Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/3-HNh00CLXoXYi5Kt-PW8FXGO9g.roa
File: 3-HNh00CLXoXYi5Kt-PW8FXGO9g.roa (raw, json)
Hash identifier: pQnjEF9AnYaf/O5YnvEU4bY4r6cHJScm0Su9UE4Qi1k=
Subject key identifier: DF:E1:CD:87:4D:02:2D:7A:17:62:2E:4A:B7:E3:D6:F0:55:C6:3B:D8
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0BF89B89
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/3-HNh00CLXoXYi5Kt-PW8FXGO9g.roa
Signing time: Fri 10 Jun 2022 17:30:02 +0000
ROA not before: Fri 10 Jun 2022 17:30:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397563
IP address blocks: 213.142.133.0/24 maxlen: 24
213.142.136.0/22 maxlen: 32
213.142.144.0/24 maxlen: 32
213.142.145.0/24 maxlen: 32
213.142.140.0/24 maxlen: 32
213.142.141.0/24 maxlen: 32
213.142.142.0/24 maxlen: 32
213.142.152.0/24 maxlen: 24
213.142.153.0/24 maxlen: 24
213.142.128.0/24 maxlen: 24
213.142.129.0/24 maxlen: 24
213.142.131.0/24 maxlen: 24
213.142.132.0/24 maxlen: 24
213.142.130.0/24 maxlen: 24
91.151.92.0/24 maxlen: 24
80.253.252.0/24 maxlen: 24
80.253.253.0/24 maxlen: 24
91.151.80.0/21 maxlen: 24
91.151.80.0/24 maxlen: 24
91.151.85.0/24 maxlen: 24
91.151.82.0/24 maxlen: 24
91.151.91.0/24 maxlen: 24
91.151.86.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 200842121 (0xbf89b89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jun 10 17:30:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dfe1cd874d022d7a17622e4ab7e3d6f055c63bd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:79:80:4c:a6:b6:14:72:bf:5c:1a:8d:51:77:
23:54:d2:7d:9f:32:2a:59:ac:b8:1f:5c:8b:11:ab:
5f:d9:92:6f:20:a1:03:3e:96:c8:86:16:39:b4:d4:
7e:4c:5b:52:c0:e7:7c:b5:5e:04:24:c3:4e:d9:6a:
94:63:c2:7e:dc:c9:8f:09:f5:f3:c2:90:15:9f:31:
eb:ec:dd:23:c3:9b:26:55:a2:22:f6:a1:5d:c2:5c:
6b:45:01:49:9e:5b:25:5a:fd:9a:3e:41:68:35:22:
d7:2e:8c:91:71:a0:b6:f3:da:bb:b3:1d:48:f5:05:
b5:f9:d0:2f:3f:46:99:4e:6a:e2:d5:af:f3:33:24:
c5:fe:9e:c0:ea:f4:f0:9e:73:fc:f6:ab:cd:77:a7:
8c:80:9c:2c:74:47:e3:4b:77:cd:5f:1c:7f:a6:5e:
b1:8a:5b:d4:b6:cf:f6:2e:ef:28:51:84:44:c0:e2:
fa:9f:95:45:58:b3:92:5c:cd:b2:31:65:9e:93:64:
1e:83:fb:06:04:bc:1c:bb:61:ab:70:4b:91:dc:b2:
62:e3:07:14:d0:7f:a0:21:31:4c:18:33:2d:86:aa:
3f:a6:22:22:fc:ef:9e:8b:9e:ee:88:aa:23:62:48:
06:8d:43:7e:f6:c5:e3:bc:07:bb:5c:f0:23:e6:f7:
c5:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E1:CD:87:4D:02:2D:7A:17:62:2E:4A:B7:E3:D6:F0:55:C6:3B:D8
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/3-HNh00CLXoXYi5Kt-PW8FXGO9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.252.0/23
91.151.80.0/21
91.151.91.0-91.151.92.255
213.142.128.0-213.142.133.255
213.142.136.0-213.142.142.255
213.142.144.0/23
213.142.152.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:7c:e3:b8:4a:d6:63:e5:4f:77:fe:00:66:1d:01:69:42:54:
20:4e:78:0a:3f:28:49:69:03:97:e6:94:14:50:0e:d3:d6:9f:
44:d3:08:a4:93:23:c1:68:49:34:cc:99:50:54:1b:d6:2c:78:
96:62:9c:6e:97:c8:63:29:a0:22:f2:e2:86:92:28:01:11:ce:
3f:6c:b8:20:12:bf:69:23:54:73:15:75:9c:c6:f7:d0:d0:ac:
7a:3c:99:7f:22:3b:fa:32:4d:27:07:d8:0a:1f:65:7c:e8:04:
b2:b9:97:3b:bc:b7:2e:6e:51:3c:c0:f6:48:0e:86:16:ad:1c:
d2:29:72:3e:a9:af:4b:7d:26:09:68:8a:53:c1:57:db:8f:9d:
48:27:36:21:28:46:70:0c:f5:49:98:f3:d5:b1:18:b5:41:ce:
03:bb:d4:ec:fb:68:b4:e9:e9:5f:d5:07:3f:c8:05:7c:c0:48:
d5:3a:2e:0d:df:47:c5:d4:f0:fc:f5:32:71:cc:c8:3a:8b:ff:
3d:1c:60:68:4d:84:a4:b9:0e:ab:af:d6:7c:1c:be:28:c7:ce:
72:9f:0b:45:c4:c4:bf:60:70:cb:81:58:c0:32:a7:5e:92:39:
5e:62:22:2a:3d:2a:c0:74:43:bd:b6:67:88:f5:5f:c9:f5:49:
8f:97:8e:31
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEC/ibiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjcxZTliMTNmNWMzMzlhNTg2OTJlZWFiZTcyZWFhNDA2YmJiZDdkMB4XDTIyMDYx
MDE3MzAwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGZlMWNkODc0ZDAy
MmQ3YTE3NjIyZTRhYjdlM2Q2ZjA1NWM2M2JkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALp5gEymthRyv1wajVF3I1TSfZ8yKlmsuB9cixGrX9mSbyCh
Az6WyIYWObTUfkxbUsDnfLVeBCTDTtlqlGPCftzJjwn188KQFZ8x6+zdI8ObJlWi
IvahXcJca0UBSZ5bJVr9mj5BaDUi1y6MkXGgtvPau7MdSPUFtfnQLz9GmU5q4tWv
8zMkxf6ewOr08J5z/ParzXenjICcLHRH40t3zV8cf6ZesYpb1LbP9i7vKFGERMDi
+p+VRVizklzNsjFlnpNkHoP7BgS8HLthq3BLkdyyYuMHFNB/oCExTBgzLYaqP6Yi
Ivzvnoue7oiqI2JIBo1DfvbF47wHu1zwI+b3xVUCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBTf4c2HTQItehdiLkq349bwVcY72DAfBgNVHSMEGDAWgBSrcemxP1wzmlhp
Luq+cuqkBru9fTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EzSHBzVDljTTVwWWFTN3F2bkxxcEFhN3ZYMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8x
LzMtSE5oMDBDTFhvWFlpNUt0LVBXOEZYR085Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8xL3EzSHBzVDljTTVw
WWFTN3F2bkxxcEFhN3ZYMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAVD9/AMEA1uXUDAMAwQAW5dbAwQA
W5dcMAwDBAfVjoADBAHVjoQwDAMEA9WOiAMEANWOjgMEAdWOkAMEAdWOmDANBgkq
hkiG9w0BAQsFAAOCAQEAfXzjuErWY+VPd/4AZh0BaUJUIE54Cj8oSWkDl+aUFFAO
09afRNMIpJMjwWhJNMyZUFQb1ix4lmKcbpfIYymgIvLihpIoARHOP2y4IBK/aSNU
cxV1nMb30NCsejyZfyI7+jJNJwfYCh9lfOgEsrmXO7y3Lm5RPMD2SA6GFq0c0ily
PqmvS30mCWiKU8FX24+dSCc2IShGcAz1SZjz1bEYtUHOA7vU7PtotOnpX9UHP8gF
fMBI1TouDd9HxdTw/PUycczIOov/PRxgaE2EpLkOq6/WfBy+KMfOcp8LRcTEv2Bw
y4FYwDKnXpI5XmIiKj0qwHRDvbZniPVfyfVJj5eOMQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:11 2023 by rpki-client on console-fra.rpki-client.org