.0/20 maxlen: 20
193.219.30.0/24 maxlen: 24
194.20.0.0/16 maxlen: 24
217.15.208.0/20 maxlen: 24
213.149.192.0/19 maxlen: 19
212.90.0.0/19 maxlen: 24
213.183.128.0/19 maxlen: 19
194.21.0.0/18 maxlen: 24
194.21.128.0/18 maxlen: 24
194.153.192.0/20 maxlen: 24
83.211.0.0/16 maxlen: 24
212.110.0.0/19 maxlen: 24
62.94.0.0/16 maxlen: 24
195.62.224.0/19 maxlen: 24
194.153.208.0/22 maxlen: 24
213.198.128.0/18 maxlen: 24
2001:750::/29 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e1:46:5e:2b:3a:69:9f:dc:fa:a7:fd:af:46:15:f3:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Validity
Not Before: Sep 29 14:09:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7670df6101227dfd4c44ff4bc03ab78575c3f6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ea:d1:32:20:80:40:62:ed:82:fd:d4:66:bb:
82:2c:c2:2b:89:ba:01:f3:e7:8d:0d:60:2b:44:6b:
56:d8:75:39:72:c3:a4:84:31:6e:90:74:02:c1:61:
c1:ac:cf:34:41:99:b2:3d:e1:4b:92:50:bd:4a:8a:
20:29:6a:d2:ca:9b:ed:3b:d2:ad:45:6d:d2:ef:58:
97:f0:86:2c:b6:1f:8c:5a:c4:7d:ee:1c:91:c1:ce:
fb:fc:00:35:2b:94:06:dd:45:6e:5d:fc:a0:ba:6a:
43:b1:e7:2d:db:fb:d4:65:54:7d:93:ee:99:55:97:
9d:6d:5f:c3:fb:61:18:46:f9:6d:21:ec:95:06:13:
4e:18:b4:42:c9:18:2d:42:24:54:6c:c4:e1:e3:ef:
18:96:84:57:0f:b9:69:84:76:f1:61:b9:ff:e2:1f:
7c:c1:b9:b2:31:cf:b9:24:78:10:ac:45:5c:9c:db:
7f:49:56:9e:4d:57:97:15:33:bd:34:93:1a:39:54:
f0:60:0f:c4:bd:c8:e2:77:7e:80:f0:d6:59:fa:d1:
ac:a1:ea:e2:03:a9:56:4d:83:cc:a3:d4:dd:5f:2f:
45:15:49:7f:a4:cf:66:d3:82:5a:2a:98:7f:58:dc:
28:86:a6:8f:ea:3e:dd:da:76:b4:a7:a9:35:bd:22:
a4:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:67:0D:F6:10:12:27:DF:D4:C4:4F:F4:BC:03:AB:78:57:5C:3F:6E
X509v3 Authority Key Identifier:
keyid:75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/p2cN9hASJ9_UxE_0vAOreFdcP24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.94.0.0/16
81.92.32.0/20
83.211.0.0/16
185.82.0.0/22
193.219.30.0/24
194.20.0.0-194.21.63.255
194.21.128.0/18
194.153.192.0-194.153.211.255
195.62.224.0/19
212.90.0.0/19
212.110.0.0/19
213.136.128.0/18
213.149.192.0/19
213.183.128.0/19
213.198.128.0/18
217.15.208.0/20
217.29.160.0/20
IPv6:
2001:750::/29
Signature Algorithm: sha256WithRSAEncryption
41:7c:68:26:96:79:75:05:89:4c:c3:63:bc:68:06:2a:c0:3f:
dd:78:22:0b:e5:e6:82:68:5c:ce:ba:72:c1:82:97:7e:a4:39:
37:aa:d1:25:a9:49:81:72:19:d5:ee:2c:18:c9:ea:8e:1a:40:
b0:b5:7c:67:f4:4e:1a:e1:e1:b8:cc:ab:cd:c7:e6:b6:32:14:
20:c1:fb:85:64:7e:4a:ca:51:56:f8:ad:30:a4:de:6a:02:c2:
16:06:28:e8:dd:5e:62:61:b9:f8:e8:67:26:a1:04:30:21:07:
70:b8:ea:dd:11:cf:2c:5a:c9:c4:0c:20:85:61:bb:54:8d:c4:
d3:b4:97:fc:3a:46:71:b7:c8:92:0e:79:6a:18:1c:94:7e:6f:
9f:dd:ab:91:17:0c:80:41:5b:9a:67:c4:0a:b0:e3:51:e5:8a:
0b:53:70:13:2c:27:20:8d:09:26:91:75:5f:11:11:85:0f:52:
59:7d:0e:04:0a:01:0a:18:36:1a:72:61:63:77:a9:d9:a1:11:
1c:2d:0e:55:e4:ec:c0:6c:55:b2:76:e8:d0:7d:c5:2c:f9:58:
17:24:b2:87:6d:f4:67:06:77:6c:f9:6f:f8:06:0f:ea:c8:e7:
66:0c:c8:35:99:38:0a:0a:89:00:a9:f6:45:73:b8:29:c2:3f:
42:7b:b5:b7
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYrhRl4rOmmf3Pqn/a9GFfPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MzliN2ExMjM0MTdhYTcxOTMyNTk0NmFhODllMGYzMGFi
MGNhMDkwHhcNMjMwOTI5MTQwOTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzY3MGRmNjEwMTIyN2RmZDRjNDRmZjRiYzAzYWI3ODU3NWMzZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOrRMiCAQGLtgv3UZruCLMIriboB
8+eNDWArRGtW2HU5csOkhDFukHQCwWHBrM80QZmyPeFLklC9SoogKWrSypvtO9Kt
RW3S71iX8IYsth+MWsR97hyRwc77/AA1K5QG3UVuXfygumpDsect2/vUZVR9k+6Z
VZedbV/D+2EYRvltIeyVBhNOGLRCyRgtQiRUbMTh4+8YloRXD7lphHbxYbn/4h98
wbmyMc+5JHgQrEVcnNt/SVaeTVeXFTO9NJMaOVTwYA/Evcjid36A8NZZ+tGsoeri
A6lWTYPMo9TdXy9FFUl/pM9m04JaKph/WNwohqaP6j7d2na0p6k1vSKk+QIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFKdnDfYQEiff1MRP9LwDq3hXXD9uMB8GA1UdIwQY
MBaAFHU5t6EjQXqnGTJZRqqJ4PMKsMoJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjct
NWI1ZTMzY2U3MGFkLzEvcDJjTjloQVNKOV9VeEVfMHZBT3JlRmRjUDI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjctNWI1ZTMzY2U3MGFk
LzEvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijB5BAIAATBzAwMAPl4D
BARRXCADAwBT0wMEArlSAAMEAMHbHjALAwMCwhQDBAbCFQADBAbCFYAwDAMEBsKZ
wAMEAsKZ0AMEBcM+4AMEBdRaAAMEBdRuAAMEBtWIgAMEBdWVwAMEBdW3gAMEBtXG
gAMEBNkP0AMEBNkdoDANBAIAAjAHAwUDIAEHUDANBgkqhkiG9w0BAQsFAAOCAQEA
QXxoJpZ5dQWJTMNjvGgGKsA/3XgiC+XmgmhczrpywYKXfqQ5N6rRJalJgXIZ1e4s
GMnqjhpAsLV8Z/ROGuHhuMyrzcfmtjIUIMH7hWR+SspRVvitMKTeagLCFgYo6N1e
YmG5+OhnJqEEMCEHcLjq3RHPLFrJxAwghWG7VI3E07SX/DpGcbfIkg55ahgclH5v
n92rkRcMgEFbmmfECrDjUeWKC1NwEywnII0JJpF1XxERhQ9SWX0OBAoBChg2GnJh
Y3ep2aERHC0OVeTswGxVsnbo0H3FLPlYFySyh230ZwZ3bPlv+AYP6sjnZgzINZk4
CgqJAKn2RXO4KcI/Qnu1tw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:37 2023 by rpki-client on console.sobornost.net