Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/uX7kk-aNZ6UdBex3muzHVlvtrBk.roa
File: uX7kk-aNZ6UdBex3muzHVlvtrBk.roa (raw, json)
Hash identifier: rnTnMihweRRQAkl0PnJGK08NMa8dfMJHgNWMADS5Gj0=
Subject key identifier: B9:7E:E4:93:E6:8D:67:A5:1D:05:EC:77:9A:EC:C7:56:5B:ED:AC:19
Certificate issuer: /CN=7979863cea82aeb8e9df384b39aa5176f4bcfa61
Certificate serial: 248CA1FE
Authority key identifier: 79:79:86:3C:EA:82:AE:B8:E9:DF:38:4B:39:AA:51:76:F4:BC:FA:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXmGPOqCrrjp3zhLOapRdvS8-mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/uX7kk-aNZ6UdBex3muzHVlvtrBk.roa
Signing time: Tue 15 Feb 2022 06:40:52 +0000
ROA not before: Tue 15 Feb 2022 06:40:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43370
IP address blocks: 62.32.84.0/23 maxlen: 23
37.221.202.0/24 maxlen: 24
37.221.207.0/24 maxlen: 24
62.32.92.0/23 maxlen: 23
37.77.128.0/24 maxlen: 24
95.161.184.0/22 maxlen: 22
79.142.94.0/23 maxlen: 23
46.34.146.0/23 maxlen: 23
79.142.93.0/24 maxlen: 24
95.161.196.0/22 maxlen: 22
95.161.224.0/22 maxlen: 22
46.34.130.0/23 maxlen: 23
178.16.157.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 613196286 (0x248ca1fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7979863cea82aeb8e9df384b39aa5176f4bcfa61
Validity
Not Before: Feb 15 06:40:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b97ee493e68d67a51d05ec779aecc7565bedac19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:60:d6:5e:d8:fd:5e:29:fc:42:11:c3:2c:27:
5d:8e:ce:ac:68:29:d0:20:18:b6:65:35:c0:69:80:
a1:ba:71:06:66:d7:8e:65:65:4d:cf:e5:39:79:b8:
a2:25:c3:90:a2:15:ef:b5:69:10:72:d2:ad:02:7f:
00:d3:8f:5a:df:fa:6b:ab:e8:ac:4a:e6:3e:f6:69:
b1:70:8c:63:14:b8:fd:0b:ff:8b:de:4b:ac:2b:10:
9a:f4:cd:2a:8e:4d:14:8a:ef:38:0a:50:1a:b0:9c:
cc:67:15:5c:0b:fa:71:bd:56:e0:ac:d7:0a:30:90:
4a:f3:1f:89:19:68:4a:6b:0b:34:20:1e:12:b6:3f:
85:8c:69:e2:ce:92:7c:e8:c7:a8:5b:f4:3c:6f:33:
9c:27:cd:f3:bc:62:24:45:b2:05:2f:4a:1c:71:2f:
55:b6:59:3d:c7:2e:08:e5:5c:15:4f:7a:fe:df:f6:
87:29:37:7e:97:84:f9:5e:22:ff:50:76:eb:1e:1e:
e5:bc:f7:e8:30:40:e5:db:bf:f6:c1:a0:e9:4b:5d:
cf:f1:56:ab:5a:9b:82:ca:e5:9d:ff:47:4e:a7:71:
64:1f:25:94:a9:38:a4:6d:1a:b0:71:67:f5:26:5b:
25:5f:3a:b1:3a:64:f5:14:eb:0b:24:63:b2:fd:64:
d7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:7E:E4:93:E6:8D:67:A5:1D:05:EC:77:9A:EC:C7:56:5B:ED:AC:19
X509v3 Authority Key Identifier:
keyid:79:79:86:3C:EA:82:AE:B8:E9:DF:38:4B:39:AA:51:76:F4:BC:FA:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXmGPOqCrrjp3zhLOapRdvS8-mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/uX7kk-aNZ6UdBex3muzHVlvtrBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/eXmGPOqCrrjp3zhLOapRdvS8-mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.128.0/24
37.221.202.0/24
37.221.207.0/24
46.34.130.0/23
46.34.146.0/23
62.32.84.0/23
62.32.92.0/23
79.142.93.0-79.142.95.255
95.161.184.0/22
95.161.196.0/22
95.161.224.0/22
178.16.157.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:2f:90:bc:24:de:ae:bc:26:28:b3:0e:2d:af:34:af:76:5e:
f1:be:21:40:3c:da:c2:59:bb:fd:b3:3d:04:b9:0f:74:16:32:
fd:9a:d1:52:5b:4c:fd:b3:1d:32:08:c7:10:ad:51:9e:ac:63:
61:8c:81:c6:af:ac:1d:41:c1:77:11:72:2e:8e:4d:db:27:10:
23:f9:ad:64:b4:b3:c1:a4:aa:97:53:67:d8:03:23:fb:33:fe:
0f:a3:c4:ea:29:0c:c6:16:c5:0e:20:f7:ab:5f:08:81:5b:27:
a0:76:5c:a1:bd:29:9a:9d:dd:c7:fc:d7:c9:86:68:20:e2:12:
92:14:51:90:62:fc:4a:ad:19:09:ac:fe:75:53:2b:d0:01:3f:
27:a2:02:00:c0:4a:c1:45:36:8b:eb:ab:30:11:11:af:ca:cf:
66:a0:6a:c9:6c:51:8f:76:74:8f:22:0c:f1:cc:f0:ff:10:18:
17:99:05:cd:99:af:ce:7a:64:73:c0:16:c8:d0:3a:b3:ae:52:
26:4f:63:1c:d1:12:e4:bd:61:c3:04:7b:e6:41:27:b1:bd:85:
e8:fb:f0:b8:74:4a:dd:84:67:7a:d8:30:92:f7:3a:5f:53:03:
97:cd:58:b5:e3:1e:84:ca:d2:b7:78:09:c3:36:d5:17:39:86:
dc:70:70:19
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIEJIyh/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OTc5ODYzY2VhODJhZWI4ZTlkZjM4NGIzOWFhNTE3NmY0YmNmYTYxMB4XDTIyMDIx
NTA2NDA1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjk3ZWU0OTNlNjhk
NjdhNTFkMDVlYzc3OWFlY2M3NTY1YmVkYWMxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANtg1l7Y/V4p/EIRwywnXY7OrGgp0CAYtmU1wGmAobpxBmbX
jmVlTc/lOXm4oiXDkKIV77VpEHLSrQJ/ANOPWt/6a6vorErmPvZpsXCMYxS4/Qv/
i95LrCsQmvTNKo5NFIrvOApQGrCczGcVXAv6cb1W4KzXCjCQSvMfiRloSmsLNCAe
ErY/hYxp4s6SfOjHqFv0PG8znCfN87xiJEWyBS9KHHEvVbZZPccuCOVcFU96/t/2
hyk3fpeE+V4i/1B26x4e5bz36DBA5du/9sGg6Utdz/FWq1qbgsrlnf9HTqdxZB8l
lKk4pG0asHFn9SZbJV86sTpk9RTrCyRjsv1k1/sCAwEAAaOCAlMwggJPMB0GA1Ud
DgQWBBS5fuST5o1npR0F7Hea7MdWW+2sGTAfBgNVHSMEGDAWgBR5eYY86oKuuOnf
OEs5qlF29Lz6YTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VYbUdQT3FDcnJqcDN6aExPYXBSZHZTOC1tRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvMWNjZjI1LTIwZGUtNGIyZS1hMGUxLWRlNGFjZjQ0N2ZhZS8x
L3VYN2trLWFOWjZVZEJleDNtdXpIVmx2dHJCay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
MWNjZjI1LTIwZGUtNGIyZS1hMGUxLWRlNGFjZjQ0N2ZhZS8xL2VYbUdQT3FDcnJq
cDN6aExPYXBSZHZTOC1tRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBp
BggrBgEFBQcBBwEB/wRaMFgwVgQCAAEwUAMEACVNgAMEACXdygMEACXdzwMEAS4i
ggMEAS4ikgMEAT4gVAMEAT4gXDAMAwQAT45dAwQFT45AAwQCX6G4AwQCX6HEAwQC
X6HgAwQAshCdMA0GCSqGSIb3DQEBCwUAA4IBAQCwL5C8JN6uvCYosw4trzSvdl7x
viFAPNrCWbv9sz0EuQ90FjL9mtFSW0z9sx0yCMcQrVGerGNhjIHGr6wdQcF3EXIu
jk3bJxAj+a1ktLPBpKqXU2fYAyP7M/4Po8TqKQzGFsUOIPerXwiBWyegdlyhvSma
nd3H/NfJhmgg4hKSFFGQYvxKrRkJrP51UyvQAT8nogIAwErBRTaL66swERGvys9m
oGrJbFGPdnSPIgzxzPD/EBgXmQXNma/OemRzwBbI0DqzrlImT2Mc0RLkvWHDBHvm
QSexvYXo+/C4dErdhGd62DCS9zpfUwOXzVi14x6EytK3eAnDNtUXOYbccHAZ
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:53 2023 by rpki-client on console.sobornost.net