Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/T_S0T9o25rNAKSdqwF5ix7uXJRo.roa
File: T_S0T9o25rNAKSdqwF5ix7uXJRo.roa (raw, json)
Hash identifier: f/O1WDlvI7AHCCWFUi3//NQk6paUAI+ElxQcb1vseaQ=
Subject key identifier: 4F:F4:B4:4F:DA:36:E6:B3:40:29:27:6A:C0:5E:62:C7:BB:97:25:1A
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0190BBA2BF0A53A242F0C487C92EF51490A8
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/T_S0T9o25rNAKSdqwF5ix7uXJRo.roa
Signing time: Tue 16 Jul 2024 13:02:03 +0000
ROA not before: Tue 16 Jul 2024 13:02:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212219
IP address blocks: 80.253.246.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bb:a2:bf:0a:53:a2:42:f0:c4:87:c9:2e:f5:14:90:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jul 16 13:02:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ff4b44fda36e6b34029276ac05e62c7bb97251a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:50:1f:2b:10:e8:3c:e1:5e:9c:ea:1d:b1:77:
c7:1d:a5:7e:e1:91:d8:35:e7:b0:3f:52:b0:62:f3:
63:ef:7a:3c:41:79:e3:ea:3e:21:19:65:35:19:d6:
de:7a:98:34:5f:af:ff:2a:9c:b9:83:b2:00:81:f7:
fe:58:73:a3:c9:6d:d6:5a:9a:cf:55:ee:75:2a:34:
f5:c5:8a:60:7b:34:5b:59:44:72:f0:1e:89:f3:f2:
62:50:f9:dc:36:f9:e9:30:96:f5:a6:96:d2:92:2d:
c9:1b:63:d7:d7:5d:d9:52:c7:68:b1:5e:cd:8c:9e:
b5:e2:a7:40:7e:c3:a7:62:85:50:00:3f:90:b9:aa:
d6:73:41:77:28:20:36:02:c2:f2:15:37:82:34:15:
61:40:29:23:09:7a:fa:25:29:a0:eb:9e:23:5e:bd:
52:af:90:87:a0:13:e1:49:18:36:a3:10:ae:b9:8f:
32:94:28:59:b0:94:cc:f7:a4:fb:a7:8a:0e:05:49:
2f:6b:4b:5c:d9:5a:aa:db:15:31:0e:99:22:5b:ec:
90:de:da:16:44:b5:25:0b:d9:0b:a0:b0:5b:26:0b:
f5:45:a9:ba:52:03:0c:a1:08:87:00:a5:ae:44:ba:
6d:b1:fd:a8:36:4a:c7:85:b3:14:66:b9:56:f4:5d:
a5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:F4:B4:4F:DA:36:E6:B3:40:29:27:6A:C0:5E:62:C7:BB:97:25:1A
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/T_S0T9o25rNAKSdqwF5ix7uXJRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.246.0/24
Signature Algorithm: sha256WithRSAEncryption
58:7c:31:d6:4c:12:8f:20:ef:14:84:1c:22:2f:3a:c9:fb:ce:
08:a5:1e:84:01:30:3c:e3:6e:2a:e9:22:01:0f:6d:8b:c9:48:
57:c2:e5:3c:1c:c7:11:9d:5a:c9:45:d5:dc:c3:b3:5d:e6:b5:
3a:eb:fb:14:6e:e9:dd:38:7d:97:ad:8f:c1:0c:e5:65:8e:7c:
4f:dc:24:c6:75:88:fb:cc:a8:7b:20:14:e7:b2:82:b3:e8:96:
5b:2c:ba:98:bd:24:a1:e8:23:1d:14:48:21:8e:23:b7:a9:c7:
f6:34:12:da:f8:1d:8b:e3:bc:2c:04:98:e7:99:f2:13:1e:20:
b8:0a:b6:5c:ae:12:47:a2:4b:f1:61:d4:83:bf:35:06:4a:81:
48:d4:32:6d:9e:da:3d:58:15:96:f2:a3:7e:3c:66:10:81:1e:
83:10:4d:98:7e:15:d9:27:f2:c7:40:12:7c:e5:85:bb:9c:17:
a8:93:4d:17:cb:40:6c:9e:09:16:c4:34:05:fc:6c:8c:7f:c7:
7f:df:41:2c:72:5a:65:a4:35:e4:8f:42:4d:18:75:7a:01:93:
a0:59:8e:b4:5d:7c:26:8d:14:38:5c:46:4e:af:d7:65:1c:cd:
eb:b6:b5:c5:ea:4f:58:b2:99:f0:17:94:65:3e:a0:78:43:2f:
00:78:46:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZC7or8KU6JC8MSHyS71FJCoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjQwNzE2MTMwMjAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmY0YjQ0ZmRhMzZlNmIzNDAyOTI3NmFjMDVlNjJjN2JiOTcyNTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlAfKxDoPOFenOodsXfHHaV+4ZHY
NeewP1KwYvNj73o8QXnj6j4hGWU1Gdbeepg0X6//Kpy5g7IAgff+WHOjyW3WWprP
Ve51KjT1xYpgezRbWURy8B6J8/JiUPncNvnpMJb1ppbSki3JG2PX113ZUsdosV7N
jJ614qdAfsOnYoVQAD+QuarWc0F3KCA2AsLyFTeCNBVhQCkjCXr6JSmg654jXr1S
r5CHoBPhSRg2oxCuuY8ylChZsJTM96T7p4oOBUkva0tc2Vqq2xUxDpkiW+yQ3toW
RLUlC9kLoLBbJgv1Ram6UgMMoQiHAKWuRLptsf2oNkrHhbMUZrlW9F2lnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE/0tE/aNuazQCknasBeYse7lyUaMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvVF9TMFQ5bzI1ck5BS1NkcXdGNWl4N3VYSlJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUP32MA0G
CSqGSIb3DQEBCwUAA4IBAQBYfDHWTBKPIO8UhBwiLzrJ+84IpR6EATA8424q6SIB
D22LyUhXwuU8HMcRnVrJRdXcw7Nd5rU66/sUbundOH2XrY/BDOVljnxP3CTGdYj7
zKh7IBTnsoKz6JZbLLqYvSSh6CMdFEghjiO3qcf2NBLa+B2L47wsBJjnmfITHiC4
CrZcrhJHokvxYdSDvzUGSoFI1DJtnto9WBWW8qN+PGYQgR6DEE2YfhXZJ/LHQBJ8
5YW7nBeok00Xy0BsngkWxDQF/GyMf8d/30EsclplpDXkj0JNGHV6AZOgWY60XXwm
jRQ4XEZOr9dlHM3rtrXF6k9YspnwF5RlPqB4Qy8AeEYa
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:43 2025 by rpki-client