Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/btYprM9-v30dHBQlS0bLmk5a9jY.roa
File: btYprM9-v30dHBQlS0bLmk5a9jY.roa (raw, json)
Hash identifier: 90TOrS4QRRjDIxsErtbf+iSfy0SlJL0p53A8FfFQau8=
Subject key identifier: 6E:D6:29:AC:CF:7E:BF:7D:1D:1C:14:25:4B:46:CB:9A:4E:5A:F6:36
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 018FE2A8ABA95AF64BE951F3BEF4190FADC0
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/btYprM9-v30dHBQlS0bLmk5a9jY.roa
Signing time: Tue 04 Jun 2024 09:50:55 +0000
ROA not before: Tue 04 Jun 2024 09:50:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397563
IP address blocks: 80.253.252.0/22 maxlen: 24
80.253.252.0/23 maxlen: 24
80.253.254.0/23 maxlen: 24
91.151.80.0/24 maxlen: 24
91.151.81.0/24 maxlen: 24
91.151.82.0/24 maxlen: 24
91.151.91.0/24 maxlen: 24
213.142.128.0/24 maxlen: 24
213.142.129.0/24 maxlen: 24
213.142.130.0/24 maxlen: 24
213.142.131.0/24 maxlen: 24
213.142.135.0/24 maxlen: 24
213.142.136.0/24 maxlen: 24
213.142.137.0/24 maxlen: 24
213.142.142.0/24 maxlen: 32
213.142.144.0/24 maxlen: 32
213.142.145.0/24 maxlen: 32
213.142.152.0/23 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e2:a8:ab:a9:5a:f6:4b:e9:51:f3:be:f4:19:0f:ad:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jun 4 09:50:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ed629accf7ebf7d1d1c14254b46cb9a4e5af636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4e:60:dc:a8:74:fa:72:3e:24:50:a7:44:9c:
c1:55:93:6a:62:a1:c6:0b:2a:fd:a0:ca:de:a3:ea:
b6:10:20:6c:e1:a6:3f:f7:ab:b9:75:1e:8f:9e:27:
bc:c6:3c:6b:66:f4:be:2b:09:18:da:0f:ec:df:b2:
3d:35:d2:ee:cb:79:58:98:67:88:e5:d0:3c:0f:d8:
58:8c:33:7f:45:69:c1:dd:98:0a:9c:12:03:b1:bc:
20:d7:59:5c:cb:3d:ef:4a:e1:da:22:b6:7f:a6:44:
ae:8e:08:bd:cc:a9:d4:5a:f4:85:be:ad:2c:44:44:
78:24:13:b9:1b:86:1a:d6:10:a5:4e:d7:85:9f:a5:
17:e2:14:78:21:b2:b0:c4:47:56:45:81:5e:c8:85:
59:3a:e3:32:c1:ad:d0:05:26:c9:69:b6:f9:37:d5:
a9:6c:af:a6:d6:b1:7d:f8:08:e4:60:cf:8e:2f:77:
28:43:17:35:e1:31:32:4f:82:4d:cb:8f:09:a1:fd:
4d:cc:e4:ea:78:b5:40:62:31:79:91:7e:b6:ee:70:
d8:12:4b:7e:ae:23:ac:81:ab:ad:a9:3e:77:08:53:
a8:ac:29:25:97:a1:b0:0c:03:43:43:09:77:87:e0:
39:7a:be:39:ef:6e:20:4a:31:ff:b4:3f:c8:f1:e2:
e4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:D6:29:AC:CF:7E:BF:7D:1D:1C:14:25:4B:46:CB:9A:4E:5A:F6:36
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/btYprM9-v30dHBQlS0bLmk5a9jY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.252.0/22
91.151.80.0-91.151.82.255
91.151.91.0/24
213.142.128.0/22
213.142.135.0-213.142.137.255
213.142.142.0/24
213.142.144.0/23
213.142.152.0/23
Signature Algorithm: sha256WithRSAEncryption
74:11:b0:ab:67:e1:ff:0d:cc:08:3c:80:5f:9f:cf:bf:6f:32:
ba:c0:0f:e1:15:4d:a9:1b:77:4d:01:16:cf:56:e8:21:a3:b2:
c4:bf:34:d3:48:5e:a2:c5:d2:f0:fb:03:84:e4:d3:bb:a7:99:
ba:91:68:72:85:d6:aa:92:4c:45:e4:15:5e:1c:6f:92:52:e0:
09:3e:06:6a:31:8d:f7:4c:a6:63:48:56:b5:bb:2c:60:5d:0a:
7f:0b:05:49:d3:4f:02:dc:8d:81:2c:3d:9b:ee:45:7b:c1:1d:
c5:35:f4:6f:2c:f5:10:5b:17:03:0c:04:6c:a1:69:23:b3:7b:
d1:88:a0:da:dd:23:69:a4:19:b3:9b:04:7a:90:4f:bf:7a:06:
f1:83:03:61:8a:28:ff:32:9f:11:37:0d:93:3f:3c:a5:d3:93:
e2:6d:f0:85:92:25:7a:cd:f8:eb:7a:93:94:00:f3:b7:d5:99:
1f:6c:95:5b:0c:c0:bf:ac:a8:07:36:e6:2c:59:63:ac:0d:36:
03:ec:0a:79:75:91:33:c7:3d:25:9c:21:5b:28:d3:6f:b8:70:
64:1e:61:23:c9:33:40:0b:6c:f1:7a:16:35:48:81:be:1d:a0:
c1:62:24:ae:f0:e3:fd:f7:c7:8f:65:a7:4e:24:23:17:16:65:
b1:08:4b:f8
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAY/iqKupWvZL6VHzvvQZD63AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjQwNjA0MDk1MDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWQ2MjlhY2NmN2ViZjdkMWQxYzE0MjU0YjQ2Y2I5YTRlNWFmNjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiE5g3Kh0+nI+JFCnRJzBVZNqYqHG
Cyr9oMreo+q2ECBs4aY/96u5dR6Pnie8xjxrZvS+KwkY2g/s37I9NdLuy3lYmGeI
5dA8D9hYjDN/RWnB3ZgKnBIDsbwg11lcyz3vSuHaIrZ/pkSujgi9zKnUWvSFvq0s
RER4JBO5G4Ya1hClTteFn6UX4hR4IbKwxEdWRYFeyIVZOuMywa3QBSbJabb5N9Wp
bK+m1rF9+AjkYM+OL3coQxc14TEyT4JNy48Jof1NzOTqeLVAYjF5kX627nDYEkt+
riOsgautqT53CFOorCkll6GwDANDQwl3h+A5er45724gSjH/tD/I8eLkqQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFG7WKazPfr99HRwUJUtGy5pOWvY2MB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvYnRZcHJNOS12MzBkSEJRbFMwYkxtazVhOWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQCUP38MAwD
BARbl1ADBABbl1IDBABbl1sDBALVjoAwDAMEANWOhwMEAdWOiAMEANWOjgMEAdWO
kAMEAdWOmDANBgkqhkiG9w0BAQsFAAOCAQEAdBGwq2fh/w3MCDyAX5/Pv28yusAP
4RVNqRt3TQEWz1boIaOyxL8000heosXS8PsDhOTTu6eZupFocoXWqpJMReQVXhxv
klLgCT4GajGN90ymY0hWtbssYF0KfwsFSdNPAtyNgSw9m+5Fe8EdxTX0byz1EFsX
AwwEbKFpI7N70Yig2t0jaaQZs5sEepBPv3oG8YMDYYoo/zKfETcNkz88pdOT4m3w
hZIles3463qTlADzt9WZH2yVWwzAv6yoBzbmLFljrA02A+wKeXWRM8c9JZwhWyjT
b7hwZB5hI8kzQAts8XoWNUiBvh2gwWIkrvDj/ffHj2WnTiQjFxZlsQhL+A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:43 2025 by rpki-client