Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/Ab4ISPTRLdfFRa9KL1jjQuN6HP4.roa
File: Ab4ISPTRLdfFRa9KL1jjQuN6HP4.roa (raw, json)
Hash identifier: RzzdAUrO5JhbGc3FsgR7fusjjUjWxLwGBpUHkqEKuEo=
Subject key identifier: 01:BE:08:48:F4:D1:2D:D7:C5:45:AF:4A:2F:58:E3:42:E3:7A:1C:FE
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 018BC6A3AE64312EC6B7C781FFEFE982305B
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/Ab4ISPTRLdfFRa9KL1jjQuN6HP4.roa
Signing time: Mon 13 Nov 2023 03:04:57 +0000
ROA not before: Mon 13 Nov 2023 03:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 213.142.136.0/24 maxlen: 24
213.142.133.0/24 maxlen: 24
213.142.137.0/24 maxlen: 24
213.142.144.0/24 maxlen: 32
213.142.145.0/24 maxlen: 32
213.142.142.0/24 maxlen: 32
213.142.152.0/23 maxlen: 24
213.142.158.0/24 maxlen: 24
213.142.128.0/24 maxlen: 24
213.142.129.0/24 maxlen: 24
213.142.131.0/24 maxlen: 24
213.142.132.0/24 maxlen: 24
213.142.130.0/24 maxlen: 24
91.151.92.0/24 maxlen: 24
80.253.252.0/22 maxlen: 24
91.151.80.0/24 maxlen: 24
91.151.82.0/24 maxlen: 24
91.151.91.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c6:a3:ae:64:31:2e:c6:b7:c7:81:ff:ef:e9:82:30:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Nov 13 03:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01be0848f4d12dd7c545af4a2f58e342e37a1cfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a7:89:0b:f2:2a:ee:24:ab:c8:5d:7f:cf:d4:
6e:9e:33:87:b0:40:09:f2:48:b1:fa:ca:88:03:e7:
29:ea:c5:3b:15:b6:89:f4:88:a2:0a:8f:9c:60:db:
0c:df:a6:bb:00:f7:01:a2:81:af:5d:51:47:cb:ae:
fb:8e:92:4d:c7:c8:60:97:0e:22:1d:e0:26:de:dd:
85:3e:93:f6:e0:8f:82:69:d6:59:9c:a6:e9:12:d7:
e9:a2:c4:70:6c:68:e3:38:90:53:ee:a6:ce:60:82:
2e:f0:08:b2:3b:df:e4:f1:c6:d8:3e:c4:32:45:07:
a0:7d:84:a4:31:3a:36:6a:7f:cc:df:a4:e5:d2:37:
78:ac:d3:29:0e:af:41:a4:ab:00:58:12:b3:89:6f:
53:5b:81:c2:bc:26:0d:05:b9:f7:45:3b:36:e2:b3:
58:1b:65:05:b5:5e:1b:c4:88:17:62:b9:01:32:c6:
18:84:40:e5:96:ba:77:75:58:01:78:aa:37:de:b5:
6b:2e:cc:7c:15:60:ac:09:45:eb:0c:6c:ae:74:d8:
aa:ac:dc:15:28:23:f5:fd:6f:b7:9b:04:c0:31:f9:
e0:15:3f:46:41:63:0a:aa:ba:c2:e5:d3:0c:61:ff:
aa:3f:6e:26:95:ab:78:80:7a:d7:08:90:aa:02:20:
31:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:BE:08:48:F4:D1:2D:D7:C5:45:AF:4A:2F:58:E3:42:E3:7A:1C:FE
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/Ab4ISPTRLdfFRa9KL1jjQuN6HP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.252.0/22
91.151.80.0/24
91.151.82.0/24
91.151.91.0-91.151.92.255
213.142.128.0-213.142.133.255
213.142.136.0/23
213.142.142.0/24
213.142.144.0/23
213.142.152.0/23
213.142.158.0/24
Signature Algorithm: sha256WithRSAEncryption
25:bb:73:c0:61:6a:84:c9:a1:7b:a6:d3:0b:f8:63:98:03:57:
bf:6c:3b:b4:2e:e5:1c:73:0a:85:a2:97:8a:5f:25:78:1d:89:
3a:5b:06:87:ec:c2:3e:55:81:c2:51:56:03:2c:2b:7e:4b:0b:
9f:77:0c:98:c9:03:f6:28:f0:4d:98:5c:cf:4b:3e:c1:80:e9:
67:db:9f:d1:a1:b2:d9:49:5e:ed:4a:b9:60:ba:6a:00:9d:58:
46:32:58:bc:b5:b2:25:f1:61:0b:55:97:62:87:b5:c1:7b:62:
94:8c:27:65:65:24:2b:87:4f:12:80:8d:2e:8c:32:58:83:40:
46:66:53:1b:e1:ae:15:f5:84:bc:11:a4:39:62:e9:8f:21:ad:
57:58:58:c4:bb:ee:e4:4a:e8:00:2f:63:a1:ad:c0:44:7d:da:
e7:be:67:c1:88:fe:d7:01:56:ab:24:fb:bc:c1:28:f6:7d:18:
ad:e4:82:03:82:39:44:c6:15:e0:94:8e:81:0c:ee:5d:3a:d4:
e5:fc:60:36:d6:e9:b0:ca:09:ba:ab:03:20:f7:18:90:5c:e5:
44:91:67:ac:b2:57:97:06:c7:2e:ca:4b:c2:95:fa:17:3c:31:
5b:32:c9:28:68:73:f2:f6:99:3b:51:cd:75:35:55:1b:88:37:
72:95:23:a2
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYvGo65kMS7Gt8eB/+/pgjBbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMxMTEzMDMwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWJlMDg0OGY0ZDEyZGQ3YzU0NWFmNGEyZjU4ZTM0MmUzN2ExY2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKeJC/Iq7iSryF1/z9RunjOHsEAJ
8kix+sqIA+cp6sU7FbaJ9IiiCo+cYNsM36a7APcBooGvXVFHy677jpJNx8hglw4i
HeAm3t2FPpP24I+CadZZnKbpEtfposRwbGjjOJBT7qbOYIIu8AiyO9/k8cbYPsQy
RQegfYSkMTo2an/M36Tl0jd4rNMpDq9BpKsAWBKziW9TW4HCvCYNBbn3RTs24rNY
G2UFtV4bxIgXYrkBMsYYhEDllrp3dVgBeKo33rVrLsx8FWCsCUXrDGyudNiqrNwV
KCP1/W+3mwTAMfngFT9GQWMKqrrC5dMMYf+qP24mlat4gHrXCJCqAiAxfwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFAG+CEj00S3XxUWvSi9Y40Ljehz+MB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvQWI0SVNQVFJMZGZGUmE5S0wxampRdU42SFA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQCUP38AwQA
W5dQAwQAW5dSMAwDBABbl1sDBABbl1wwDAMEB9WOgAMEAdWOhAMEAdWOiAMEANWO
jgMEAdWOkAMEAdWOmAMEANWOnjANBgkqhkiG9w0BAQsFAAOCAQEAJbtzwGFqhMmh
e6bTC/hjmANXv2w7tC7lHHMKhaKXil8leB2JOlsGh+zCPlWBwlFWAywrfksLn3cM
mMkD9ijwTZhcz0s+wYDpZ9uf0aGy2Ule7Uq5YLpqAJ1YRjJYvLWyJfFhC1WXYoe1
wXtilIwnZWUkK4dPEoCNLowyWINARmZTG+GuFfWEvBGkOWLpjyGtV1hYxLvu5Ero
AC9joa3ARH3a575nwYj+1wFWqyT7vMEo9n0YreSCA4I5RMYV4JSOgQzuXTrU5fxg
NtbpsMoJuqsDIPcYkFzlRJFnrLJXlwbHLspLwpX6FzwxWzLJKGhz8vaZO1HNdTVV
G4g3cpUjog==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:38 2024 by rpki-client on console-ams.rpki-client.org