Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/lIFy3E3J6L2CbLdVLIrImw_wbNY.roa
File: lIFy3E3J6L2CbLdVLIrImw_wbNY.roa (raw, json)
Hash identifier: 5d/dvHUhpxz1FMFRA76f6PFlm3ks/aXDasRMNuur6rU=
Subject key identifier: 94:81:72:DC:4D:C9:E8:BD:82:6C:B7:55:2C:8A:C8:9B:0F:F0:6C:D6
Certificate issuer: /CN=e94978779e930e01fbfe7e0c5fcb41611129d4e8
Certificate serial: 0BF98CA4
Authority key identifier: E9:49:78:77:9E:93:0E:01:FB:FE:7E:0C:5F:CB:41:61:11:29:D4:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Ul4d56TDgH7_n4MX8tBYREp1Og.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/lIFy3E3J6L2CbLdVLIrImw_wbNY.roa
Signing time: Sat 01 Jan 2022 12:58:30 +0000
ROA not before: Sat 01 Jan 2022 12:58:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41227
IP address blocks: 78.111.1.0/24 maxlen: 24
78.111.6.0/24 maxlen: 24
78.111.5.0/24 maxlen: 24
87.247.171.0/24 maxlen: 24
87.247.172.0/24 maxlen: 24
87.247.170.0/24 maxlen: 24
87.247.173.0/24 maxlen: 24
87.247.178.0/24 maxlen: 24
87.247.184.0/21 maxlen: 21
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 200903844 (0xbf98ca4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e94978779e930e01fbfe7e0c5fcb41611129d4e8
Validity
Not Before: Jan 1 12:58:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=948172dc4dc9e8bd826cb7552c8ac89b0ff06cd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:16:1b:4b:e1:6a:69:24:2a:eb:50:40:95:a1:
83:36:4a:8d:da:f3:c2:a7:96:24:95:cf:a6:78:22:
3a:19:db:a7:c3:ee:de:75:3b:2b:f1:27:16:2d:2b:
2d:a5:f1:29:53:68:1a:9e:84:45:56:e1:35:50:c2:
07:eb:6a:d9:22:0d:09:d7:5c:87:97:03:65:4e:06:
d6:c9:c3:2e:04:91:b6:9a:b9:09:7e:e5:42:bb:62:
43:db:87:2a:5d:50:59:42:70:76:5e:56:74:a1:ec:
af:80:d6:64:87:53:f9:0f:6c:1b:6c:4e:b3:45:6e:
ae:e2:26:fe:d1:73:f3:3e:be:74:f1:33:70:e6:ff:
8d:47:6e:2a:c2:91:9f:9b:71:06:f6:f1:30:25:20:
01:73:5c:a2:10:da:62:ef:7e:39:bc:53:21:8b:e1:
15:ee:27:8b:ab:cf:da:dc:e6:00:f4:d6:ac:c2:37:
3d:d0:ca:c1:8c:18:9f:c6:0c:b3:e1:28:40:b6:b9:
ac:d5:b5:d0:f1:2c:48:60:46:aa:fd:83:1c:63:60:
71:9d:e8:f8:08:99:95:3b:de:a2:5b:7e:3f:ee:ad:
6b:08:7d:0f:d6:9a:31:64:da:59:4d:e5:19:31:88:
60:41:81:5b:6b:7f:4c:68:38:90:25:f4:55:0e:c6:
36:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:81:72:DC:4D:C9:E8:BD:82:6C:B7:55:2C:8A:C8:9B:0F:F0:6C:D6
X509v3 Authority Key Identifier:
keyid:E9:49:78:77:9E:93:0E:01:FB:FE:7E:0C:5F:CB:41:61:11:29:D4:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Ul4d56TDgH7_n4MX8tBYREp1Og.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/lIFy3E3J6L2CbLdVLIrImw_wbNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/6Ul4d56TDgH7_n4MX8tBYREp1Og.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.1.0/24
78.111.5.0-78.111.6.255
87.247.170.0-87.247.173.255
87.247.178.0/24
87.247.184.0/21
Signature Algorithm: sha256WithRSAEncryption
8d:8a:3b:26:92:6a:ee:bc:2b:d0:d6:1b:d4:d4:e7:5a:27:a4:
f2:83:d9:45:80:ae:f3:ec:f7:68:2d:39:ba:1f:9f:39:18:17:
f4:85:70:5e:4e:40:6d:b4:1b:b9:1d:c3:62:ca:f3:25:40:97:
34:53:84:8e:1a:a1:00:c2:ef:3d:92:21:78:2e:2b:52:d9:da:
c2:8a:6b:ea:f9:73:9c:1a:44:3e:0c:23:f3:6d:ab:3a:9a:a4:
6c:f8:4f:13:1f:42:99:16:43:d4:81:a3:89:61:02:9e:6c:09:
d8:00:ee:6e:a1:43:83:e8:ce:9f:7f:97:0e:35:ea:70:ad:70:
90:ff:10:52:82:b3:74:c4:13:8b:c0:5e:89:5c:89:49:b3:d5:
12:bc:31:b8:1e:06:65:a3:87:1e:76:c1:2a:06:ce:05:d6:6a:
35:bf:91:8e:21:02:44:9b:04:4d:94:20:ed:e9:1f:05:f5:69:
39:9c:58:0c:d3:73:f0:8a:94:72:f9:52:62:93:27:d6:a1:27:
b3:38:34:a1:ac:34:ee:3d:2d:f7:e8:16:90:13:85:4f:d5:58:
bb:f6:98:a7:c1:56:fe:d1:19:15:aa:64:2c:b5:d6:75:2b:00:
71:f2:68:23:71:ca:3a:e7:aa:a7:28:6b:fc:50:76:16:04:bd:
4c:94:4c:c9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEC/mMpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OTQ5Nzg3NzllOTMwZTAxZmJmZTdlMGM1ZmNiNDE2MTExMjlkNGU4MB4XDTIyMDEw
MTEyNTgzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQ4MTcyZGM0ZGM5
ZThiZDgyNmNiNzU1MmM4YWM4OWIwZmYwNmNkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALEWG0vhamkkKutQQJWhgzZKjdrzwqeWJJXPpngiOhnbp8Pu
3nU7K/EnFi0rLaXxKVNoGp6ERVbhNVDCB+tq2SINCddch5cDZU4G1snDLgSRtpq5
CX7lQrtiQ9uHKl1QWUJwdl5WdKHsr4DWZIdT+Q9sG2xOs0VuruIm/tFz8z6+dPEz
cOb/jUduKsKRn5txBvbxMCUgAXNcohDaYu9+ObxTIYvhFe4ni6vP2tzmAPTWrMI3
PdDKwYwYn8YMs+EoQLa5rNW10PEsSGBGqv2DHGNgcZ3o+AiZlTveolt+P+6tawh9
D9aaMWTaWU3lGTGIYEGBW2t/TGg4kCX0VQ7GNn8CAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBSUgXLcTcnovYJst1UsisibD/Bs1jAfBgNVHSMEGDAWgBTpSXh3npMOAfv+
fgxfy0FhESnU6DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZVbDRkNTZURGdIN19uNE1YOHRCWVJFcDFPZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNzhkYjI5LWU0NmQtNDFmNC04N2M3LTk1YzQyZTRhODRjMC8x
L2xJRnkzRTNKNkwyQ2JMZFZMSXJJbXdfd2JOWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NzhkYjI5LWU0NmQtNDFmNC04N2M3LTk1YzQyZTRhODRjMC8xLzZVbDRkNTZURGdI
N19uNE1YOHRCWVJFcDFPZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwNAQCAAEwLgMEAE5vATAMAwQATm8FAwQATm8GMAwD
BAFX96oDBAFX96wDBABX97IDBANX97gwDQYJKoZIhvcNAQELBQADggEBAI2KOyaS
au68K9DWG9TU51onpPKD2UWArvPs92gtObofnzkYF/SFcF5OQG20G7kdw2LK8yVA
lzRThI4aoQDC7z2SIXguK1LZ2sKKa+r5c5waRD4MI/NtqzqapGz4TxMfQpkWQ9SB
o4lhAp5sCdgA7m6hQ4Pozp9/lw416nCtcJD/EFKCs3TEE4vAXolciUmz1RK8Mbge
BmWjhx52wSoGzgXWajW/kY4hAkSbBE2UIO3pHwX1aTmcWAzTc/CKlHL5UmKTJ9ah
J7M4NKGsNO49LffoFpAThU/VWLv2mKfBVv7RGRWqZCy11nUrAHHyaCNxyjrnqqco
a/xQdhYEvUyUTMk=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:12 2023 by rpki-client on console.sobornost.net