Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/EXj3T1xjlssxgp03P4oJ0s4azZc.roa
File: EXj3T1xjlssxgp03P4oJ0s4azZc.roa (raw, json)
Hash identifier: iaVHKYgHuaJRIxaja64KWtMerNltXOkpZ0eQpLm893c=
Subject key identifier: 11:78:F7:4F:5C:63:96:CB:31:82:9D:37:3F:8A:09:D2:CE:1A:CD:97
Certificate issuer: /CN=73dfeea9c7de246e6d7d1a507406285b226f9286
Certificate serial: 03BC991F
Authority key identifier: 73:DF:EE:A9:C7:DE:24:6E:6D:7D:1A:50:74:06:28:5B:22:6F:92:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c9_uqcfeJG5tfRpQdAYoWyJvkoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/EXj3T1xjlssxgp03P4oJ0s4azZc.roa
Signing time: Sat 01 Jan 2022 03:01:26 +0000
ROA not before: Sat 01 Jan 2022 03:01:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60159
IP address blocks: 194.146.191.0/24 maxlen: 24
194.146.190.0/24 maxlen: 24
194.146.189.0/24 maxlen: 24
194.146.188.0/22 maxlen: 22
185.41.20.0/22 maxlen: 22
193.57.44.0/22 maxlen: 22
185.212.248.0/22 maxlen: 22
185.239.24.0/22 maxlen: 22
2a0c:d540::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62691615 (0x3bc991f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73dfeea9c7de246e6d7d1a507406285b226f9286
Validity
Not Before: Jan 1 03:01:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1178f74f5c6396cb31829d373f8a09d2ce1acd97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:6e:e6:33:3a:0e:35:fc:90:51:06:25:0e:ef:
67:85:45:42:0e:74:02:49:70:c1:c7:35:ef:8c:c4:
e1:19:97:16:09:2d:45:d8:12:47:98:f9:e3:b7:2c:
73:4e:d2:46:86:37:eb:93:c1:b8:63:a8:1f:73:af:
a6:01:38:df:cc:59:85:65:c0:fb:e6:00:3d:37:a3:
f1:26:44:05:fc:e2:93:47:9c:fd:67:1e:9c:3a:72:
b8:5b:36:b7:2e:43:73:c8:57:db:23:7a:7f:1d:a6:
bd:19:ff:2a:2b:36:09:ee:73:0c:14:0f:b8:71:28:
a6:f0:53:0c:4c:20:77:7b:d3:ee:03:08:84:49:4f:
b1:43:fe:82:a6:2c:33:4e:c4:41:c9:b1:1a:47:70:
ee:75:42:12:a8:6a:de:b1:d9:cd:62:2d:7b:54:28:
0a:c7:68:88:64:7f:59:69:18:54:4f:15:6e:79:e2:
e8:dd:2a:cc:41:09:7a:e7:8d:31:6a:36:f4:39:27:
94:1f:7c:6f:7a:4f:e9:d8:5b:a2:3b:fb:b2:9e:ab:
5b:5e:ea:4a:98:32:99:38:73:bc:f9:32:f9:2a:d3:
92:e6:0a:8f:53:21:d0:ff:08:3f:24:45:37:6a:50:
f0:d5:88:99:48:6c:20:ec:43:6b:60:10:b3:e5:50:
f6:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:78:F7:4F:5C:63:96:CB:31:82:9D:37:3F:8A:09:D2:CE:1A:CD:97
X509v3 Authority Key Identifier:
keyid:73:DF:EE:A9:C7:DE:24:6E:6D:7D:1A:50:74:06:28:5B:22:6F:92:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9_uqcfeJG5tfRpQdAYoWyJvkoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/EXj3T1xjlssxgp03P4oJ0s4azZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/9c0a7e-9963-4c0d-94ac-446d0a7e9404/1/c9_uqcfeJG5tfRpQdAYoWyJvkoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.20.0/22
185.212.248.0/22
185.239.24.0/22
193.57.44.0/22
194.146.188.0/22
IPv6:
2a0c:d540::/32
Signature Algorithm: sha256WithRSAEncryption
7d:51:03:9e:ef:a1:ba:e6:17:b2:21:96:b9:bc:e7:3c:7a:9e:
9f:78:bb:78:36:ae:7a:8a:ab:fe:2b:63:88:42:fb:3b:b6:62:
77:9e:5a:65:74:59:95:5f:7b:fc:c8:e7:6b:6e:d8:6b:d4:bc:
aa:28:a4:91:0d:7a:7b:7e:0a:99:c6:23:c1:04:b9:f4:77:a1:
63:59:fe:ad:9d:86:fc:5d:1c:38:fc:15:5c:ed:2a:ae:41:5a:
6b:78:ca:e8:30:8e:ce:40:09:ce:3f:da:ba:21:93:45:e1:4f:
ca:15:7f:73:49:a4:29:98:5e:d7:39:52:79:fb:49:7d:43:93:
7c:ef:9b:7e:80:d7:7b:e1:1e:1f:ee:2c:79:06:b1:e7:fa:6c:
49:7a:e2:49:21:f8:ba:7b:a1:9e:b6:73:44:aa:92:2b:f3:56:
80:79:cc:b0:04:06:3c:b0:1a:64:5f:36:e6:a5:9d:dd:f3:b6:
21:29:ed:44:a9:d7:3b:ef:d8:88:ed:c8:a9:ed:0e:80:19:78:
b9:a1:bb:52:c5:0e:4f:0b:7e:24:84:d7:a1:0f:18:9e:48:8f:
08:cb:98:e3:bd:31:81:97:e8:54:2c:d9:17:af:0d:ce:aa:a0:
c7:10:66:3e:34:94:43:58:67:b6:92:74:25:4c:c2:98:8d:8a:
f0:db:58:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEA7yZHzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
M2RmZWVhOWM3ZGUyNDZlNmQ3ZDFhNTA3NDA2Mjg1YjIyNmY5Mjg2MB4XDTIyMDEw
MTAzMDEyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTE3OGY3NGY1YzYz
OTZjYjMxODI5ZDM3M2Y4YTA5ZDJjZTFhY2Q5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANRu5jM6DjX8kFEGJQ7vZ4VFQg50Aklwwcc174zE4RmXFgkt
RdgSR5j547csc07SRoY365PBuGOoH3OvpgE438xZhWXA++YAPTej8SZEBfzik0ec
/WcenDpyuFs2ty5Dc8hX2yN6fx2mvRn/Kis2Ce5zDBQPuHEopvBTDEwgd3vT7gMI
hElPsUP+gqYsM07EQcmxGkdw7nVCEqhq3rHZzWIte1QoCsdoiGR/WWkYVE8Vbnni
6N0qzEEJeueNMWo29DknlB98b3pP6dhbojv7sp6rW17qSpgymThzvPky+SrTkuYK
j1Mh0P8IPyRFN2pQ8NWImUhsIOxDa2AQs+VQ9hMCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBQRePdPXGOWyzGCnTc/ignSzhrNlzAfBgNVHSMEGDAWgBRz3+6px94kbm19
GlB0BihbIm+ShjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2M5X3VxY2ZlSkc1dGZScFFkQVlvV3lKdmtvWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvOWMwYTdlLTk5NjMtNGMwZC05NGFjLTQ0NmQwYTdlOTQwNC8x
L0VYajNUMXhqbHNzeGdwMDNQNG9KMHM0YXpaYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
OWMwYTdlLTk5NjMtNGMwZC05NGFjLTQ0NmQwYTdlOTQwNC8xL2M5X3VxY2ZlSkc1
dGZScFFkQVlvV3lKdmtvWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEArkpFAMEArnU+AMEArnvGAMEAsE5
LAMEAsKSvDANBAIAAjAHAwUAKgzVQDANBgkqhkiG9w0BAQsFAAOCAQEAfVEDnu+h
uuYXsiGWubznPHqen3i7eDaueoqr/itjiEL7O7Zid55aZXRZlV97/Mjna27Ya9S8
qiikkQ16e34KmcYjwQS59HehY1n+rZ2G/F0cOPwVXO0qrkFaa3jK6DCOzkAJzj/a
uiGTReFPyhV/c0mkKZhe1zlSeftJfUOTfO+bfoDXe+EeH+4seQax5/psSXriSSH4
unuhnrZzRKqSK/NWgHnMsAQGPLAaZF825qWd3fO2ISntRKnXO+/YiO3Iqe0OgBl4
uaG7UsUOTwt+JITXoQ8YnkiPCMuY470xgZfoVCzZF68NzqqgxxBmPjSUQ1hntpJ0
JUzCmI2K8NtYjQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:39 2023 by rpki-client on console.sobornost.net