Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/iPhpxprYOXhi27XsIvQWCDH3NX8.roa
File: iPhpxprYOXhi27XsIvQWCDH3NX8.roa (raw, json)
Hash identifier: piCDfJorXP4LnjJHBlXS7q9qcEwPRrwMArM44C7CxxI=
Subject key identifier: 88:F8:69:C6:9A:D8:39:78:62:DB:B5:EC:22:F4:16:08:31:F7:35:7F
Certificate issuer: /CN=add9207994ba9c7d91ea7e479fefd1b8099f62ce
Certificate serial: 0185A4D02BD50D9D985B8E13FE8A0DBC1A49
Authority key identifier: AD:D9:20:79:94:BA:9C:7D:91:EA:7E:47:9F:EF:D1:B8:09:9F:62:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/iPhpxprYOXhi27XsIvQWCDH3NX8.roa
Signing time: Thu 12 Jan 2023 07:09:44 +0000
ROA not before: Thu 12 Jan 2023 07:09:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203877
IP address blocks: 178.22.219.0/24 maxlen: 24
178.22.218.0/24 maxlen: 24
178.22.216.0/24 maxlen: 24
178.22.217.0/24 maxlen: 24
178.22.223.0/24 maxlen: 24
178.22.222.0/24 maxlen: 24
178.22.221.0/24 maxlen: 24
178.22.220.0/24 maxlen: 24
185.102.236.0/22 maxlen: 22
91.226.240.0/24 maxlen: 24
62.240.3.0/24 maxlen: 24
62.240.2.0/24 maxlen: 24
62.240.4.0/24 maxlen: 24
62.240.1.0/24 maxlen: 24
62.240.0.0/24 maxlen: 24
62.240.6.0/24 maxlen: 24
62.240.5.0/24 maxlen: 24
62.240.8.0/22 maxlen: 22
62.240.7.0/24 maxlen: 24
62.240.17.0/24 maxlen: 24
62.240.16.0/24 maxlen: 24
62.240.13.0/24 maxlen: 24
62.240.12.0/24 maxlen: 24
62.240.15.0/24 maxlen: 24
62.240.14.0/24 maxlen: 24
62.240.20.0/24 maxlen: 24
62.240.19.0/24 maxlen: 24
62.240.18.0/24 maxlen: 24
91.226.242.0/24 maxlen: 24
91.226.241.0/24 maxlen: 24
91.226.243.0/24 maxlen: 24
85.202.112.0/24 maxlen: 24
85.202.117.0/24 maxlen: 24
85.202.116.0/24 maxlen: 24
85.202.118.0/24 maxlen: 24
85.202.113.0/24 maxlen: 24
85.202.115.0/24 maxlen: 24
85.202.114.0/24 maxlen: 24
85.202.120.0/24 maxlen: 24
85.202.122.0/24 maxlen: 24
85.202.121.0/24 maxlen: 24
85.202.127.0/24 maxlen: 24
109.94.112.0/21 maxlen: 21
109.94.124.0/23 maxlen: 23
109.94.119.0/24 maxlen: 24
109.94.120.0/22 maxlen: 22
185.118.169.0/24 maxlen: 24
185.118.168.0/24 maxlen: 24
185.118.170.0/24 maxlen: 24
185.118.171.0/24 maxlen: 24
109.94.224.0/22 maxlen: 22
2a01:6440::/32 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a4:d0:2b:d5:0d:9d:98:5b:8e:13:fe:8a:0d:bc:1a:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add9207994ba9c7d91ea7e479fefd1b8099f62ce
Validity
Not Before: Jan 12 07:09:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=88f869c69ad8397862dbb5ec22f4160831f7357f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:db:a1:4c:c9:71:bf:df:a2:4b:d1:a8:9b:f2:
96:b6:4b:94:5c:25:be:34:93:54:f7:3a:6f:55:d9:
03:a9:7e:5f:de:ec:3a:1b:d5:cc:fc:bc:e6:d7:0a:
9a:a2:28:01:eb:30:f2:29:7d:b8:68:5c:c6:30:77:
c5:2d:d2:1f:97:68:8a:53:42:ce:71:a2:33:14:a8:
35:6e:22:07:9d:4f:6d:ce:5b:4e:99:c9:6b:40:57:
82:95:12:05:54:81:fc:11:ed:3e:9b:77:3b:37:d5:
e9:86:01:2d:d5:dc:b8:64:a3:f5:d4:18:5e:dc:65:
6c:38:24:01:00:a3:8d:fe:75:0d:c8:2e:cf:55:9c:
37:64:bf:b5:98:75:31:27:a8:8e:01:4b:d6:57:9d:
1b:48:e6:aa:e8:9f:2a:1f:21:2e:85:1d:fb:5d:81:
cd:7b:b8:21:03:1c:d6:bb:b6:8e:9a:a7:55:cf:5b:
02:9b:37:a8:e0:b8:fd:ea:63:87:88:95:11:73:cf:
fa:d4:c6:a4:4e:00:18:3a:67:13:4a:18:16:19:20:
8c:b0:d1:d4:25:42:f1:7d:3d:a0:6a:2a:09:55:9d:
cd:10:fc:9a:3b:6f:b1:49:d7:3d:98:56:cf:4b:6f:
eb:27:2c:6d:05:4a:9f:48:eb:0e:9f:9e:c6:30:c9:
de:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F8:69:C6:9A:D8:39:78:62:DB:B5:EC:22:F4:16:08:31:F7:35:7F
X509v3 Authority Key Identifier:
keyid:AD:D9:20:79:94:BA:9C:7D:91:EA:7E:47:9F:EF:D1:B8:09:9F:62:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/iPhpxprYOXhi27XsIvQWCDH3NX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/47a9c9-d457-4579-b2b0-e5212574f9ec/1/rdkgeZS6nH2R6n5Hn-_RuAmfYs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.240.0.0-62.240.20.255
85.202.112.0-85.202.118.255
85.202.120.0-85.202.122.255
85.202.127.0/24
91.226.240.0/22
109.94.112.0-109.94.125.255
109.94.224.0/22
178.22.216.0/21
185.102.236.0/22
185.118.168.0/22
IPv6:
2a01:6440::/32
Signature Algorithm: sha256WithRSAEncryption
ab:ac:2b:ca:ae:04:3f:46:d8:bb:c3:9c:d3:ee:2f:55:75:ac:
d2:d7:65:61:c7:88:f0:a7:e8:5c:3f:64:da:d6:d3:1a:d0:a1:
24:2a:fc:53:d7:87:5b:69:f2:bb:cd:67:6b:c0:5b:52:f4:72:
cf:0b:ca:08:73:14:be:8e:d4:28:c7:91:1e:8a:44:9e:b4:0a:
60:91:88:91:f6:93:10:8f:8f:3c:62:aa:fe:55:0e:0c:50:fb:
d4:ac:f1:69:e0:ba:74:ad:67:f1:a4:d7:50:4d:8d:8c:6d:2b:
5f:e8:33:d0:79:2c:fe:95:e7:d1:96:72:12:31:3c:e9:70:cd:
5a:4c:5b:f6:07:5c:24:42:b4:a7:04:45:02:d3:9a:04:e5:eb:
0b:cf:af:67:10:80:4d:c4:d6:41:c8:a4:57:72:13:74:81:a7:
5e:4d:48:70:82:dd:ad:b9:c0:3a:f0:73:7b:a8:01:cc:13:ed:
82:7b:bd:b6:97:ca:ce:fe:4d:56:34:41:85:32:1b:13:48:58:
ec:0a:20:42:63:bb:2d:ab:b7:b6:b1:43:cc:23:00:db:4c:77:
e7:f9:d0:c0:b6:9f:d6:d7:2d:f7:93:bf:31:be:9c:69:44:87:
3f:09:b8:f0:9b:a0:c9:51:c1:f6:ab:70:c3:1e:c8:76:a9:94:
b5:49:06:b2
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYWk0CvVDZ2YW44T/ooNvBpJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDkyMDc5OTRiYTljN2Q5MWVhN2U0NzlmZWZkMWI4MDk5
ZjYyY2UwHhcNMjMwMTEyMDcwOTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGY4NjljNjlhZDgzOTc4NjJkYmI1ZWMyMmY0MTYwODMxZjczNTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNuhTMlxv9+iS9Gom/KWtkuUXCW+
NJNU9zpvVdkDqX5f3uw6G9XM/Lzm1wqaoigB6zDyKX24aFzGMHfFLdIfl2iKU0LO
caIzFKg1biIHnU9tzltOmclrQFeClRIFVIH8Ee0+m3c7N9XphgEt1dy4ZKP11Bhe
3GVsOCQBAKON/nUNyC7PVZw3ZL+1mHUxJ6iOAUvWV50bSOaq6J8qHyEuhR37XYHN
e7ghAxzWu7aOmqdVz1sCmzeo4Lj96mOHiJURc8/61MakTgAYOmcTShgWGSCMsNHU
JULxfT2gaioJVZ3NEPyaO2+xSdc9mFbPS2/rJyxtBUqfSOsOn57GMMne4QIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFIj4acaa2Dl4Ytu17CL0Fggx9zV/MB8GA1UdIwQY
MBaAFK3ZIHmUupx9kep+R5/v0bgJn2LOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80N2E5YzktZDQ1Ny00NTc5LWIyYjAt
ZTUyMTI1NzRmOWVjLzEvaVBocHhwcllPWGhpMjdYc0l2UVdDREgzTlg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC80N2E5YzktZDQ1Ny00NTc5LWIyYjAtZTUyMTI1NzRmOWVj
LzEvcmRrZ2VaUzZuSDJSNm41SG4tX1J1QW1mWXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwYQQCAAEwWzALAwMEPvAD
BAA+8BQwDAMEBFXKcAMEAFXKdjAMAwQDVcp4AwQAVcp6AwQAVcp/AwQCW+LwMAwD
BARtXnADBAFtXnwDBAJtXuADBAOyFtgDBAK5ZuwDBAK5dqgwDQQCAAIwBwMFACoB
ZEAwDQYJKoZIhvcNAQELBQADggEBAKusK8quBD9G2LvDnNPuL1V1rNLXZWHHiPCn
6Fw/ZNrW0xrQoSQq/FPXh1tp8rvNZ2vAW1L0cs8LyghzFL6O1CjHkR6KRJ60CmCR
iJH2kxCPjzxiqv5VDgxQ+9Ss8WngunStZ/Gk11BNjYxtK1/oM9B5LP6V59GWchIx
POlwzVpMW/YHXCRCtKcERQLTmgTl6wvPr2cQgE3E1kHIpFdyE3SBp15NSHCC3a25
wDrwc3uoAcwT7YJ7vbaXys7+TVY0QYUyGxNIWOwKIEJjuy2rt7axQ8wjANtMd+f5
0MC2n9bXLfeTvzG+nGlEhz8JuPCboMlRwfarcMMeyHaplLVJBrI=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:54 2023 by rpki-client on console.sobornost.net