Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/szZ3x_Yh9J7wDNLd_tSuMKi77B4.roa
File: szZ3x_Yh9J7wDNLd_tSuMKi77B4.roa (raw, json)
Hash identifier: 5zzkBHPZuTS5klT/HTefPoHuV/BLgtqrTG8ezCF8L4Y=
Subject key identifier: B3:36:77:C7:F6:21:F4:9E:F0:0C:D2:DD:FE:D4:AE:30:A8:BB:EC:1E
Certificate issuer: /CN=ab54fe831b6a719f42e6c8486fd03b550be761fb
Certificate serial: 10FD4A35
Authority key identifier: AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/szZ3x_Yh9J7wDNLd_tSuMKi77B4.roa
Signing time: Tue 11 Jan 2022 15:09:58 +0000
ROA not before: Tue 11 Jan 2022 15:09:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13287
IP address blocks: 213.162.192.0/24 maxlen: 24
213.162.193.0/24 maxlen: 24
213.162.195.0/24 maxlen: 24
213.162.197.0/24 maxlen: 24
213.162.196.0/22 maxlen: 24
213.162.206.0/24 maxlen: 24
213.162.205.0/24 maxlen: 24
213.162.200.0/22 maxlen: 22
213.162.208.0/23 maxlen: 23
213.162.207.0/24 maxlen: 24
213.162.212.0/24 maxlen: 24
213.162.211.0/24 maxlen: 24
213.162.210.0/24 maxlen: 24
213.162.219.0/24 maxlen: 24
213.162.216.0/22 maxlen: 22
213.162.218.0/24 maxlen: 24
213.162.217.0/24 maxlen: 24
213.162.215.0/24 maxlen: 24
213.162.214.0/24 maxlen: 24
213.162.220.0/24 maxlen: 24
213.162.221.0/24 maxlen: 24
185.33.64.0/24 maxlen: 24
185.33.65.0/24 maxlen: 24
185.33.67.0/24 maxlen: 24
185.33.66.0/24 maxlen: 24
109.234.84.0/24 maxlen: 24
109.234.85.0/24 maxlen: 24
109.234.81.0/24 maxlen: 24
109.234.80.0/24 maxlen: 24
109.234.82.0/24 maxlen: 24
109.234.82.0/23 maxlen: 23
109.234.87.0/24 maxlen: 24
109.234.86.0/24 maxlen: 24
185.19.68.0/22 maxlen: 22
185.111.185.0/24 maxlen: 24
185.111.184.0/24 maxlen: 24
185.111.184.0/22 maxlen: 22
2a02:23a0::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 285035061 (0x10fd4a35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab54fe831b6a719f42e6c8486fd03b550be761fb
Validity
Not Before: Jan 11 15:09:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b33677c7f621f49ef00cd2ddfed4ae30a8bbec1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:df:57:3d:e4:49:c4:13:d3:1c:17:b9:ec:8a:
a2:fe:a6:32:df:2a:64:16:96:65:b9:31:3e:bd:1c:
de:e8:b8:d6:41:71:ef:d7:52:aa:9f:dd:11:63:17:
15:0a:b4:df:24:e4:d1:98:33:f6:56:da:93:a3:af:
d6:7d:e3:a3:8b:56:aa:82:83:ec:74:d9:23:00:a6:
ce:05:94:ff:d0:8d:8c:80:92:da:f6:8e:cc:35:15:
21:c1:3c:9c:cf:c9:13:55:63:0c:d8:41:a2:1c:f8:
34:55:a1:cc:f4:cc:2a:c8:28:e0:f5:94:6d:ec:1f:
00:aa:06:e7:26:79:d5:34:20:30:9b:67:c2:04:0e:
bd:fa:8b:21:6f:e4:ed:a1:40:81:fe:56:e1:d2:95:
30:cb:00:12:61:93:ff:ad:d5:0f:0f:3a:87:6a:15:
13:05:8b:1f:d7:c9:11:65:d9:99:b4:b8:55:32:e5:
9e:d6:6d:59:75:9f:bf:91:b4:ef:d0:a2:ce:de:74:
25:30:a5:c1:44:a2:0d:d7:7d:fc:b9:15:13:9f:e6:
88:de:7b:06:ef:fa:16:fd:5f:07:e1:0b:7b:a0:7d:
e4:4e:f1:ec:67:10:1a:7d:21:03:5e:c2:da:dc:bd:
fc:cc:a2:a3:5c:e3:68:41:96:1f:47:17:5d:74:9f:
5e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:36:77:C7:F6:21:F4:9E:F0:0C:D2:DD:FE:D4:AE:30:A8:BB:EC:1E
X509v3 Authority Key Identifier:
keyid:AB:54:FE:83:1B:6A:71:9F:42:E6:C8:48:6F:D0:3B:55:0B:E7:61:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q1T-gxtqcZ9C5shIb9A7VQvnYfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/szZ3x_Yh9J7wDNLd_tSuMKi77B4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/5eaaa7-3107-4268-aad6-6fd9789205ba/1/q1T-gxtqcZ9C5shIb9A7VQvnYfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.80.0/21
185.19.68.0/22
185.33.64.0/22
185.111.184.0/22
213.162.192.0/23
213.162.195.0-213.162.203.255
213.162.205.0-213.162.212.255
213.162.214.0-213.162.221.255
IPv6:
2a02:23a0::/32
Signature Algorithm: sha256WithRSAEncryption
0c:09:68:15:18:3b:12:94:dc:15:d8:84:a0:e4:eb:57:09:9b:
7e:15:3c:01:e1:f2:2c:b0:7e:1b:4b:01:69:c4:6e:65:d8:80:
28:45:8c:d0:b0:8b:17:48:c4:32:b9:22:10:ca:94:eb:6c:b8:
8c:63:11:94:2a:3e:c6:b2:d9:00:8c:2d:38:e8:f5:2b:87:7c:
2e:4b:f5:42:b1:2a:5c:fc:64:f4:20:5f:d2:71:e2:e3:a1:f1:
ee:2b:8b:36:51:37:0c:0f:21:93:08:9e:93:e1:64:5f:3f:43:
fa:8b:ea:ec:7a:07:1c:dd:fb:d2:9c:40:3e:f8:d6:7c:49:22:
66:04:03:77:b0:ba:47:41:4b:89:d3:c3:dd:1a:dd:74:6e:96:
5b:15:38:ed:53:2b:58:b1:b1:86:ca:c4:eb:90:f6:5d:49:0c:
7d:89:53:8c:3b:86:f8:e4:0f:07:fc:51:47:f2:fe:bc:ca:60:
84:ed:69:1d:98:66:ec:10:56:b3:be:43:1d:96:a2:e9:70:1f:
af:cb:93:14:aa:9d:c9:93:9d:0c:e9:26:43:6c:24:9f:f1:d9:
88:20:2f:01:24:38:6d:b9:2f:0a:f7:98:5d:d4:38:50:2e:7e:
cd:c3:dc:2f:66:b5:9e:e5:93:54:86:27:aa:99:68:62:67:dd:
d7:10:7c:47
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEEP1KNTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjU0ZmU4MzFiNmE3MTlmNDJlNmM4NDg2ZmQwM2I1NTBiZTc2MWZiMB4XDTIyMDEx
MTE1MDk1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjMzNjc3YzdmNjIx
ZjQ5ZWYwMGNkMmRkZmVkNGFlMzBhOGJiZWMxZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjfVz3kScQT0xwXueyKov6mMt8qZBaWZbkxPr0c3ui41kFx
79dSqp/dEWMXFQq03yTk0Zgz9lbak6Ov1n3jo4tWqoKD7HTZIwCmzgWU/9CNjICS
2vaOzDUVIcE8nM/JE1VjDNhBohz4NFWhzPTMKsgo4PWUbewfAKoG5yZ51TQgMJtn
wgQOvfqLIW/k7aFAgf5W4dKVMMsAEmGT/63VDw86h2oVEwWLH9fJEWXZmbS4VTLl
ntZtWXWfv5G079Cizt50JTClwUSiDdd9/LkVE5/miN57Bu/6Fv1fB+ELe6B95E7x
7GcQGn0hA17C2ty9/Myio1zjaEGWH0cXXXSfXvECAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBSzNnfH9iH0nvAM0t3+1K4wqLvsHjAfBgNVHSMEGDAWgBSrVP6DG2pxn0Lm
yEhv0DtVC+dh+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ExVC1neHRxY1o5QzVzaEliOUE3VlF2bllmcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvNWVhYWE3LTMxMDctNDI2OC1hYWQ2LTZmZDk3ODkyMDViYS8x
L3N6WjN4X1loOUo3d0ROTGRfdFN1TUtpNzdCNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
NWVhYWE3LTMxMDctNDI2OC1hYWQ2LTZmZDk3ODkyMDViYS8xL3ExVC1neHRxY1o5
QzVzaEliOUE3VlF2bllmcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEA23qUAMEArkTRAMEArkhQAMEArlv
uAMEAdWiwDAMAwQA1aLDAwQC1aLIMAwDBADVos0DBADVotQwDAMEAdWi1gMEAdWi
3DANBAIAAjAHAwUAKgIjoDANBgkqhkiG9w0BAQsFAAOCAQEADAloFRg7EpTcFdiE
oOTrVwmbfhU8AeHyLLB+G0sBacRuZdiAKEWM0LCLF0jEMrkiEMqU62y4jGMRlCo+
xrLZAIwtOOj1K4d8Lkv1QrEqXPxk9CBf0nHi46Hx7iuLNlE3DA8hkwiek+FkXz9D
+ovq7HoHHN370pxAPvjWfEkiZgQDd7C6R0FLidPD3RrddG6WWxU47VMrWLGxhsrE
65D2XUkMfYlTjDuG+OQPB/xRR/L+vMpghO1pHZhm7BBWs75DHZai6XAfr8uTFKqd
yZOdDOkmQ2wkn/HZiCAvASQ4bbkvCveYXdQ4UC5+zcPcL2a1nuWTVIYnqploYmfd
1xB8Rw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:35 2023 by rpki-client on console.sobornost.net