Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/DhBX-rNogyFyF2Iy_-GcdgCbbPs.roa
File: DhBX-rNogyFyF2Iy_-GcdgCbbPs.roa (raw, json)
Hash identifier: EZjbPHSpIycrp2EXcUUwK45/IUDgX+3CQIS6wb+3OwU=
Subject key identifier: 0E:10:57:FA:B3:68:83:21:72:17:62:32:FF:E1:9C:76:00:9B:6C:FB
Certificate issuer: /CN=add9207994ba9c7d91ea7e479fefd1b8099f62ce
Certificate serial: 01842D1E4E22C04461A938DE43B67918F065
Authority key identifier: AD:D9:20:79:94:BA:9C:7D:91:EA:7E:47:9F:EF:D1:B8:09:9F:62:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/DhBX-rNogyFyF2Iy_-GcdgCbbPs.roa
Signing time: Mon 31 Oct 2022 08:17:51 +0000
ROA not before: Mon 31 Oct 2022 08:17:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203877
IP address blocks: 178.22.219.0/24 maxlen: 24
178.22.218.0/24 maxlen: 24
178.22.216.0/24 maxlen: 24
178.22.217.0/24 maxlen: 24
178.22.223.0/24 maxlen: 24
178.22.222.0/24 maxlen: 24
178.22.221.0/24 maxlen: 24
178.22.220.0/24 maxlen: 24
185.102.236.0/22 maxlen: 22
91.226.240.0/24 maxlen: 24
62.240.3.0/24 maxlen: 24
62.240.2.0/24 maxlen: 24
62.240.4.0/24 maxlen: 24
62.240.1.0/24 maxlen: 24
62.240.0.0/24 maxlen: 24
62.240.6.0/24 maxlen: 24
62.240.5.0/24 maxlen: 24
62.240.8.0/22 maxlen: 22
62.240.7.0/24 maxlen: 24
62.240.17.0/24 maxlen: 24
62.240.16.0/24 maxlen: 24
62.240.13.0/24 maxlen: 24
62.240.12.0/24 maxlen: 24
62.240.15.0/24 maxlen: 24
62.240.14.0/24 maxlen: 24
62.240.20.0/24 maxlen: 24
62.240.18.0/24 maxlen: 24
91.226.242.0/24 maxlen: 24
91.226.241.0/24 maxlen: 24
91.226.243.0/24 maxlen: 24
85.202.112.0/24 maxlen: 24
85.202.117.0/24 maxlen: 24
85.202.116.0/24 maxlen: 24
85.202.118.0/24 maxlen: 24
85.202.113.0/24 maxlen: 24
85.202.115.0/24 maxlen: 24
85.202.114.0/24 maxlen: 24
85.202.120.0/24 maxlen: 24
85.202.122.0/24 maxlen: 24
85.202.121.0/24 maxlen: 24
85.202.127.0/24 maxlen: 24
109.94.112.0/21 maxlen: 21
109.94.124.0/23 maxlen: 23
109.94.119.0/24 maxlen: 24
109.94.120.0/22 maxlen: 22
185.118.169.0/24 maxlen: 24
185.118.168.0/24 maxlen: 24
185.118.170.0/24 maxlen: 24
185.118.171.0/24 maxlen: 24
109.94.224.0/22 maxlen: 22
2a01:6440::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:1e:4e:22:c0:44:61:a9:38:de:43:b6:79:18:f0:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add9207994ba9c7d91ea7e479fefd1b8099f62ce
Validity
Not Before: Oct 31 08:17:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e1057fab368832172176232ffe19c76009b6cfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:71:56:b0:c2:fe:25:b8:fc:39:fb:59:8b:9c:
86:e8:90:df:1a:aa:81:3a:dc:e7:71:48:a6:64:15:
72:25:77:a8:f9:40:03:55:df:de:3a:94:12:a7:4b:
0d:27:44:36:a8:1c:53:87:cb:af:e1:20:89:b0:ab:
9c:1f:c1:14:ab:72:4d:97:4c:01:da:01:91:52:c9:
5e:0e:93:24:1d:73:c4:8f:81:4d:5b:6b:ba:2b:7a:
ff:37:3d:0c:2c:50:0f:60:aa:35:01:91:92:10:99:
11:a5:b4:63:a3:6a:d3:2b:ad:28:4e:9b:2e:64:14:
ff:78:75:5a:23:10:dd:5b:30:50:fc:17:b7:22:f5:
5e:09:6a:fd:93:2c:c7:99:a8:96:47:ff:d0:84:ae:
f3:95:f6:8c:90:fc:6d:dd:d9:29:50:94:3d:ff:6d:
ef:ab:1f:a8:1d:1d:c6:c5:15:61:94:97:4f:30:1b:
57:ca:82:44:17:79:97:a2:92:22:75:73:4c:9f:e7:
e2:82:f2:78:6d:fa:07:fe:f6:ac:fe:65:c7:6d:74:
e5:41:94:44:70:d3:de:f4:7f:be:3f:b2:6f:af:a6:
7e:a7:81:0f:cc:bd:f2:ca:f4:5b:6f:df:6d:a1:ec:
85:3e:41:ab:c8:be:84:cf:25:60:cb:98:1a:a4:be:
7f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:10:57:FA:B3:68:83:21:72:17:62:32:FF:E1:9C:76:00:9B:6C:FB
X509v3 Authority Key Identifier:
keyid:AD:D9:20:79:94:BA:9C:7D:91:EA:7E:47:9F:EF:D1:B8:09:9F:62:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/DhBX-rNogyFyF2Iy_-GcdgCbbPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.240.0.0-62.240.18.255
62.240.20.0/24
85.202.112.0-85.202.118.255
85.202.120.0-85.202.122.255
85.202.127.0/24
91.226.240.0/22
109.94.112.0-109.94.125.255
109.94.224.0/22
178.22.216.0/21
185.102.236.0/22
185.118.168.0/22
IPv6:
2a01:6440::/32
Signature Algorithm: sha256WithRSAEncryption
38:cf:25:18:9b:20:7c:0e:29:cd:1e:3b:e7:79:3f:d2:f7:18:
f7:79:5a:69:dd:a4:7f:c0:a6:7a:fb:3f:2c:27:2d:19:80:bf:
8f:8c:92:af:18:e1:3f:0f:12:e3:a5:42:35:72:ea:04:5b:9b:
71:b5:d4:96:34:57:62:a7:be:db:d2:24:d5:cd:3a:dc:85:b2:
2e:b5:38:e1:c3:4c:8c:42:a6:c3:9b:17:1e:30:21:59:6a:da:
92:57:a2:73:60:7b:24:bc:7b:32:a9:1f:0b:1c:11:64:fe:66:
79:14:ff:37:6f:7a:e7:de:30:d4:a3:bf:7b:cb:1a:cf:26:d9:
68:9e:67:fe:f3:8f:1d:b9:b8:6c:18:28:27:a4:10:a6:53:f3:
a7:3f:2a:0d:63:84:21:89:66:9b:79:3c:7e:ec:38:ba:26:91:
4b:28:83:35:8c:bf:d4:f2:77:a9:4b:49:76:98:3d:4f:53:d2:
d0:ff:75:a1:5a:8a:ee:01:0b:92:c7:63:5a:87:32:48:f8:74:
31:2d:c9:83:e5:74:bc:f7:bb:35:a7:62:6e:ff:73:57:86:a4:
24:73:ce:4c:73:9a:7b:dc:3a:76:0a:a2:f4:3a:79:2c:7e:25:
aa:b6:4a:4a:e6:62:9d:6c:14:91:47:ae:2c:21:33:34:57:25:
77:d4:4c:cd
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYQtHk4iwERhqTjeQ7Z5GPBlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDkyMDc5OTRiYTljN2Q5MWVhN2U0NzlmZWZkMWI4MDk5
ZjYyY2UwHhcNMjIxMDMxMDgxNzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTEwNTdmYWIzNjg4MzIxNzIxNzYyMzJmZmUxOWM3NjAwOWI2Y2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3FWsML+Jbj8OftZi5yG6JDfGqqB
OtzncUimZBVyJXeo+UADVd/eOpQSp0sNJ0Q2qBxTh8uv4SCJsKucH8EUq3JNl0wB
2gGRUsleDpMkHXPEj4FNW2u6K3r/Nz0MLFAPYKo1AZGSEJkRpbRjo2rTK60oTpsu
ZBT/eHVaIxDdWzBQ/Be3IvVeCWr9kyzHmaiWR//QhK7zlfaMkPxt3dkpUJQ9/23v
qx+oHR3GxRVhlJdPMBtXyoJEF3mXopIidXNMn+figvJ4bfoH/vas/mXHbXTlQZRE
cNPe9H++P7Jvr6Z+p4EPzL3yyvRbb99toeyFPkGryL6EzyVgy5gapL5/VQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFA4QV/qzaIMhchdiMv/hnHYAm2z7MB8GA1UdIwQY
MBaAFK3ZIHmUupx9kep+R5/v0bgJn2LOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80N2E5YzktZDQ1Ny00NTc5LWIyYjAt
ZTUyMTI1NzRmOWVjLzEvRGhCWC1yTm9neUZ5RjJJeV8tR2NkZ0NiYlBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC80N2E5YzktZDQ1Ny00NTc5LWIyYjAtZTUyMTI1NzRmOWVj
LzEvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwZwQCAAEwYTALAwMEPvAD
BAA+8BIDBAA+8BQwDAMEBFXKcAMEAFXKdjAMAwQDVcp4AwQAVcp6AwQAVcp/AwQC
W+LwMAwDBARtXnADBAFtXnwDBAJtXuADBAOyFtgDBAK5ZuwDBAK5dqgwDQQCAAIw
BwMFACoBZEAwDQYJKoZIhvcNAQELBQADggEBADjPJRibIHwOKc0eO+d5P9L3GPd5
WmndpH/Apnr7PywnLRmAv4+Mkq8Y4T8PEuOlQjVy6gRbm3G11JY0V2KnvtvSJNXN
OtyFsi61OOHDTIxCpsObFx4wIVlq2pJXonNgeyS8ezKpHwscEWT+ZnkU/zdveufe
MNSjv3vLGs8m2WieZ/7zjx25uGwYKCekEKZT86c/Kg1jhCGJZpt5PH7sOLomkUso
gzWMv9Tyd6lLSXaYPU9T0tD/daFaiu4BC5LHY1qHMkj4dDEtyYPldLz3uzWnYm7/
c1eGpCRzzkxzmnvcOnYKovQ6eSx+Jaq2SkrmYp1sFJFHriwhMzRXJXfUTM0=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:54 2023 by rpki-client on console.sobornost.net