Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/RNDQTH3m2Ob8M-vFJGABIlqCBlE.roa
File: RNDQTH3m2Ob8M-vFJGABIlqCBlE.roa (raw, json)
Hash identifier: qaNZ4nqKW3UPnCDQCfu8lYb/cD/ZPWa7HrzWPwIHDls=
Subject key identifier: 44:D0:D0:4C:7D:E6:D8:E6:FC:33:EB:C5:24:60:01:22:5A:82:06:51
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0B3399BF
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/RNDQTH3m2Ob8M-vFJGABIlqCBlE.roa
Signing time: Thu 17 Mar 2022 22:25:18 +0000
ROA not before: Thu 17 Mar 2022 22:25:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207633
IP address blocks: 213.142.149.0/24 maxlen: 24
213.142.156.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 187931071 (0xb3399bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Mar 17 22:25:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44d0d04c7de6d8e6fc33ebc5246001225a820651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9e:fd:44:66:30:30:dd:24:60:17:f2:fa:24:
eb:e2:ea:29:06:40:c4:bc:a8:fa:c9:f8:f9:75:3e:
5f:f6:7d:f8:32:d9:7f:b0:38:b1:4d:50:f4:1c:0e:
e8:47:9b:f8:ed:88:df:f7:63:e4:70:7c:69:16:19:
de:fa:dc:dc:5f:7e:76:b1:34:c2:34:97:1d:94:36:
58:cf:ff:11:52:c0:9f:d4:0f:7a:82:0c:00:3e:bb:
02:41:f4:f7:bb:d3:18:45:5e:36:ea:8b:13:7a:cc:
e8:62:11:6b:25:2a:d5:37:ba:06:3c:6b:79:68:cf:
0c:08:4e:0a:4b:27:43:f1:b9:55:98:cd:1b:79:fb:
3e:f3:d6:e8:3e:67:68:c5:a7:7c:f3:ee:90:39:3a:
cb:ea:a1:58:98:9e:68:91:35:6a:83:c0:58:7d:d1:
f5:90:bf:e4:57:45:0e:11:d9:d4:10:d1:83:0c:08:
b7:e2:e8:ea:69:0e:3d:55:75:ef:15:d3:90:36:b3:
59:46:c2:59:2c:84:30:94:f4:e7:8f:a6:99:25:18:
b2:3e:2d:37:fe:00:bd:cf:5c:78:5a:5a:de:4a:ca:
22:39:71:4a:bf:70:03:ee:20:c3:7c:7a:db:6f:03:
31:a4:6a:be:2d:4a:db:59:2a:79:5a:76:44:30:e3:
af:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D0:D0:4C:7D:E6:D8:E6:FC:33:EB:C5:24:60:01:22:5A:82:06:51
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/RNDQTH3m2Ob8M-vFJGABIlqCBlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.142.149.0/24
213.142.156.0/24
Signature Algorithm: sha256WithRSAEncryption
23:99:de:2f:a2:f5:91:99:ee:5a:ad:2d:92:ad:a6:9e:f5:64:
6c:68:03:45:96:93:c7:2a:6d:ef:ea:b4:34:d1:60:d0:d0:0b:
a8:2a:9a:6a:ee:d2:70:9b:69:10:a5:30:f9:8f:b5:62:c3:2a:
4d:0f:f5:6c:46:45:9f:6b:f2:29:89:a0:b9:6b:39:02:8a:07:
c0:cb:05:ec:e9:b6:f3:12:7b:1a:60:04:7b:e7:af:09:23:1c:
e2:16:ae:61:df:e7:2f:f7:f9:35:ee:c6:f0:f4:58:aa:3e:d4:
72:29:ab:34:eb:b1:b0:36:49:1f:53:37:cf:de:84:4f:a3:fa:
c9:5a:0c:11:a5:f5:e2:5c:97:8b:e3:86:8f:1c:f0:40:59:eb:
87:1f:69:b3:44:66:26:43:69:bc:79:c4:87:31:ee:dc:d8:d3:
04:8a:25:d4:1d:ea:1f:1a:6c:25:e2:89:94:17:37:52:10:54:
d1:07:c4:4b:40:d0:b0:5a:a9:0f:d4:02:fc:77:5e:4c:c2:92:
6e:59:75:2d:29:61:0c:17:59:ec:22:f9:c3:1c:64:c5:18:d4:
0a:31:e9:19:56:b5:ee:79:fb:06:7d:70:de:1b:7e:20:39:2a:
a8:3a:98:34:46:b5:99:29:f8:b1:9b:ed:ca:ca:4d:61:0b:2e:
bf:53:4e:a3
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECzOZvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjcxZTliMTNmNWMzMzlhNTg2OTJlZWFiZTcyZWFhNDA2YmJiZDdkMB4XDTIyMDMx
NzIyMjUxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDRkMGQwNGM3ZGU2
ZDhlNmZjMzNlYmM1MjQ2MDAxMjI1YTgyMDY1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMKe/URmMDDdJGAX8vok6+LqKQZAxLyo+sn4+XU+X/Z9+DLZ
f7A4sU1Q9BwO6Eeb+O2I3/dj5HB8aRYZ3vrc3F9+drE0wjSXHZQ2WM//EVLAn9QP
eoIMAD67AkH097vTGEVeNuqLE3rM6GIRayUq1Te6BjxreWjPDAhOCksnQ/G5VZjN
G3n7PvPW6D5naMWnfPPukDk6y+qhWJieaJE1aoPAWH3R9ZC/5FdFDhHZ1BDRgwwI
t+Lo6mkOPVV17xXTkDazWUbCWSyEMJT054+mmSUYsj4tN/4Avc9ceFpa3krKIjlx
Sr9wA+4gw3x6228DMaRqvi1K21kqeVp2RDDjr1sCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRE0NBMfebY5vwz68UkYAEiWoIGUTAfBgNVHSMEGDAWgBSrcemxP1wzmlhp
Luq+cuqkBru9fTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EzSHBzVDljTTVwWWFTN3F2bkxxcEFhN3ZYMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8x
L1JORFFUSDNtMk9iOE0tdkZKR0FCSWxxQ0JsRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8xL3EzSHBzVDljTTVw
WWFTN3F2bkxxcEFhN3ZYMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEANWOlQMEANWOnDANBgkqhkiG9w0B
AQsFAAOCAQEAI5neL6L1kZnuWq0tkq2mnvVkbGgDRZaTxypt7+q0NNFg0NALqCqa
au7ScJtpEKUw+Y+1YsMqTQ/1bEZFn2vyKYmguWs5AooHwMsF7Om28xJ7GmAEe+ev
CSMc4hauYd/nL/f5Ne7G8PRYqj7UcimrNOuxsDZJH1M3z96ET6P6yVoMEaX14lyX
i+OGjxzwQFnrhx9ps0RmJkNpvHnEhzHu3NjTBIol1B3qHxpsJeKJlBc3UhBU0QfE
S0DQsFqpD9QC/HdeTMKSbll1LSlhDBdZ7CL5wxxkxRjUCjHpGVa17nn7Bn1w3ht+
IDkqqDqYNEa1mSn4sZvtyspNYQsuv1NOow==
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:48:27 2025 by rpki-client