Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/0vJN2mmu1NYgvfUJSk6hqZ28agU.roa
File: 0vJN2mmu1NYgvfUJSk6hqZ28agU.roa (raw, json)
Hash identifier: pH5M6hdVmcIGQMTXfS16+I4GHqLCPmuOYVIPDNWQERk=
Subject key identifier: D2:F2:4D:DA:69:AE:D4:D6:20:BD:F5:09:4A:4E:A1:A9:9D:BC:6A:05
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 01856DAF693BEBEDE0C5CB149731FCD59A2D
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/0vJN2mmu1NYgvfUJSk6hqZ28agU.roa
Signing time: Sun 01 Jan 2023 14:14:50 +0000
ROA not before: Sun 01 Jan 2023 14:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 213.142.136.0/24 maxlen: 24
213.142.133.0/24 maxlen: 24
213.142.137.0/24 maxlen: 24
213.142.144.0/24 maxlen: 32
213.142.145.0/24 maxlen: 32
213.142.142.0/24 maxlen: 32
213.142.152.0/24 maxlen: 24
213.142.153.0/24 maxlen: 24
213.142.128.0/24 maxlen: 24
213.142.129.0/24 maxlen: 24
213.142.131.0/24 maxlen: 24
213.142.132.0/24 maxlen: 24
213.142.130.0/24 maxlen: 24
91.151.92.0/24 maxlen: 24
80.253.252.0/24 maxlen: 24
80.253.253.0/24 maxlen: 24
91.151.80.0/24 maxlen: 24
91.151.82.0/24 maxlen: 24
91.151.91.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:69:3b:eb:ed:e0:c5:cb:14:97:31:fc:d5:9a:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jan 1 14:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2f24dda69aed4d620bdf5094a4ea1a99dbc6a05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2b:94:a8:4c:3b:54:9f:e9:79:2a:c9:ec:43:
ab:6e:f9:70:ae:bd:af:8a:26:09:5d:e0:fd:c2:a2:
56:5d:ab:8b:db:b2:06:2f:ca:df:d7:6e:8a:59:a1:
12:a6:77:2c:6c:3f:79:8e:49:fe:e8:49:8e:03:7c:
be:16:84:db:48:53:ac:6d:96:c7:30:a2:5f:aa:5c:
89:06:02:ac:89:c4:91:a6:96:dc:59:2f:3c:6d:2c:
6c:ca:36:da:9b:40:e0:4a:fb:d0:b4:48:ee:16:58:
a0:ab:60:8e:8c:64:57:38:e5:ab:16:39:e4:f9:06:
9f:2a:29:a3:90:a0:d8:76:39:ca:fa:59:e1:83:7f:
a4:d2:88:2f:e3:d1:c1:9c:03:f4:3a:d7:8b:2a:c9:
36:0c:93:66:26:66:b2:62:92:d1:36:03:e1:5e:a9:
96:d5:ee:3f:e5:65:40:cb:16:67:25:8f:0a:01:a5:
75:41:49:f4:ce:73:6c:20:a7:1e:0f:33:46:33:ef:
f0:40:16:85:7a:bc:5d:d6:42:06:a8:be:76:61:3f:
ab:4e:51:c7:5c:9f:a4:31:6e:b0:16:07:58:41:b0:
e2:0e:20:ab:f1:7b:d9:df:cd:d2:b8:43:22:7c:4d:
f6:67:9a:25:f1:9c:b8:f1:05:e4:27:63:07:6c:21:
35:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F2:4D:DA:69:AE:D4:D6:20:BD:F5:09:4A:4E:A1:A9:9D:BC:6A:05
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/0vJN2mmu1NYgvfUJSk6hqZ28agU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.252.0/23
91.151.80.0/24
91.151.82.0/24
91.151.91.0-91.151.92.255
213.142.128.0-213.142.133.255
213.142.136.0/23
213.142.142.0/24
213.142.144.0/23
213.142.152.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:38:7a:77:e2:19:6d:e5:20:cf:15:90:0b:d4:51:f5:f6:3f:
58:69:e2:a1:57:af:12:ea:b7:31:8b:fd:26:12:81:83:05:18:
fe:e6:c3:86:c2:2b:98:ee:55:fb:f9:28:a4:a9:41:fc:17:78:
e7:5e:c4:52:fe:b3:f7:fd:30:c7:7c:64:19:ec:fa:16:df:5f:
84:65:cb:fa:53:fb:22:84:c2:cc:6d:cd:09:ba:1d:2a:f9:ea:
c8:10:e3:dc:64:a5:a5:85:38:a2:35:02:40:aa:a3:28:80:9a:
5b:00:57:ae:11:1a:e0:e6:fe:be:bf:15:1f:57:f0:3d:7a:4c:
d8:39:ff:6a:60:c3:83:58:61:a2:8e:68:68:a3:d8:30:0c:4b:
7f:0c:3b:c3:d9:77:39:22:bf:72:1c:80:a9:08:0d:d8:34:84:
69:cf:18:b4:91:be:db:f2:72:3e:51:85:6a:fa:c8:09:9e:45:
e5:cc:1b:18:df:d3:a2:73:dd:b4:0a:ee:73:de:51:89:2c:cf:
69:24:f3:2c:0e:6a:38:33:2e:48:45:7a:bb:c9:2b:80:62:da:
e0:c0:71:0a:c5:02:ed:5a:b8:45:59:9f:5c:65:41:ea:b3:f1:
36:08:f0:a9:ff:dc:27:d3:f1:52:7e:f0:0a:c6:88:54:52:ba:
ff:f2:a3:af
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYVtr2k76+3gxcsUlzH81ZotMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMwMTAxMTQxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmYyNGRkYTY5YWVkNGQ2MjBiZGY1MDk0YTRlYTFhOTlkYmM2YTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiuUqEw7VJ/peSrJ7EOrbvlwrr2v
iiYJXeD9wqJWXauL27IGL8rf126KWaESpncsbD95jkn+6EmOA3y+FoTbSFOsbZbH
MKJfqlyJBgKsicSRppbcWS88bSxsyjbam0DgSvvQtEjuFligq2COjGRXOOWrFjnk
+QafKimjkKDYdjnK+lnhg3+k0ogv49HBnAP0OteLKsk2DJNmJmayYpLRNgPhXqmW
1e4/5WVAyxZnJY8KAaV1QUn0znNsIKceDzNGM+/wQBaFerxd1kIGqL52YT+rTlHH
XJ+kMW6wFgdYQbDiDiCr8XvZ383SuEMifE32Z5ol8Zy48QXkJ2MHbCE1swIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFNLyTdpprtTWIL31CUpOoamdvGoFMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvMHZKTjJtbXUxTllndmZVSlNrNmhxWjI4YWdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQBUP38AwQA
W5dQAwQAW5dSMAwDBABbl1sDBABbl1wwDAMEB9WOgAMEAdWOhAMEAdWOiAMEANWO
jgMEAdWOkAMEAdWOmDANBgkqhkiG9w0BAQsFAAOCAQEAOjh6d+IZbeUgzxWQC9RR
9fY/WGnioVevEuq3MYv9JhKBgwUY/ubDhsIrmO5V+/kopKlB/Bd4517EUv6z9/0w
x3xkGez6Ft9fhGXL+lP7IoTCzG3NCbodKvnqyBDj3GSlpYU4ojUCQKqjKICaWwBX
rhEa4Ob+vr8VH1fwPXpM2Dn/amDDg1hhoo5oaKPYMAxLfww7w9l3OSK/chyAqQgN
2DSEac8YtJG+2/JyPlGFavrICZ5F5cwbGN/TonPdtAruc95RiSzPaSTzLA5qODMu
SEV6u8krgGLa4MBxCsUC7Vq4RVmfXGVB6rPxNgjwqf/cJ9PxUn7wCsaIVFK6//Kj
rw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:04 2024 by rpki-client on console-fra.rpki-client.org