Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/CFOvno__Qizf4YuUaWGM-0wZUEk.roa
File: CFOvno__Qizf4YuUaWGM-0wZUEk.roa (raw, json)
Hash identifier: udMy4iYTe8KYJjUil7qr9NmykXoYsTQ6PlQ+2seZN2Q=
Subject key identifier: 08:53:AF:9E:8F:FF:42:2C:DF:E1:8B:94:69:61:8C:FB:4C:19:50:49
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0AEE522C
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/CFOvno__Qizf4YuUaWGM-0wZUEk.roa
Signing time: Fri 18 Feb 2022 16:24:46 +0000
ROA not before: Fri 18 Feb 2022 16:24:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212219
IP address blocks: 213.142.148.0/24 maxlen: 32
213.142.151.0/24 maxlen: 24
213.142.159.0/24 maxlen: 24
80.253.246.0/24 maxlen: 32
91.151.88.0/24 maxlen: 32
91.151.89.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 183390764 (0xaee522c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Feb 18 16:24:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0853af9e8fff422cdfe18b9469618cfb4c195049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:31:d3:8a:54:0b:a7:2d:e0:eb:dd:26:2e:28:
ef:a1:59:09:42:aa:ed:7b:7f:e4:3f:13:bd:e2:88:
e5:cd:83:2b:1b:a5:89:de:b9:27:31:36:bf:d2:52:
03:87:39:97:7c:07:1e:dd:52:9d:ad:28:ea:0f:6b:
7d:4d:e8:0d:ad:2a:ff:69:7b:e6:74:3d:d8:05:2e:
23:fe:46:03:f7:41:40:c4:6e:d0:56:e4:a8:9b:7b:
ce:e7:e1:10:f7:6a:5e:c4:b6:2b:63:d1:be:06:f0:
a0:55:cc:9e:94:d8:8e:76:13:6d:7b:33:5d:fb:62:
14:af:af:ce:40:ef:b8:7d:33:5e:54:8a:66:ca:a2:
e5:97:e0:9d:a6:30:c3:e1:bf:a9:71:b6:de:4d:01:
60:ce:c1:17:94:19:6a:a6:76:16:f4:1e:16:39:7a:
52:e0:09:31:0a:3d:32:fe:1b:dc:b0:b2:23:75:6f:
24:6d:6f:c8:e1:71:3c:ee:08:63:7e:e5:b0:9d:6f:
4b:de:98:fb:4b:c7:ee:eb:55:04:22:84:bb:16:86:
de:3d:79:75:d5:39:5c:14:11:89:de:77:b7:72:a9:
66:e3:25:38:b9:c5:00:e0:d3:a1:87:97:9d:0e:26:
b8:52:0f:da:02:28:5f:66:a0:ce:40:ad:a4:60:75:
52:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:53:AF:9E:8F:FF:42:2C:DF:E1:8B:94:69:61:8C:FB:4C:19:50:49
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/CFOvno__Qizf4YuUaWGM-0wZUEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.246.0/24
91.151.88.0/23
213.142.148.0/24
213.142.151.0/24
213.142.159.0/24
Signature Algorithm: sha256WithRSAEncryption
70:90:22:80:ab:59:f3:b8:c6:92:ab:d1:5a:7b:e1:f5:09:1c:
21:89:49:df:d8:a3:c6:86:a3:4c:fe:b3:9c:35:5a:8e:b0:a7:
ce:cb:e2:69:85:9e:52:7c:6f:2f:86:53:f8:85:ef:cc:45:23:
52:2e:69:6c:dd:17:f1:12:95:18:ed:ae:58:18:62:64:05:1f:
c3:36:75:dc:d1:b1:a4:6e:96:59:fa:40:f4:24:40:b8:0b:f3:
78:19:99:5a:1c:cc:d8:2a:26:3d:92:5f:ce:4d:c4:ae:da:d7:
7e:1c:ee:40:39:cf:7b:ce:48:15:fc:30:76:cc:54:2d:b9:4b:
96:80:24:14:95:c8:83:7e:e8:14:26:ed:35:7e:d1:e0:2c:2e:
a1:87:9a:c6:a9:3f:18:eb:38:a4:ea:db:16:7a:41:2e:14:69:
4f:06:f8:66:be:91:0b:28:9c:e0:d8:40:78:48:b2:8b:3b:bf:
b6:7d:ec:fa:db:e0:7f:cd:16:86:99:4c:48:31:1e:b8:8f:e9:
a4:de:29:ab:c3:db:91:96:69:20:f2:55:b4:8e:c6:43:e0:6a:
b1:8c:cd:bf:b4:fe:20:3e:6f:b8:c5:47:cf:4b:be:61:0b:3b:
70:22:47:b2:27:32:cc:46:d9:a5:a4:50:6c:d8:61:04:c0:cf:
bb:06:57:4a
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECu5SLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjcxZTliMTNmNWMzMzlhNTg2OTJlZWFiZTcyZWFhNDA2YmJiZDdkMB4XDTIyMDIx
ODE2MjQ0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDg1M2FmOWU4ZmZm
NDIyY2RmZTE4Yjk0Njk2MThjZmI0YzE5NTA0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJYx04pUC6ct4OvdJi4o76FZCUKq7Xt/5D8TveKI5c2DKxul
id65JzE2v9JSA4c5l3wHHt1Sna0o6g9rfU3oDa0q/2l75nQ92AUuI/5GA/dBQMRu
0FbkqJt7zufhEPdqXsS2K2PRvgbwoFXMnpTYjnYTbXszXftiFK+vzkDvuH0zXlSK
Zsqi5ZfgnaYww+G/qXG23k0BYM7BF5QZaqZ2FvQeFjl6UuAJMQo9Mv4b3LCyI3Vv
JG1vyOFxPO4IY37lsJ1vS96Y+0vH7utVBCKEuxaG3j15ddU5XBQRid53t3KpZuMl
OLnFAODToYeXnQ4muFIP2gIoX2agzkCtpGB1UpECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQIU6+ej/9CLN/hi5RpYYz7TBlQSTAfBgNVHSMEGDAWgBSrcemxP1wzmlhp
Luq+cuqkBru9fTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EzSHBzVDljTTVwWWFTN3F2bkxxcEFhN3ZYMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8x
L0NGT3Zub19fUWl6ZjRZdVVhV0dNLTB3WlVFay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8xL3EzSHBzVDljTTVw
WWFTN3F2bkxxcEFhN3ZYMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFD99gMEAVuXWAMEANWOlAMEANWO
lwMEANWOnzANBgkqhkiG9w0BAQsFAAOCAQEAcJAigKtZ87jGkqvRWnvh9QkcIYlJ
39ijxoajTP6znDVajrCnzsviaYWeUnxvL4ZT+IXvzEUjUi5pbN0X8RKVGO2uWBhi
ZAUfwzZ13NGxpG6WWfpA9CRAuAvzeBmZWhzM2ComPZJfzk3ErtrXfhzuQDnPe85I
FfwwdsxULblLloAkFJXIg37oFCbtNX7R4CwuoYeaxqk/GOs4pOrbFnpBLhRpTwb4
Zr6RCyic4NhAeEiyizu/tn3s+tvgf80WhplMSDEeuI/ppN4pq8PbkZZpIPJVtI7G
Q+BqsYzNv7T+ID5vuMVHz0u+YQs7cCJHsicyzEbZpaRQbNhhBMDPuwZXSg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:04 2024 by rpki-client on console-fra.rpki-client.org