Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/asMeuVAxfFSHsGBRv1USFv9iKo4.roa
File: asMeuVAxfFSHsGBRv1USFv9iKo4.roa (raw, json)
Hash identifier: 3sUJ1OnR6MPAPiN5/s3pm37f1wpveBiHrBAOXjYIMiE=
Subject key identifier: 6A:C3:1E:B9:50:31:7C:54:87:B0:60:51:BF:55:12:16:FF:62:2A:8E
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 018DA188A344C5EA711446BD558972F37369
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/asMeuVAxfFSHsGBRv1USFv9iKo4.roa
Signing time: Tue 13 Feb 2024 08:15:02 +0000
ROA not before: Tue 13 Feb 2024 08:15:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212219
IP address blocks: 80.253.246.0/24 maxlen: 24
91.151.95.0/24 maxlen: 24
213.142.151.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a1:88:a3:44:c5:ea:71:14:46:bd:55:89:72:f3:73:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Feb 13 08:15:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ac31eb950317c5487b06051bf551216ff622a8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ea:af:a2:4b:c8:eb:f3:4b:f8:5b:dd:3e:57:
9f:2a:3e:0a:f4:33:69:19:13:df:cd:c7:68:df:2c:
16:f7:71:62:02:b8:8a:16:c7:25:17:c2:dc:5d:e7:
02:b6:d3:2c:49:51:c8:a7:6f:a3:30:00:bd:86:0d:
27:0c:ec:95:c1:7a:ca:0d:a8:c5:ca:4b:52:65:d0:
10:99:e9:f3:73:0e:fb:73:2e:78:a5:45:91:0b:e8:
77:dc:34:fe:65:75:75:09:51:72:fc:3b:94:16:4b:
f4:f3:8b:8c:3f:22:39:b8:a0:24:41:41:96:e1:c4:
3f:27:c5:27:6e:1e:b0:29:e7:de:cb:87:b2:8e:1a:
e9:0b:8b:02:66:62:13:61:40:d1:61:67:ec:f4:6b:
12:c9:a9:9b:b8:9c:cf:54:15:f0:8b:a7:f4:c6:c2:
d0:30:63:7c:86:a1:52:48:92:50:71:01:18:28:8b:
93:81:c8:3d:50:ce:37:25:dd:3c:5a:73:2d:3e:53:
ab:40:0c:b7:e3:aa:53:ea:50:c9:8a:35:67:db:69:
d9:8f:9c:aa:5d:0b:a4:eb:ed:d2:3c:b3:08:60:10:
f4:62:ed:63:44:d6:a6:54:b5:31:fc:4a:a7:25:d7:
6e:1d:c7:24:54:21:56:0a:e2:0c:5d:c0:f4:f0:27:
d9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C3:1E:B9:50:31:7C:54:87:B0:60:51:BF:55:12:16:FF:62:2A:8E
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/asMeuVAxfFSHsGBRv1USFv9iKo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.246.0/24
91.151.95.0/24
213.142.151.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:74:8e:11:37:55:0d:ac:34:e7:46:82:25:9f:77:44:fa:b2:
fa:6f:44:cc:c3:d9:8f:a9:fa:60:eb:f3:6f:73:93:87:bb:10:
a9:a6:57:78:b1:62:b2:d9:18:d4:84:96:bc:e1:7c:0a:18:68:
5e:65:45:24:64:36:f1:7e:c9:82:bc:52:fd:f7:98:18:4f:b2:
1c:af:3e:1d:4b:d3:1c:9a:38:76:12:19:b8:e6:26:27:03:b7:
27:1a:6c:50:6c:8b:80:f6:ca:8b:d0:fd:c6:b4:ec:2b:78:b4:
5b:51:1a:21:e1:89:05:05:9d:98:66:42:6d:b0:88:7c:2d:c9:
dc:0a:68:9e:60:81:8b:e6:08:ef:db:a2:c1:e9:01:0b:43:1e:
68:3b:8e:17:80:11:21:1e:c6:2d:b1:18:c6:1d:56:bd:9e:e4:
99:00:a1:21:49:bc:c3:54:f0:dd:c9:6d:c3:d1:5b:55:65:db:
a9:75:8a:af:6b:e4:68:1d:f6:db:7f:c3:d0:0b:af:6c:7d:df:
0a:74:8f:51:07:f1:20:23:6f:33:07:00:21:52:eb:0f:76:e2:
55:71:4e:6d:cc:a7:e0:e3:ff:8c:03:97:2f:ed:23:24:38:5c:
d4:5e:02:2b:bf:92:6b:fa:a8:fb:95:99:a0:e8:29:ff:78:db:
c0:60:ba:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2hiKNExepxFEa9VYly83NpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjQwMjEzMDgxNTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWMzMWViOTUwMzE3YzU0ODdiMDYwNTFiZjU1MTIxNmZmNjIyYThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOqvokvI6/NL+FvdPlefKj4K9DNp
GRPfzcdo3ywW93FiAriKFsclF8LcXecCttMsSVHIp2+jMAC9hg0nDOyVwXrKDajF
yktSZdAQmenzcw77cy54pUWRC+h33DT+ZXV1CVFy/DuUFkv084uMPyI5uKAkQUGW
4cQ/J8Unbh6wKefey4eyjhrpC4sCZmITYUDRYWfs9GsSyambuJzPVBXwi6f0xsLQ
MGN8hqFSSJJQcQEYKIuTgcg9UM43Jd08WnMtPlOrQAy346pT6lDJijVn22nZj5yq
XQuk6+3SPLMIYBD0Yu1jRNamVLUx/EqnJdduHcckVCFWCuIMXcD08CfZKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGrDHrlQMXxUh7BgUb9VEhb/YiqOMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvYXNNZXVWQXhmRlNIc0dCUnYxVVNGdjlpS280LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUP32AwQA
W5dfAwQA1Y6XMA0GCSqGSIb3DQEBCwUAA4IBAQCddI4RN1UNrDTnRoIln3dE+rL6
b0TMw9mPqfpg6/Nvc5OHuxCppld4sWKy2RjUhJa84XwKGGheZUUkZDbxfsmCvFL9
95gYT7Icrz4dS9Mcmjh2Ehm45iYnA7cnGmxQbIuA9sqL0P3GtOwreLRbURoh4YkF
BZ2YZkJtsIh8LcncCmieYIGL5gjv26LB6QELQx5oO44XgBEhHsYtsRjGHVa9nuSZ
AKEhSbzDVPDdyW3D0VtVZdupdYqva+RoHfbbf8PQC69sfd8KdI9RB/EgI28zBwAh
UusPduJVcU5tzKfg4/+MA5cv7SMkOFzUXgIrv5Jr+qj7lZmg6Cn/eNvAYLoR
-----END CERTIFICATE-----
Generated at Tue Jul 16 15:47:32 2024 by rpki-client on console-ams.rpki-client.org