Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/b0EF8jFo_Bx1-YFVA0h_wuiSoTI.roa
File: b0EF8jFo_Bx1-YFVA0h_wuiSoTI.roa (raw, json)
Hash identifier: 2WSNGRxcUpBKFZzXjR+D68dSOCy7O/VtMaJ0tIxjjzQ=
Subject key identifier: 6F:41:05:F2:31:68:FC:1C:75:F9:81:55:03:48:7F:C2:E8:92:A1:32
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 01909D6BED38C0D1D45F186D9610CAEB5C74
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/b0EF8jFo_Bx1-YFVA0h_wuiSoTI.roa
Signing time: Wed 10 Jul 2024 16:13:34 +0000
ROA not before: Wed 10 Jul 2024 16:13:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60707
IP address blocks: 80.253.245.0/24 maxlen: 24
80.253.247.0/24 maxlen: 24
91.151.83.0/24 maxlen: 24
91.151.84.0/24 maxlen: 24
213.142.135.0/24 maxlen: 24
213.142.143.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9d:6b:ed:38:c0:d1:d4:5f:18:6d:96:10:ca:eb:5c:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jul 10 16:13:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f4105f23168fc1c75f9815503487fc2e892a132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c0:94:27:0c:cd:d6:bd:21:a7:93:61:52:cd:
9c:f0:f4:38:4e:03:0f:55:10:4b:bb:c0:eb:b9:1a:
17:2a:cb:f6:f1:78:2f:b1:61:87:82:25:71:7b:db:
96:57:c4:b0:4a:45:6d:4d:8d:b5:89:db:5d:62:4f:
27:ab:5a:06:21:80:12:15:7a:f3:54:20:f7:1f:f7:
2c:a0:f0:23:0f:9d:ad:6f:5c:3c:a9:8b:bc:eb:14:
ff:7f:02:b7:56:cd:0f:c4:56:c7:71:48:81:86:b5:
bc:18:d9:74:66:ba:2d:e8:b0:f7:7a:07:e3:7a:f0:
a0:96:19:52:71:4f:32:1f:3d:69:7f:af:67:4c:ea:
79:ea:4f:c6:50:15:4a:b2:90:5e:24:3e:75:42:7c:
75:f3:97:fa:76:4e:fd:31:04:6c:19:d7:db:cc:87:
1f:e2:7a:a2:4f:e5:f3:1f:34:3a:9c:d9:d5:39:53:
8d:73:ea:32:fb:76:23:3d:35:a4:53:d4:37:3e:a1:
00:ba:d1:95:53:cf:20:0b:8e:85:74:14:fd:20:3b:
8f:db:fa:d4:53:ce:1d:8c:cb:77:e8:32:79:a4:8b:
e4:00:d9:8d:46:17:cd:05:3c:8b:f3:6b:21:d4:01:
7d:45:07:45:27:4e:1f:b9:f8:ab:d8:06:fd:eb:36:
2c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:41:05:F2:31:68:FC:1C:75:F9:81:55:03:48:7F:C2:E8:92:A1:32
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/b0EF8jFo_Bx1-YFVA0h_wuiSoTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.245.0/24
80.253.247.0/24
91.151.83.0-91.151.84.255
213.142.135.0/24
213.142.143.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:eb:79:76:ed:c5:3b:d8:33:0d:19:3b:d4:fe:3d:57:9f:a5:
7a:cd:c6:c3:04:c6:20:c9:b2:0e:f8:32:f3:43:f7:2a:39:6d:
7c:90:73:22:f5:ac:20:66:b4:72:06:1e:c9:40:e9:0f:ec:97:
50:18:29:1f:5c:07:a4:d5:f9:86:a1:90:2f:68:16:f9:cf:24:
aa:45:85:f6:53:5d:a2:86:14:7e:28:33:41:1f:70:bb:24:a2:
7e:20:3a:de:2f:43:70:7c:b8:7a:4d:57:4a:53:8a:ed:f5:40:
ae:ba:7d:d6:37:21:60:ae:91:f3:0c:d8:cd:6c:25:59:5b:39:
f0:60:df:a4:29:95:28:2d:30:3a:4b:40:25:5b:42:c8:74:7d:
c4:85:c5:2f:9e:5a:12:e8:5d:e6:2e:31:a2:ca:c9:0e:10:2a:
20:12:5e:14:7d:a6:e2:b6:1f:ae:60:19:93:f1:25:56:58:bd:
4e:8f:8c:96:89:e8:b7:c8:67:bd:2e:d4:98:85:98:da:10:c8:
a8:68:2f:ff:61:94:72:d1:41:ec:e3:0e:3d:ec:de:f7:fc:24:
13:d3:0e:09:c3:7b:39:8b:ce:28:4d:a9:78:60:e3:c4:d9:8d:
1d:e6:0f:1a:ce:8d:64:95:b2:cd:55:e9:13:08:65:7e:35:78:
8b:14:1a:4f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZCda+04wNHUXxhtlhDK61x0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjQwNzEwMTYxMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjQxMDVmMjMxNjhmYzFjNzVmOTgxNTUwMzQ4N2ZjMmU4OTJhMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8CUJwzN1r0hp5NhUs2c8PQ4TgMP
VRBLu8DruRoXKsv28XgvsWGHgiVxe9uWV8SwSkVtTY21idtdYk8nq1oGIYASFXrz
VCD3H/csoPAjD52tb1w8qYu86xT/fwK3Vs0PxFbHcUiBhrW8GNl0Zrot6LD3egfj
evCglhlScU8yHz1pf69nTOp56k/GUBVKspBeJD51Qnx185f6dk79MQRsGdfbzIcf
4nqiT+XzHzQ6nNnVOVONc+oy+3YjPTWkU9Q3PqEAutGVU88gC46FdBT9IDuP2/rU
U84djMt36DJ5pIvkANmNRhfNBTyL82sh1AF9RQdFJ04fufir2Ab96zYsQwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFG9BBfIxaPwcdfmBVQNIf8LokqEyMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvYjBFRjhqRm9fQngxLVlGVkEwaF93dWlTb1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAUP31AwQA
UP33MAwDBABbl1MDBABbl1QDBADVjocDBADVjo8wDQYJKoZIhvcNAQELBQADggEB
AMrreXbtxTvYMw0ZO9T+PVefpXrNxsMExiDJsg74MvND9yo5bXyQcyL1rCBmtHIG
HslA6Q/sl1AYKR9cB6TV+YahkC9oFvnPJKpFhfZTXaKGFH4oM0EfcLskon4gOt4v
Q3B8uHpNV0pTiu31QK66fdY3IWCukfMM2M1sJVlbOfBg36QplSgtMDpLQCVbQsh0
fcSFxS+eWhLoXeYuMaLKyQ4QKiASXhR9puK2H65gGZPxJVZYvU6PjJaJ6LfIZ70u
1JiFmNoQyKhoL/9hlHLRQezjDj3s3vf8JBPTDgnDezmLzihNqXhg48TZjR3mDxrO
jWSVss1V6RMIZX41eIsUGk8=
-----END CERTIFICATE-----
Generated at Tue Aug 27 16:34:31 2024 by rpki-client on console-ams.rpki-client.org