Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/6jUJyJicz0WBqWUwrxfJGQM7iXU.roa
File: 6jUJyJicz0WBqWUwrxfJGQM7iXU.roa (raw, json)
Hash identifier: /0QHUM3JOX3Y6uPS+0Cou8bHfturTRadxLt5Sn87F6A=
Subject key identifier: EA:35:09:C8:98:9C:CF:45:81:A9:65:30:AF:17:C9:19:03:3B:89:75
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 018C4487F644D84EFEE9B805D01D0745C809
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/6jUJyJicz0WBqWUwrxfJGQM7iXU.roa
Signing time: Thu 07 Dec 2023 13:46:50 +0000
ROA not before: Thu 07 Dec 2023 13:46:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 213.142.136.0/24 maxlen: 24
213.142.137.0/24 maxlen: 24
213.142.144.0/24 maxlen: 32
213.142.145.0/24 maxlen: 32
213.142.142.0/24 maxlen: 32
213.142.152.0/23 maxlen: 24
213.142.128.0/24 maxlen: 24
213.142.129.0/24 maxlen: 24
213.142.131.0/24 maxlen: 24
213.142.130.0/24 maxlen: 24
91.151.92.0/24 maxlen: 24
80.253.252.0/22 maxlen: 24
91.151.80.0/24 maxlen: 24
91.151.82.0/24 maxlen: 24
91.151.91.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:44:87:f6:44:d8:4e:fe:e9:b8:05:d0:1d:07:45:c8:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Dec 7 13:46:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea3509c8989ccf4581a96530af17c919033b8975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:69:0b:79:92:79:77:fb:d1:d5:f3:d9:32:62:
d5:ee:00:6b:8e:fc:0a:9e:fb:b1:d7:2f:ec:ef:36:
3b:a2:d9:1b:a6:85:fb:ce:78:24:07:95:bc:d1:8e:
21:62:77:9e:58:65:0e:a2:5b:0c:c4:f8:2e:ab:db:
1c:28:35:1b:8f:a2:64:ba:a1:fd:b5:43:f5:5c:93:
22:6a:93:8f:69:3e:69:dc:bb:93:ef:30:15:d0:11:
40:ba:8f:bf:6c:46:c4:b0:d4:42:f2:18:cb:b1:b1:
d1:3d:ae:d2:4d:15:52:fc:da:59:85:4c:2f:d6:ef:
0f:b8:c3:30:59:14:24:3b:1c:a4:f8:d7:2d:8c:6b:
e1:29:db:fc:03:5c:55:6a:bf:28:4e:8c:07:97:be:
08:99:89:98:f9:e3:bc:6f:08:83:dd:1c:47:3a:b7:
c1:69:79:11:4b:7b:27:c2:6c:3f:88:2e:7b:9d:2f:
14:a2:ee:82:dc:be:a2:8b:d1:00:55:40:46:ae:ba:
e7:7e:85:80:d4:f4:0f:da:84:64:fc:bc:2e:8d:c9:
52:35:6d:2f:af:58:a4:cd:4b:3c:17:21:b8:98:eb:
36:a4:a0:35:6e:c6:b8:45:09:20:00:49:65:7e:54:
22:21:9a:56:37:33:55:3d:b9:45:42:2d:db:41:00:
29:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:35:09:C8:98:9C:CF:45:81:A9:65:30:AF:17:C9:19:03:3B:89:75
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/6jUJyJicz0WBqWUwrxfJGQM7iXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.252.0/22
91.151.80.0/24
91.151.82.0/24
91.151.91.0-91.151.92.255
213.142.128.0/22
213.142.136.0/23
213.142.142.0/24
213.142.144.0/23
213.142.152.0/23
Signature Algorithm: sha256WithRSAEncryption
72:39:71:67:f9:a7:56:77:ae:17:b1:e0:a9:de:0f:85:e4:4e:
51:cc:57:dd:2d:2c:a6:e7:27:30:eb:dd:59:cc:d2:24:8e:c2:
85:be:e4:d1:10:92:de:c7:53:61:cb:ef:37:89:02:ea:97:2d:
74:1a:9d:ed:47:ee:52:83:15:99:71:fa:55:f3:11:c7:d7:ec:
44:8e:89:b4:2e:f7:9f:ec:63:78:75:ae:9c:d8:34:5c:7b:2e:
83:3e:1e:55:64:53:8b:2a:f2:07:8a:d5:42:ab:a9:02:ba:6a:
8d:0a:3d:50:86:75:25:99:5f:79:df:d9:58:05:89:ee:1f:37:
68:6b:af:57:85:00:8a:8b:8c:12:c0:d8:12:b2:6e:c9:30:6d:
fd:82:b6:02:9d:31:3a:a1:2b:79:1d:b9:d6:81:2e:0b:9d:d1:
05:4a:8a:63:ac:4c:ea:55:6a:19:f2:57:2c:69:8a:39:9d:41:
ea:35:36:07:46:fc:36:6f:60:ba:b2:1b:df:08:95:0a:42:73:
f5:fa:74:1a:d6:11:6b:b7:04:0b:97:3b:7a:57:4b:cb:dc:58:
35:3d:27:e2:69:f7:6f:fa:69:92:81:4e:5c:10:0c:fd:2c:ec:
95:ff:b0:72:5e:a5:80:08:be:ed:77:c6:c0:67:d8:de:89:28:
ca:62:08:1b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYxEh/ZE2E7+6bgF0B0HRcgJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMxMjA3MTM0NjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTM1MDljODk4OWNjZjQ1ODFhOTY1MzBhZjE3YzkxOTAzM2I4OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWkLeZJ5d/vR1fPZMmLV7gBrjvwK
nvux1y/s7zY7otkbpoX7zngkB5W80Y4hYneeWGUOolsMxPguq9scKDUbj6JkuqH9
tUP1XJMiapOPaT5p3LuT7zAV0BFAuo+/bEbEsNRC8hjLsbHRPa7STRVS/NpZhUwv
1u8PuMMwWRQkOxyk+NctjGvhKdv8A1xVar8oTowHl74ImYmY+eO8bwiD3RxHOrfB
aXkRS3snwmw/iC57nS8Uou6C3L6ii9EAVUBGrrrnfoWA1PQP2oRk/LwujclSNW0v
r1ikzUs8FyG4mOs2pKA1bsa4RQkgAEllflQiIZpWNzNVPblFQi3bQQAp3QIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFOo1CciYnM9FgallMK8XyRkDO4l1MB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvNmpVSnlKaWN6MFdCcVdVd3J4ZkpHUU03aVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCUP38AwQA
W5dQAwQAW5dSMAwDBABbl1sDBABbl1wDBALVjoADBAHVjogDBADVjo4DBAHVjpAD
BAHVjpgwDQYJKoZIhvcNAQELBQADggEBAHI5cWf5p1Z3rhex4KneD4XkTlHMV90t
LKbnJzDr3VnM0iSOwoW+5NEQkt7HU2HL7zeJAuqXLXQane1H7lKDFZlx+lXzEcfX
7ESOibQu95/sY3h1rpzYNFx7LoM+HlVkU4sq8geK1UKrqQK6ao0KPVCGdSWZX3nf
2VgFie4fN2hrr1eFAIqLjBLA2BKybskwbf2CtgKdMTqhK3kdudaBLgud0QVKimOs
TOpVahnyVyxpijmdQeo1NgdG/DZvYLqyG98IlQpCc/X6dBrWEWu3BAuXO3pXS8vc
WDU9J+Jp92/6aZKBTlwQDP0s7JX/sHJepYAIvu13xsBn2N6JKMpiCBs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:38 2024 by rpki-client on console-ams.rpki-client.org