Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/dG6Vz8lvG2m_ZMA8UAR2rYx-fh8.roa
File: dG6Vz8lvG2m_ZMA8UAR2rYx-fh8.roa (raw, json)
Hash identifier: FUbAeGhrkvJnis1/B7v/xA9bIujehUAE8FkZEgFCdjA=
Subject key identifier: 74:6E:95:CF:C9:6F:1B:69:BF:64:C0:3C:50:04:76:AD:8C:7E:7E:1F
Certificate issuer: /CN=e93f3a41e6be524115c6c2b558bc280043a0224e
Certificate serial: 018C605B01F18C3417DDBBDFB698692C430F
Authority key identifier: E9:3F:3A:41:E6:BE:52:41:15:C6:C2:B5:58:BC:28:00:43:A0:22:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6T86Qea-UkEVxsK1WLwoAEOgIk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/dG6Vz8lvG2m_ZMA8UAR2rYx-fh8.roa
Signing time: Tue 12 Dec 2023 23:27:06 +0000
ROA not before: Tue 12 Dec 2023 23:27:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51859
IP address blocks: 87.237.204.0/24 maxlen: 24
87.237.204.0/22 maxlen: 24
87.237.200.0/21 maxlen: 24
87.237.201.0/24 maxlen: 24
87.237.202.0/23 maxlen: 24
87.237.203.0/24 maxlen: 24
185.29.100.0/22 maxlen: 24
92.249.52.0/22 maxlen: 22
92.249.52.0/24 maxlen: 24
188.93.120.0/21 maxlen: 24
91.222.4.0/22 maxlen: 24
2a04:2e40::/29 maxlen: 48
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:60:5b:01:f1:8c:34:17:dd:bb:df:b6:98:69:2c:43:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e93f3a41e6be524115c6c2b558bc280043a0224e
Validity
Not Before: Dec 12 23:27:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=746e95cfc96f1b69bf64c03c500476ad8c7e7e1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ea:dc:4a:81:a8:a2:54:95:c5:02:e8:b4:35:
de:4e:7b:a8:bc:3d:be:50:66:e8:b5:52:ff:7f:7e:
3a:96:20:c2:f5:6e:dd:60:99:21:27:ad:0d:db:37:
ee:b6:f3:f0:0e:5a:88:61:54:a7:c2:2c:73:43:be:
a0:00:f0:6b:fe:d1:ef:9e:61:4e:a5:e4:f8:f0:e5:
12:39:03:f7:92:9a:38:c8:76:06:19:3c:cc:54:48:
38:5d:19:92:d3:73:2b:75:78:93:88:0f:fa:4f:d6:
7f:66:3b:3b:3a:03:e0:f5:68:41:58:9b:9e:4e:cd:
ad:52:3f:bc:fb:92:39:b8:d4:bb:0c:85:bd:30:9a:
0b:a9:57:b9:5d:3e:b6:e0:76:3a:8d:04:08:3d:3e:
8c:d1:31:08:00:8c:fb:11:e9:91:50:6b:67:fa:06:
cf:84:62:9a:37:d5:87:d5:f9:15:5f:e5:86:d2:12:
2d:8d:cc:ec:1d:35:82:25:3f:7d:00:90:a3:b4:af:
eb:6d:ec:e8:7b:2c:1c:d5:3e:d2:27:bc:f9:97:59:
a0:e4:8f:15:de:14:ed:7a:84:18:79:ab:75:10:9c:
9f:ef:c9:f0:d1:c3:20:2a:59:f4:7b:64:98:e8:6b:
20:f1:9f:c3:4f:3c:f4:01:71:bb:17:4c:2c:17:82:
30:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:6E:95:CF:C9:6F:1B:69:BF:64:C0:3C:50:04:76:AD:8C:7E:7E:1F
X509v3 Authority Key Identifier:
keyid:E9:3F:3A:41:E6:BE:52:41:15:C6:C2:B5:58:BC:28:00:43:A0:22:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6T86Qea-UkEVxsK1WLwoAEOgIk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/dG6Vz8lvG2m_ZMA8UAR2rYx-fh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/6T86Qea-UkEVxsK1WLwoAEOgIk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.200.0/21
91.222.4.0/22
92.249.52.0/22
185.29.100.0/22
188.93.120.0/21
IPv6:
2a04:2e40::/29
Signature Algorithm: sha256WithRSAEncryption
7d:31:ac:37:ee:20:2d:1d:b6:4b:a6:b6:9e:a6:79:83:41:68:
b3:c6:e5:a7:34:5c:b1:e0:27:e5:94:c3:89:3a:b8:91:7e:1e:
f3:a8:9c:02:0f:72:04:9a:ca:a7:be:9a:4d:4a:47:6c:1d:3b:
64:c5:a0:33:9d:65:de:f5:b4:dc:af:1c:7c:01:54:58:0b:02:
70:ae:a8:33:4a:98:4c:fe:19:2f:f9:4f:cb:36:21:2c:ad:9a:
62:38:20:ec:8d:98:65:33:1b:13:32:d5:44:e1:e2:3a:1c:bc:
e2:49:d0:8a:5c:39:9d:ad:39:42:8d:47:37:82:4a:a3:72:d0:
50:fd:d3:16:ff:9e:f2:47:df:f0:52:7e:bd:1b:3c:c8:81:c3:
5b:c1:e4:bc:42:c5:e3:25:e0:62:23:3c:87:4e:91:8e:33:ca:
45:83:90:1a:e1:e9:e2:c5:cb:41:fd:52:fe:cb:87:e4:6d:97:
aa:27:cb:29:5b:27:57:50:dd:53:dc:9c:d1:1e:9c:f9:45:69:
3b:67:a2:0f:b1:70:75:bf:bf:a4:13:cd:48:db:bc:a1:c2:23:
d1:fa:62:a9:1d:7b:1b:cd:9c:73:e4:57:82:ee:02:92:34:77:
a1:97:c2:6f:75:a6:4e:e9:67:58:c8:13:09:b9:ed:38:d8:bf:
a3:16:9c:e9
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYxgWwHxjDQX3bvftphpLEMPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5M2YzYTQxZTZiZTUyNDExNWM2YzJiNTU4YmMyODAwNDNh
MDIyNGUwHhcNMjMxMjEyMjMyNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDZlOTVjZmM5NmYxYjY5YmY2NGMwM2M1MDA0NzZhZDhjN2U3ZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOrcSoGoolSVxQLotDXeTnuovD2+
UGbotVL/f346liDC9W7dYJkhJ60N2zfutvPwDlqIYVSnwixzQ76gAPBr/tHvnmFO
peT48OUSOQP3kpo4yHYGGTzMVEg4XRmS03MrdXiTiA/6T9Z/Zjs7OgPg9WhBWJue
Ts2tUj+8+5I5uNS7DIW9MJoLqVe5XT624HY6jQQIPT6M0TEIAIz7EemRUGtn+gbP
hGKaN9WH1fkVX+WG0hItjczsHTWCJT99AJCjtK/rbezoeywc1T7SJ7z5l1mg5I8V
3hTteoQYeat1EJyf78nw0cMgKln0e2SY6Gsg8Z/DTzz0AXG7F0wsF4IwoQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHRulc/Jbxtpv2TAPFAEdq2Mfn4fMB8GA1UdIwQY
MBaAFOk/OkHmvlJBFcbCtVi8KABDoCJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlQ4NlFlYS1Va0VWeHNLMVdMd29BRU9nSWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hMTc0MGUtODQwNC00MmQyLWFmNWMt
MTBlMjQ2MjVhNGQ0LzEvZEc2Vno4bHZHMm1fWk1BOFVBUjJyWXgtZmg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hMTc0MGUtODQwNC00MmQyLWFmNWMtMTBlMjQ2MjVhNGQ0
LzEvNlQ4NlFlYS1Va0VWeHNLMVdMd29BRU9nSWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDV+3IAwQC
W94EAwQCXPk0AwQCuR1kAwQDvF14MA0EAgACMAcDBQMqBC5AMA0GCSqGSIb3DQEB
CwUAA4IBAQB9Maw37iAtHbZLpraepnmDQWizxuWnNFyx4CfllMOJOriRfh7zqJwC
D3IEmsqnvppNSkdsHTtkxaAznWXe9bTcrxx8AVRYCwJwrqgzSphM/hkv+U/LNiEs
rZpiOCDsjZhlMxsTMtVE4eI6HLziSdCKXDmdrTlCjUc3gkqjctBQ/dMW/57yR9/w
Un69GzzIgcNbweS8QsXjJeBiIzyHTpGOM8pFg5Aa4enixctB/VL+y4fkbZeqJ8sp
WydXUN1T3JzRHpz5RWk7Z6IPsXB1v7+kE81I27yhwiPR+mKpHXsbzZxz5FeC7gKS
NHehl8JvdaZO6WdYyBMJue042L+jFpzp
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:57 2023 by rpki-client on console.sobornost.net