Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/cvWEo8h-6uWhFA_I87WxR6J2sUk.roa
File: cvWEo8h-6uWhFA_I87WxR6J2sUk.roa (raw, json)
Hash identifier: TWDUMqPT3AYN+8LA4GBmjSvAxS6OrpHHZvyMEqjyymg=
Subject key identifier: 72:F5:84:A3:C8:7E:EA:E5:A1:14:0F:C8:F3:B5:B1:47:A2:76:B1:49
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 018C164A651C56A2AED9F58F8B0C3EFDCD58
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/cvWEo8h-6uWhFA_I87WxR6J2sUk.roa
Signing time: Tue 28 Nov 2023 14:17:03 +0000
ROA not before: Tue 28 Nov 2023 14:17:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 213.142.136.0/24 maxlen: 24
213.142.137.0/24 maxlen: 24
213.142.144.0/24 maxlen: 32
213.142.145.0/24 maxlen: 32
213.142.142.0/24 maxlen: 32
213.142.152.0/23 maxlen: 24
213.142.128.0/24 maxlen: 24
213.142.129.0/24 maxlen: 24
213.142.131.0/24 maxlen: 24
213.142.132.0/24 maxlen: 24
213.142.130.0/24 maxlen: 24
91.151.92.0/24 maxlen: 24
80.253.252.0/22 maxlen: 24
91.151.80.0/24 maxlen: 24
91.151.82.0/24 maxlen: 24
91.151.91.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:4a:65:1c:56:a2:ae:d9:f5:8f:8b:0c:3e:fd:cd:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Nov 28 14:17:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72f584a3c87eeae5a1140fc8f3b5b147a276b149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:95:a4:c6:a8:e8:fa:6f:60:c0:01:df:df:91:
90:2c:bf:a8:23:39:02:27:2f:bf:f2:8a:90:ed:3d:
42:7d:6b:e1:21:d7:04:8e:0a:ae:42:25:32:5c:5d:
7c:4f:4a:ed:e7:ba:48:cc:01:13:46:05:95:16:93:
46:17:d6:05:a4:61:86:fa:79:93:9d:70:77:e8:7f:
c5:fa:e6:81:89:d4:51:08:7b:9d:a0:63:5d:ad:73:
a1:28:67:99:e3:b8:16:84:e9:5c:e3:53:0d:77:5a:
72:e4:b4:7f:13:43:37:88:e5:7a:90:de:c0:48:05:
bf:ee:a6:f1:d3:91:79:9a:bd:da:8d:7a:c8:51:c1:
73:86:f8:6a:47:f0:54:63:5d:b0:bd:c0:87:e9:f3:
ba:55:23:c8:1d:ea:ac:a8:6e:61:e6:1b:cc:a3:7e:
30:ea:89:a6:a4:93:6e:8a:fe:e1:72:12:5c:57:5c:
fa:55:0d:c0:e5:6a:63:86:79:64:c6:e3:9e:01:aa:
bf:2d:b3:cb:e6:1f:fa:c9:a8:59:2e:0a:8a:e9:7e:
07:70:03:a4:32:05:49:9d:e1:b2:77:86:1c:be:71:
79:f3:79:60:ac:b1:05:61:72:90:17:72:61:e8:1d:
f3:5f:b0:7d:26:f0:21:bf:95:a7:45:0d:94:c8:36:
27:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F5:84:A3:C8:7E:EA:E5:A1:14:0F:C8:F3:B5:B1:47:A2:76:B1:49
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/cvWEo8h-6uWhFA_I87WxR6J2sUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.252.0/22
91.151.80.0/24
91.151.82.0/24
91.151.91.0-91.151.92.255
213.142.128.0-213.142.132.255
213.142.136.0/23
213.142.142.0/24
213.142.144.0/23
213.142.152.0/23
Signature Algorithm: sha256WithRSAEncryption
d2:5b:7d:78:8a:df:84:5f:c1:78:1d:11:12:ec:97:2a:ff:23:
73:18:71:71:1c:46:a9:05:42:d4:1a:d8:00:08:20:e9:ba:94:
f4:ed:9f:55:c9:49:d3:2d:5d:e0:76:92:88:61:ed:cc:6a:c7:
c1:57:da:e8:3a:9a:ae:f2:5b:28:dc:ed:75:aa:7e:ea:d4:95:
e4:28:59:30:c8:c5:23:39:05:55:42:45:9e:2e:f7:cf:94:4b:
01:73:80:bf:90:2d:7f:f1:66:dc:e1:33:54:1c:c6:2d:94:32:
d5:73:13:8b:5b:49:50:ba:64:34:67:ca:c6:b3:a9:0c:d1:da:
b8:fe:96:96:5a:b5:c2:9f:94:8d:f6:41:e6:1b:7e:48:d8:9c:
c7:2f:85:25:55:3e:f4:0b:e1:16:b9:57:d1:c7:0a:3a:04:08:
aa:40:dc:17:c6:44:0d:25:67:1a:1f:52:63:33:4a:7e:b9:f0:
74:f5:f5:c5:6a:7e:cc:50:eb:16:a6:eb:40:92:91:c2:ce:0d:
c5:82:7a:5d:99:d8:6b:b8:d2:8f:0a:ad:66:c4:fe:e7:91:ec:
6d:73:aa:42:19:4c:52:25:67:7b:fa:95:ca:85:41:c0:b4:46:
4a:e5:1d:a6:63:f5:68:62:f4:00:98:12:8d:24:f0:99:c6:6b:
1a:7e:b6:ea
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYwWSmUcVqKu2fWPiww+/c1YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMxMTI4MTQxNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmY1ODRhM2M4N2VlYWU1YTExNDBmYzhmM2I1YjE0N2EyNzZiMTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpWkxqjo+m9gwAHf35GQLL+oIzkC
Jy+/8oqQ7T1CfWvhIdcEjgquQiUyXF18T0rt57pIzAETRgWVFpNGF9YFpGGG+nmT
nXB36H/F+uaBidRRCHudoGNdrXOhKGeZ47gWhOlc41MNd1py5LR/E0M3iOV6kN7A
SAW/7qbx05F5mr3ajXrIUcFzhvhqR/BUY12wvcCH6fO6VSPIHeqsqG5h5hvMo34w
6ommpJNuiv7hchJcV1z6VQ3A5WpjhnlkxuOeAaq/LbPL5h/6yahZLgqK6X4HcAOk
MgVJneGyd4YcvnF583lgrLEFYXKQF3Jh6B3zX7B9JvAhv5WnRQ2UyDYnCQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFHL1hKPIfurloRQPyPO1sUeidrFJMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvY3ZXRW84aC02dVdoRkFfSTg3V3hSNkoyc1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQCUP38AwQA
W5dQAwQAW5dSMAwDBABbl1sDBABbl1wwDAMEB9WOgAMEANWOhAMEAdWOiAMEANWO
jgMEAdWOkAMEAdWOmDANBgkqhkiG9w0BAQsFAAOCAQEA0lt9eIrfhF/BeB0REuyX
Kv8jcxhxcRxGqQVC1BrYAAgg6bqU9O2fVclJ0y1d4HaSiGHtzGrHwVfa6DqarvJb
KNztdap+6tSV5ChZMMjFIzkFVUJFni73z5RLAXOAv5Atf/Fm3OEzVBzGLZQy1XMT
i1tJULpkNGfKxrOpDNHauP6Wllq1wp+UjfZB5ht+SNicxy+FJVU+9AvhFrlX0ccK
OgQIqkDcF8ZEDSVnGh9SYzNKfrnwdPX1xWp+zFDrFqbrQJKRws4NxYJ6XZnYa7jS
jwqtZsT+55HsbXOqQhlMUiVne/qVyoVBwLRGSuUdpmP1aGL0AJgSjSTwmcZrGn62
6g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:38 2024 by rpki-client on console-ams.rpki-client.org