Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/c-v3COicYYieIQsWWedVJ4N8s-Q.roa
File: c-v3COicYYieIQsWWedVJ4N8s-Q.roa (raw, json)
Hash identifier: iUm5R2R82htbWFoKUJrsStV+PY4GQkHJchFuDKQuNKA=
Subject key identifier: 73:EB:F7:08:E8:9C:61:88:9E:21:0B:16:59:E7:55:27:83:7C:B3:E4
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 0A7C95A1
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/c-v3COicYYieIQsWWedVJ4N8s-Q.roa
Signing time: Sat 01 Jan 2022 08:57:10 +0000
ROA not before: Sat 01 Jan 2022 08:57:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211327
IP address blocks: 213.142.134.0/24 maxlen: 32
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175936929 (0xa7c95a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jan 1 08:57:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73ebf708e89c61889e210b1659e75527837cb3e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ab:e2:9d:39:13:7b:8c:84:64:e7:16:d3:1a:
3d:2e:2e:4e:99:ed:14:49:bc:7d:78:0b:4f:d2:be:
95:f9:1f:d4:b3:77:7c:b4:15:a4:ad:9d:f1:96:13:
53:78:25:97:d4:c1:1a:61:a2:66:16:a0:ed:65:b9:
d6:ff:82:f3:a1:50:e3:31:8c:87:47:e4:3c:12:63:
63:04:d7:90:c7:bb:12:37:ad:22:9d:65:f2:f1:4a:
9c:7d:4c:1a:e8:9e:8b:93:df:8a:24:ab:a0:1c:1c:
a0:53:5d:60:45:ae:b7:dc:35:b9:b0:73:f8:e4:f0:
c7:ce:8a:c7:57:f0:5a:42:49:40:60:4c:f0:bf:dc:
87:36:61:64:d1:e6:5f:35:5e:07:13:8b:fc:e8:b6:
a2:d5:5b:7d:8d:78:9d:7f:e7:1f:83:26:ea:39:cb:
0c:2f:0e:81:89:0a:57:e0:c8:fd:2d:b6:d4:df:ff:
8a:c4:57:a7:80:80:81:68:9f:98:54:2e:c6:c9:5d:
cd:1c:02:73:9b:aa:9f:80:52:8e:58:e3:88:9d:cd:
3a:71:60:b7:46:7a:43:c1:7f:07:4b:d2:62:16:4a:
ca:8b:89:91:f8:02:bc:2e:90:35:6b:68:eb:99:2b:
ab:e3:15:ca:ef:a8:49:0f:96:4f:11:6a:58:98:cc:
c8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:EB:F7:08:E8:9C:61:88:9E:21:0B:16:59:E7:55:27:83:7C:B3:E4
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/c-v3COicYYieIQsWWedVJ4N8s-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.142.134.0/24
Signature Algorithm: sha256WithRSAEncryption
47:f4:09:d4:3d:cd:c8:83:bd:03:5b:65:15:be:cd:43:2a:e7:
a4:3e:40:da:4c:e0:3f:45:51:39:8b:38:5a:30:13:a3:82:e3:
a5:99:a1:07:4a:ee:bc:e6:8b:75:f5:84:ff:79:65:1d:f6:fa:
27:e0:e4:0e:5d:c2:ff:68:9c:2d:fa:76:91:07:aa:30:10:52:
09:b5:6c:6f:9e:60:43:58:65:5e:94:a4:a5:93:29:a1:27:6e:
8c:18:82:63:43:2a:df:1b:0c:9e:dd:73:80:3d:b1:6c:dc:48:
b6:fe:0f:4b:55:cc:3c:0c:f0:3f:35:f6:d7:95:30:7a:4a:73:
f1:72:91:e3:6a:f1:65:1e:32:b3:4b:56:6e:03:6c:1e:ac:6d:
e1:73:88:3e:5b:13:40:e0:37:11:b1:6b:6c:11:16:8a:b3:94:
dc:32:00:b6:3b:61:72:44:83:37:e3:05:24:87:00:7d:03:23:
54:26:bb:64:dc:ee:27:2f:b5:47:3a:e5:bc:2f:da:68:24:11:
29:74:ea:75:a8:e7:00:53:26:ec:36:a3:9a:86:ad:06:a7:83:
7d:3d:f6:1e:ce:a9:4b:fc:5d:55:3e:0f:6a:de:14:81:ff:4b:
d7:8f:99:b2:d1:b5:e5:9e:bb:be:51:cc:a6:5a:3a:87:f9:ad:
9e:08:10:e7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECnyVoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjcxZTliMTNmNWMzMzlhNTg2OTJlZWFiZTcyZWFhNDA2YmJiZDdkMB4XDTIyMDEw
MTA4NTcxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzNlYmY3MDhlODlj
NjE4ODllMjEwYjE2NTllNzU1Mjc4MzdjYjNlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWr4p05E3uMhGTnFtMaPS4uTpntFEm8fXgLT9K+lfkf1LN3
fLQVpK2d8ZYTU3gll9TBGmGiZhag7WW51v+C86FQ4zGMh0fkPBJjYwTXkMe7Ejet
Ip1l8vFKnH1MGuiei5PfiiSroBwcoFNdYEWut9w1ubBz+OTwx86Kx1fwWkJJQGBM
8L/chzZhZNHmXzVeBxOL/Oi2otVbfY14nX/nH4Mm6jnLDC8OgYkKV+DI/S221N//
isRXp4CAgWifmFQuxsldzRwCc5uqn4BSjljjiJ3NOnFgt0Z6Q8F/B0vSYhZKyouJ
kfgCvC6QNWto65krq+MVyu+oSQ+WTxFqWJjMyOECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRz6/cI6JxhiJ4hCxZZ51Ung3yz5DAfBgNVHSMEGDAWgBSrcemxP1wzmlhp
Luq+cuqkBru9fTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EzSHBzVDljTTVwWWFTN3F2bkxxcEFhN3ZYMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvNmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8x
L2MtdjNDT2ljWVlpZUlRc1dXZWRWSjROOHMtUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
NmJhMzljLWVmMWQtNGQ0OC05ODJiLWNmNGI5MDA5OTdhMC8xL3EzSHBzVDljTTVw
WWFTN3F2bkxxcEFhN3ZYMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWOhjANBgkqhkiG9w0BAQsFAAOC
AQEAR/QJ1D3NyIO9A1tlFb7NQyrnpD5A2kzgP0VROYs4WjATo4LjpZmhB0ruvOaL
dfWE/3llHfb6J+DkDl3C/2icLfp2kQeqMBBSCbVsb55gQ1hlXpSkpZMpoSdujBiC
Y0Mq3xsMnt1zgD2xbNxItv4PS1XMPAzwPzX215Uwekpz8XKR42rxZR4ys0tWbgNs
Hqxt4XOIPlsTQOA3EbFrbBEWirOU3DIAtjthckSDN+MFJIcAfQMjVCa7ZNzuJy+1
RzrlvC/aaCQRKXTqdajnAFMm7DajmoatBqeDfT32Hs6pS/xdVT4Pat4Ugf9L14+Z
stG15Z67vlHMplo6h/mtnggQ5w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:57 2025 by rpki-client