Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/IaDgH4arIBDwEi2m_zn8CssfmG8.roa
File: IaDgH4arIBDwEi2m_zn8CssfmG8.roa (raw, json)
Hash identifier: 2y592SmPD4pSlC5UJ6Bt0/P8UFXnurifUO073wJ3syM=
Subject key identifier: 21:A0:E0:1F:86:AB:20:10:F0:12:2D:A6:FF:39:FC:0A:CB:1F:98:6F
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 34D1861D
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/IaDgH4arIBDwEi2m_zn8CssfmG8.roa
Signing time: Wed 26 Jan 2022 10:22:57 +0000
ROA not before: Wed 26 Jan 2022 10:22:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 195.12.224.0/19 maxlen: 19
80.239.128.0/17 maxlen: 19
195.12.248.0/24 maxlen: 24
195.12.248.0/23 maxlen: 23
195.12.249.0/24 maxlen: 24
62.115.128.0/22 maxlen: 22
80.91.240.0/20 maxlen: 21
213.248.64.0/18 maxlen: 18
62.115.0.0/16 maxlen: 16
213.155.128.0/19 maxlen: 19
2001:2000::/20 maxlen: 20
2001:2030:c005::/48 maxlen: 48
2001:2030::/32 maxlen: 32
2001:2000:3000::/40 maxlen: 40
2001:2030::/28 maxlen: 28
2001:2030:c004::/48 maxlen: 48
2001:2030:c004::/47 maxlen: 47
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 886146589 (0x34d1861d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Jan 26 10:22:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21a0e01f86ab2010f0122da6ff39fc0acb1f986f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:5a:3e:6e:0b:3c:6c:26:fb:31:e1:af:18:f3:
cf:5d:fc:44:02:89:d9:ec:68:39:be:58:63:ef:19:
6d:18:d2:81:96:41:81:4b:26:93:a3:7e:d0:29:c6:
3b:56:89:3e:a8:db:22:d4:a4:8d:4d:cc:3e:03:50:
4e:c8:20:42:47:ed:3d:79:ed:81:55:dc:13:aa:f8:
3d:61:db:66:13:43:b1:c3:c3:2c:34:0b:43:64:30:
a1:a8:83:30:af:db:61:4a:d9:75:fc:1b:5e:59:98:
d3:98:71:30:6d:0f:22:77:99:04:d7:3b:a4:4a:72:
57:7b:18:1f:8e:dd:86:17:23:87:8a:64:d2:f0:dd:
92:bd:80:be:cd:ce:93:8d:da:3e:2c:20:bb:26:02:
15:3f:64:93:83:9c:9a:9e:5b:0f:4b:2a:63:10:87:
f6:b9:5d:b3:3f:d0:a8:01:39:07:79:07:a6:c1:b0:
bd:8d:15:4b:3a:ad:9c:25:b6:11:74:ce:c2:73:15:
8e:15:b8:c2:91:05:b3:84:32:2b:0c:8e:88:8f:9c:
01:a1:f9:e5:c8:db:6a:ce:86:01:ca:64:04:2e:bd:
db:45:c6:4f:43:1e:8f:19:ff:14:32:2a:65:23:89:
b3:03:49:1f:a7:09:b6:c2:7d:2a:d6:31:0d:ed:d3:
35:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A0:E0:1F:86:AB:20:10:F0:12:2D:A6:FF:39:FC:0A:CB:1F:98:6F
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/IaDgH4arIBDwEi2m_zn8CssfmG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.115.0.0/16
80.91.240.0/20
80.239.128.0/17
195.12.224.0/19
213.155.128.0/19
213.248.64.0/18
IPv6:
2001:2000::/20
Signature Algorithm: sha256WithRSAEncryption
1d:84:5b:e5:62:f6:8d:3f:f6:81:32:17:07:d9:5e:90:95:73:
38:0e:7b:c5:ba:f9:79:24:ae:7f:20:e0:a8:4d:5d:58:75:90:
c6:8d:ae:58:6d:e4:5d:7d:9f:f7:b1:55:00:e8:73:e5:2f:a7:
fd:1a:ce:80:98:67:2e:15:96:61:5d:6f:02:b3:26:fa:20:c7:
d3:da:d5:5a:17:6e:88:db:21:f0:71:ff:b0:40:d7:6e:17:9d:
94:e4:ef:73:ec:31:a2:f9:0a:8a:ff:34:63:a4:46:db:5e:25:
2d:04:39:41:e1:46:83:3a:7c:d0:f9:94:94:8b:a9:bd:9c:f3:
73:ce:30:fa:49:53:76:34:a3:48:0b:a8:c9:2b:8b:b9:ed:cb:
24:2d:85:e7:4c:98:76:7e:fe:7f:6d:40:71:9c:18:71:0c:9b:
60:fd:de:e1:e2:2e:d0:7a:7b:eb:95:83:1f:fc:a8:fc:61:98:
78:53:62:3b:d9:2e:6b:57:e4:47:e9:d7:49:9b:54:60:67:78:
6c:fc:e2:26:4e:06:c9:a2:85:8a:48:4f:5f:9b:ae:ad:a1:2b:
40:b4:0a:fd:39:3e:83:b8:63:3b:5f:82:9d:56:e8:1f:2e:a3:
5d:70:78:4e:55:57:e8:b1:e4:63:f9:24:44:21:8b:cb:e3:a8:
07:59:60:9a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIENNGGHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YmE1YjFjMDlhYTMxZjY3MTNjNjFiMzJlNTU4MTA5ZTQ3OTY2ZDQyMB4XDTIyMDEy
NjEwMjI1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFhMGUwMWY4NmFi
MjAxMGYwMTIyZGE2ZmYzOWZjMGFjYjFmOTg2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANpaPm4LPGwm+zHhrxjzz138RAKJ2exoOb5YY+8ZbRjSgZZB
gUsmk6N+0CnGO1aJPqjbItSkjU3MPgNQTsggQkftPXntgVXcE6r4PWHbZhNDscPD
LDQLQ2QwoaiDMK/bYUrZdfwbXlmY05hxMG0PIneZBNc7pEpyV3sYH47dhhcjh4pk
0vDdkr2Avs3Ok43aPiwguyYCFT9kk4Ocmp5bD0sqYxCH9rldsz/QqAE5B3kHpsGw
vY0VSzqtnCW2EXTOwnMVjhW4wpEFs4QyKwyOiI+cAaH55cjbas6GAcpkBC6920XG
T0Mejxn/FDIqZSOJswNJH6cJtsJ9KtYxDe3TNb0CAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBQhoOAfhqsgEPASLab/OfwKyx+YbzAfBgNVHSMEGDAWgBQ7pbHAmqMfZxPG
GzLlWBCeR5ZtQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L082V3h3SnFqSDJjVHhoc3k1VmdRbmtlV2JVSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvMTNiZDc3LWQyOTctNDY4OS1iZWU0LTQ2NmU5Y2FiNzg2NC8x
L0lhRGdINGFySUJEd0VpMm1fem44Q3NzZm1HOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
MTNiZDc3LWQyOTctNDY4OS1iZWU0LTQ2NmU5Y2FiNzg2NC8xL082V3h3SnFqSDJj
VHhoc3k1VmdRbmtlV2JVSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwKQQCAAEwIwMDAD5zAwQEUFvwAwQHUO+AAwQFwwzg
AwQF1ZuAAwQG1fhAMAwEAgACMAYDBAQgASAwDQYJKoZIhvcNAQELBQADggEBAB2E
W+Vi9o0/9oEyFwfZXpCVczgOe8W6+Xkkrn8g4KhNXVh1kMaNrlht5F19n/exVQDo
c+Uvp/0azoCYZy4VlmFdbwKzJvogx9Pa1VoXbojbIfBx/7BA124XnZTk73PsMaL5
Cor/NGOkRtteJS0EOUHhRoM6fND5lJSLqb2c83POMPpJU3Y0o0gLqMkri7ntyyQt
hedMmHZ+/n9tQHGcGHEMm2D93uHiLtB6e+uVgx/8qPxhmHhTYjvZLmtX5Efp10mb
VGBneGz84iZOBsmihYpIT1+brq2hK0C0Cv05PoO4Yztfgp1W6B8uo11weE5VV+ix
5GP5JEQhi8vjqAdZYJo=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:04 2023 by rpki-client on console.sobornost.net