Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/1-yNEvnWDy97YVPQYVjx5WGZS2Ns.roa
File: 1-yNEvnWDy97YVPQYVjx5WGZS2Ns.roa (raw, json)
Hash identifier: 4RRRAI4b+cfBqPeK1Q1KdBoXDrVCkonfNViQBXqJZ7I=
Subject key identifier: FB:23:44:BE:75:83:CB:DE:D8:54:F4:18:56:3C:79:58:66:52:D8:DB
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 01821D1442E7E796F5A7E1F6E0C8D033CB4F
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/1-yNEvnWDy97YVPQYVjx5WGZS2Ns.roa
Signing time: Wed 20 Jul 2022 19:27:23 +0000
ROA not before: Wed 20 Jul 2022 19:27:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5400
IP address blocks: 213.9.138.0/24 maxlen: 24
213.9.148.0/24 maxlen: 24
213.9.160.0/24 maxlen: 24
212.49.175.0/24 maxlen: 24
212.49.181.0/24 maxlen: 24
212.49.190.0/24 maxlen: 24
212.49.191.0/24 maxlen: 24
212.163.40.0/24 maxlen: 24
213.9.232.0/24 maxlen: 24
212.163.55.0/24 maxlen: 24
213.9.173.0/24 maxlen: 24
213.9.177.0/24 maxlen: 24
213.9.188.0/24 maxlen: 24
212.163.3.0/24 maxlen: 24
212.163.6.0/24 maxlen: 24
212.163.24.0/24 maxlen: 24
212.163.169.0/24 maxlen: 24
212.163.174.0/24 maxlen: 24
212.163.194.0/24 maxlen: 24
212.163.141.0/24 maxlen: 24
212.49.131.0/24 maxlen: 24
212.49.142.0/24 maxlen: 24
212.49.147.0/24 maxlen: 24
212.49.163.0/24 maxlen: 24
212.49.167.0/24 maxlen: 24
212.163.206.0/24 maxlen: 24
212.163.215.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1d:14:42:e7:e7:96:f5:a7:e1:f6:e0:c8:d0:33:cb:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jul 20 19:27:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb2344be7583cbded854f418563c79586652d8db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:39:86:2e:0e:20:ac:b2:c4:76:12:b5:1e:61:
84:18:6f:34:da:a3:a6:fb:3e:9c:93:55:b4:ce:85:
b6:7b:41:dc:0c:2d:f3:dd:b7:5a:4f:52:28:82:f4:
07:8f:b3:1f:9d:e7:3c:92:e1:12:14:f8:16:71:1e:
71:38:e0:a6:19:e9:55:f1:6c:9f:c5:e3:8c:88:01:
bd:a6:8e:b7:4c:8b:fd:0f:b5:67:dc:fb:4e:50:72:
a9:1d:62:be:4c:fd:d1:a6:ab:fc:50:1a:c0:44:ed:
74:4d:cc:c8:48:15:9d:47:2f:fa:a7:c6:0b:61:29:
f7:6d:85:2e:3d:e6:15:8e:df:e8:a3:7f:08:aa:58:
82:e4:90:31:59:35:81:ea:c1:0e:9d:bc:bc:22:e5:
06:82:ac:45:02:fa:01:5e:c7:79:8e:7e:b4:ab:f1:
58:de:0d:2c:39:2b:5c:2b:c0:7d:8d:38:48:fc:6f:
64:19:b6:32:fc:22:da:46:47:76:90:9e:6b:f6:09:
18:9b:f1:2e:f7:4a:40:5b:c7:e7:e6:29:e2:3d:73:
f7:1a:52:1c:74:8f:3f:eb:66:97:33:3d:b0:ef:4d:
d5:91:23:b4:36:63:93:52:21:5f:e8:2b:45:23:2c:
ec:86:a7:6d:c7:a2:b1:41:51:72:64:4a:de:19:5b:
f9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:23:44:BE:75:83:CB:DE:D8:54:F4:18:56:3C:79:58:66:52:D8:DB
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/1-yNEvnWDy97YVPQYVjx5WGZS2Ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.49.131.0/24
212.49.142.0/24
212.49.147.0/24
212.49.163.0/24
212.49.167.0/24
212.49.175.0/24
212.49.181.0/24
212.49.190.0/23
212.163.3.0/24
212.163.6.0/24
212.163.24.0/24
212.163.40.0/24
212.163.55.0/24
212.163.141.0/24
212.163.169.0/24
212.163.174.0/24
212.163.194.0/24
212.163.206.0/24
212.163.215.0/24
213.9.138.0/24
213.9.148.0/24
213.9.160.0/24
213.9.173.0/24
213.9.177.0/24
213.9.188.0/24
213.9.232.0/24
Signature Algorithm: sha256WithRSAEncryption
28:ea:7c:c5:fc:a5:0a:35:0b:8c:3d:b4:9f:14:41:b7:ed:39:
c9:38:ab:14:2d:3f:10:6d:ad:ff:96:ad:a1:98:30:dd:f1:d2:
f7:63:64:06:4b:84:bb:5c:b3:b0:37:fa:75:5d:c2:d4:fe:b0:
28:96:38:2e:ae:82:45:8d:d8:6c:ca:b7:09:da:ad:97:91:d1:
30:05:c9:97:4e:b1:44:0a:a8:63:82:32:c6:80:ae:a0:7b:15:
d0:c8:70:36:26:6a:ca:d4:22:a7:1d:04:a7:c4:4c:f6:56:32:
d8:e3:98:9f:77:0c:f0:ac:5b:d9:9e:b1:99:ca:04:bf:8d:e3:
de:63:5d:a7:ff:6f:03:f1:bf:8e:b6:f1:23:d8:bd:4d:99:2f:
61:46:21:ae:f3:bf:fe:47:eb:a7:09:99:c9:ae:3f:28:f3:6b:
cd:bc:10:3f:93:3d:74:9e:fd:d4:e0:10:b1:1d:12:1e:9e:2a:
f7:e4:29:be:c2:29:20:78:3c:3a:9b:e7:6c:66:c4:b7:ee:46:
48:63:89:c5:af:38:0c:ca:cd:1e:29:b9:b5:46:01:5f:4b:83:
4a:c4:34:99:52:ac:2c:ab:56:69:45:a1:15:8f:c1:0f:a4:03:
e5:55:95:7f:c5:9b:12:64:fe:83:1d:72:30:1e:ad:af:2e:e2:
a7:92:82:e2
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAYIdFELn55b1p+H24MjQM8tPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjIwNzIwMTkyNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjIzNDRiZTc1ODNjYmRlZDg1NGY0MTg1NjNjNzk1ODY2NTJkOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTmGLg4grLLEdhK1HmGEGG802qOm
+z6ck1W0zoW2e0HcDC3z3bdaT1IogvQHj7Mfnec8kuESFPgWcR5xOOCmGelV8Wyf
xeOMiAG9po63TIv9D7Vn3PtOUHKpHWK+TP3Rpqv8UBrARO10TczISBWdRy/6p8YL
YSn3bYUuPeYVjt/oo38IqliC5JAxWTWB6sEOnby8IuUGgqxFAvoBXsd5jn60q/FY
3g0sOStcK8B9jThI/G9kGbYy/CLaRkd2kJ5r9gkYm/Eu90pAW8fn5iniPXP3GlIc
dI8/62aXMz2w703VkSO0NmOTUiFf6CtFIyzshqdtx6KxQVFyZEreGVv5pwIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFPsjRL51g8ve2FT0GFY8eVhmUtjbMB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvMS15TkV2bldEeTk3WVZQUVlWang1V0daUzJOcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTcvODk3NmVkLWRhMGEtNDlhNS1hNzUxLWE4NzFlY2MyMTJh
Ni8xLzZFQTdYa1hOV0w1ZmJGMHotbFphdEpJajQ5cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBuQYIKwYBBQUHAQcBAf8EgakwgaYwgaMEAgABMIGcAwQA
1DGDAwQA1DGOAwQA1DGTAwQA1DGjAwQA1DGnAwQA1DGvAwQA1DG1AwQB1DG+AwQA
1KMDAwQA1KMGAwQA1KMYAwQA1KMoAwQA1KM3AwQA1KONAwQA1KOpAwQA1KOuAwQA
1KPCAwQA1KPOAwQA1KPXAwQA1QmKAwQA1QmUAwQA1QmgAwQA1QmtAwQA1QmxAwQA
1Qm8AwQA1QnoMA0GCSqGSIb3DQEBCwUAA4IBAQAo6nzF/KUKNQuMPbSfFEG37TnJ
OKsULT8Qba3/lq2hmDDd8dL3Y2QGS4S7XLOwN/p1XcLU/rAoljguroJFjdhsyrcJ
2q2XkdEwBcmXTrFECqhjgjLGgK6gexXQyHA2JmrK1CKnHQSnxEz2VjLY45ifdwzw
rFvZnrGZygS/jePeY12n/28D8b+OtvEj2L1NmS9hRiGu87/+R+unCZnJrj8o82vN
vBA/kz10nv3U4BCxHRIenir35Cm+wikgeDw6m+dsZsS37kZIY4nFrzgMys0eKbm1
RgFfS4NKxDSZUqwsq1ZpRaEVj8EPpAPlVZV/xZsSZP6DHXIwHq2vLuKnkoLi
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:26 2023 by rpki-client on console.sobornost.net